It sounds bold, claiming that phishing is 2018’s #1 security risk to businesses. It can’t possibly be true; this simple email trick that has been around for ages can’t really be wrecking that much havoc.
But that’s where naiveté becomes our greatest weakness. And we know what they say about assumptions.
If you don’t believe it, here are a few of the latest stats released about the impact of phishing on businesses in 2017:
- 25-32% of staff are “phish-prone employees” –those most likely to fall prey to a phishing scam.
- 14.5 billion emails infected with malware sent in 2017
- 1000% increase in phishing attacks from 2016 to 2017
The Top Security Risk of the Decade – Ransomware
Another top security risk of the last few years that will continue into 2018 is ransomware – attacks where cyber criminals gain access to your network and use malware to encrypt your data, taking it hostage until a ransom is paid. These ransoms are not always large in monetary sum but can be difficult to pay due to their dark web nature, requiring the purchase of bit coins and complicated transfers to complete. So, on top of the cost to regain access to your critical files, your company can experience significant downtime in the process.
- 42% of orgs experienced a ransomware attack in 2017, up 40% from 2016
- 50% of companies experienced a cyberattack motivated by ransom in the past year
- 1.9 billion data records were lost or stolen as a result of cyberattacks in the first six months of 2017 alone
Spear phishing – where ransomware and phishing unite
Spear phishing efforts are one of the leading causes of ransomware attacks on organizations. Given that one in four employees are tempted to click on malicious phishing links, it’s easy for cyber criminals to gain access to your network.
Most people think of phishing as the Nigerian prince sending an email offering to deposit hundreds of thousands of dollars into your bank account, if you would only give them access. Those are the phishing dreams of yesteryear. These days, spear phishing campaigns are so sophisticated that even the most trained professional can have difficulties detecting them.
In fact, the historic hacking and exposure of the 2016 Democratic National Committee email systems was caused by a simple phishing campaign that the individual sent to IT to verify before clicking.
To be fair, it was caused by the IT technician accidentally typing “legitimate” instead of “illegitimate” in their response, leading the individual to believe the email was safe. But it just goes to show how dangerous phishing scams are, and how human error – the number one reason phishing is so popular in the first place – can lead to great catastrophe.
Could you detect a phishing email? Do you even know what one looks like these days? If you don’t, you can guess your staff doesn’t either, and your company is in serious danger of an attack.
Applied Tech is renowned for our top of the line security solutions – like our Security and Recovery service, our Total Security Approach, and our TechCare Security and Monitoring. It’s not just that we use the highest quality security software and protocols (we do), but we are also as equally invested in our clients’ protection as they are. Most IT companies not offering managed services will charge extra in the event of a security breach (yes, the one they were paid to prevent), making it in their best interest for a break to occur. But at Applied Tech, we make it a practice to not profit off your misfortune. We take pride in protecting your company – and if you think about it, as your managed IT provider, it’s in our best interest too.
Applied Tech can protect your organization from the always evolving security threat landscape. You can also contact us below or call us at 855-729-1300 for more information.