Aamir Lakhani/Contributor

One significant finding published in our 1H 2022 FortiGuard Labs Threat Report is that ransomware is rampant. 

We’re seeing ransomware attacks becoming more sophisticated and aggressive, with attackers introducing new strains and updating, enhancing, and reusing old ones. What’s especially concerning as we look back at the first half of 2022 is that the number of new ransomware variants we identified increased by nearly 100 per cent compared to the previous six-month period. How does ransomware make its way into an organisation in the first place? Ransomware can be delivered to an unsuspecting victim in many ways. Yet according to research, phishing is the number one attack vector associated with ransomware. This is why it’s critical for all employees to be cyber aware and cybersecurity training can make the difference from being one click away from a breach. 

What is Phishing?

A phishing attack is a type of cybersecurity threat that often targets users directly through email, text message, or on social media. During one of these scams, the attacker poses as a trusted contact to steal sensitive data like login credentials, account numbers, and credit card information. Phishing attempts can be diverse, as attackers are continually becoming more sophisticated and creative with their techniques. Some well-known types of phishing attacks include spear phishing, clone phishing, vishing, whaling, snowshoeing, and business email compromise, to name a few. What unites these exploits is that they share a common goal: identity theft or the transfer of malware.

5 actions security teams can take to combat phishing

When it comes to preventing cyberattacks like phishing, your security team and your organisation’s employees both have important roles to play. From having the right technologies to implementing organisation-wide cybersecurity training programmes, there are many simple actions enterprises can take to improve their security posture and defend against potential compromises: 

1.    Enable spam filters: This is perhaps the most basic defense an organisation can take against phishing. Spam filters are helpful because they provide an extra layer of security for your network, which is especially important given the popularity of email as an attack vector.

2.    Update software regularly: Make sure that the software and operating systems your organisation uses are updated regularly, patching can harden vulnerable software and operating systems against certain attacks. 

3.    Implement Multi-Factor Authentication (MFA): MFA requires a user to leverage multiple pieces of information before logging into a corporate network and gaining access to its resources. Generally, this requires implementing at least two of the three elements of MFA: something you know (password or PIN), something you have (physical token), and something you are (fingerprint, iris scan, or voice recognition).

4.    Back-up data: All corporate data should be encrypted and backed up regularly, which is critical in the case of a breach or compromise. 

5.    Block unreliable websites: Use a web filter to block access to malicious websites in the event an employee inadvertently clicks on a malicious link.

Help the Employees Spot Phishing Attempts

According to the Verizon Data Breach Investigations Report for 2022, 82 per cent of successful breaches involved the human element. While having the right security technologies and processes in place is undoubtedly critical for protecting an organisation, humans are often the weakest link in an enterprise’s cybersecurity ecosystem. Hence, educating employees on cybersecurity best practices is a must. 

When implementing an ongoing, organisation-wide education programme, identify key areas to cover that present the biggest risks to the end user (and inevitably your business). For example, Fortinet’s Security Awareness and Training service provides organisations with education programmes to help create a cyber-aware culture in which employees are more likely to recognise and avoid falling for common cyberattack attempts. 

While phishing is a popular attack technique among cybercriminals, the reality is that it’s just the tip of the iceberg. Cybercriminals are frequently adding new techniques to their playbooks to sidestep defense mechanisms, evade detection, and scale their operations. Our threat intelligence shows that cybercriminals are finding new attack vectors to experiment with related to familiar exploits and increasing the frequency with which they execute them. 

As a result, security teams must be more agile than ever before, making integrated security solutions and cybersecurity trainings a must-have for any organisation. As cybercriminals constantly find new ways to infiltrate networks, this type of holistic approach to security has never been more vital.

– Aamir Lakhani is global security strategist and researcher at Fortinet