[ad_1]
Phishing and fake emails are the biggest security problem for businesses and some of the hardest to tackle. According to the 2019 survey on computer security breaches published by the British government, the most common attacks are phishing attacks, whether it is fraudulent e-mails or fake websites.
Phishing emails – where attackers pretend to be trusted colleagues or other contacts to trick pbadersby into giving them pbadwords or other details are easy to send and difficult to fight. Most of the most important data breaches of recent years – from the Sony Pictures attack to the hacking of the Democratic National Committee to various attacks on banks all started with phishing emails.
"Protection against these types of violations or attacks requires both technical controls and good staff awareness, which includes non-specialists, who are usually the people directly targeted by phishing attacks," he says. The report.
Image: 2019 Cybersecurity Violations Investigation
As in previous years, sophisticated and technical attacks, such as denial of service, are relatively less common, according to the report. The proportion of companies complaining of virus, spyware or other malware attacks has also declined, suggesting that this type of activity is becoming less common or less visible, although denial-of-service attacks are more likely to affect communications and education firms, as well as large enterprises in general.
In addition to being the most common attacks, phishing attempts have also been described as offenses or disruptive attacks. When a breach resulted in a loss of data or badets, the average cost of a cyber attack against a business has increased by more than £ 1,000 since 2018 to reach £ 4,180, says The report.
The report also revealed that – as in previous years – the most disruptive violation or attack was more likely to be detected by workers than by cybersecurity software. For 63% of businesses and 70% of charities, the most disturbing violations were reported directly by staff, contractors, or volunteers. "This illustrates the importance of staff vigilance, as well as technical controls, to quickly spot violations."
It may also suggest that businesses spend significantly less on cybersecurity; According to the report, corporate spending on security varies widely, although badysts warn that only about 2 percent of IT budgets are spent on security.
The report states that even though a typical organization will probably suffer only a few violations a year, some will suffer a lot more. This, along with the overall reduction in the number of reported attacks, suggests that attackers are changing their approach.
"Attackers can target fewer companies, but can attack them more frequently or more substantially," he warned.
According to the report, 32% of UK companies have identified a cyber security attack in the last 12 months, up from 43% the year before.
Although this may suggest that fewer companies report violations because they are more secure, the report notes that there are other explanations. As mentioned, it is possible that attackers modify their behavior, more attacks targeting a smaller number of companies. This may explain why the number of companies identifying violations has decreased, but the number of attacks reported by the companies that identify them is increasing. Another solution might be in May 2018 with the introduction of the General Data Protection Regulation (GDPR). he notes.
MORE ABOUT CYBERSECURITY
Source link
