The cybersecurity company, Prof Point, has revealed the results of its annual human-centered report, which highlights the ways in which individual hackers target, rather than target systems and infrastructure, to install malware and then initiate fraudulent transactions and data theft. And more.
The report, based on an 18-month in-depth analysis of data collected through the global customer base of Pro Point, highlights trends in cyber attacks to help organizations and users stay electronically secure.
Kevin Epstein, Vice President of Threat Point Operations, said: "Vandals are highly targeted because of the ease of sending fake e-mails, stealing credentials, uploading malicious attachments to cloud applications, and the greater profitability of costly exploitations that take time. He pointed out that more than 99% of cyber attacks rely on human interaction at work, which makes individual users the last line of defense, and in order to reduce these risks, organizations need to adopt a comprehensive approach to cybersecurity focused on individuals and includes Effective security awareness received training multilevel defenses and provide a clear vision for the users most vulnerable to attacks. "
"Cyber attacks are becoming more sophisticated, with the technological advances of our time," said Emil Abu Saleh, regional director of Prof Point in the Middle East and Africa. "Vandals are always focused on targeting people, exploiting their roles within the company and enticing them to do the clicking." The most common times when people click on links show significant regional differences, for example, users in the Middle East and Europe are likely to click in the middle of the day after lunch and late into the evening, reflecting the importance of time shifting. to Business performance and tasks with North America and staff organizations. "
The report concluded that more than 99% of the perceived threats require human interaction in order to achieve damage, whether opening a file, following a link, or opening a document, demonstrating the importance of social engineering for successful and targeted operations. The best phishing attacks were targeted to steal credentials, create feedback loops that are likely to report future attacks, side action, internal phishing, and more.
The report said that saboteurs are improving their tools and techniques in search of financial profit and theft of information. Although attacks by individuals were more common when cyber-attacks began to appear for the first time, saboteurs succeeded in carrying out attacks using more than five identities against more than five individuals in the targeted companies.
The most important malware families over the past 18 months include "Trojans" targeted at banks and information theft, Trojans used to remotely connect "RATs" and other non-destructive breeds designed to stay on infected devices and steal data that may provide future benefits to spoilers.
Individual-based threats are numerous as saboteurs target individuals - not necessarily traditional dignitaries. They often target individuals who have been attacked in the past. These users are likely to be targets of a threat or those with easily searchable addresses and access to sensitive money and data.
For institutions that are at risk from cyberattacks, the education, finance and advertising sectors continue to lead the most vulnerable cyberattacks, reflecting the severity and risks of cyberattack. The education sector is often subjected to the highest degree of serious attacks, and the financial services sector is also subject to relatively high cyberattacks with fewer individuals targeted by many previous attacks.