Employees on the frontline of cyber defense – report

In
the
first
quarter
of
2022,
employees
found
themselves
more
than
ever
at
the
frontline
of
cyber
defense,
according
to
a
new
report
from
Kroll.

Employees on the frontline of cyber defense - report

In
the
first
quarter
of
2022,
employees
found
themselves
more
than
ever
at
the
frontline
of
cyber
defense,
according
to
a
new
report
from
Kroll. 

In
part,
this
was
down
to
a
54%
increase
in
phishing
attacks
being
responsible
for
initial
attacker
access,
beating
out
vulnerability
exploitation
and
third-party
vulnerabilities
among
others.
It
was
also
due
to
an
increase
in
email
compromise
being
used
for
extortion.

Kroll
Threat
Landscape
report
showed
that
in
one
real-world
case,
a
phishing
email
was
sent
to
an
IT
department,
clicked
by
an
end-user,
who
then
entered
their
log-in
credentials.
With
the
threat
actor
now
having
access
to
global
admin
credentials,
they
were
able
to
gain
access
to
the
system,
take
over
multiple
email
accounts
belonging
to
IT
staff
and
C-level
employees
and
download
sensitive
data.
A
ransom
note
was
left,
demanding
payment
to
end
the
attack
and
employees
were
targeted
via
text
message,
email
and
even
social
media
to
pressure
victims
into
meeting
their
demands.
Notably,
no
ransomware
or
encryption
was
used
in
the
attack.

“As
Australia
joins
forces
with
governments
around
the
world
to
warn
of
cyber
threats
to
critical
infrastructure,
we
should
remember
how
many
of
these
large
scale
attacks
start
on
a
much
smaller
scale,”
says
Alex
Nixon,
senior
vice
president,
cyber
risk,
Kroll.

“Often
beginning
as
phishing
attacks
or
email
compromise,
attackers
will
elevate
their
privileges
once
an
initial
foothold
is
gained
inside
an
organisation.
 
“This
global
threat
report
demonstrates
what
we
are
seeing
here
in
Australia
is
not
unique,
but
demonstrative
of
worldwide
cybercrime
trends,”
says
Nixon. 

“The
Office
of
the
Australian
Information
Commissioners
latest
Notifiable
Data
Breaches
Report
cited
that
phishing
attacks
resulting
in
compromised
credentials
were
responsible
for
32%
of
data
breaches
in
Australia
in
the
second
half
of
2021. 

“This
tallies
with
our
Threat
Landscape
report,
showing
an
increase
in
the
number
of
phishing
attacks
as
an
initial
access
method,
and
reminds
us
that
security
must
be
built
into
the
fabric
of
an
organisation
it
truly
is
everyone’s
business.”
 
Laurie
Iacono,
associate
managing
director
for
cyber
risk
at
Kroll,
adds,
“Employees
are
undoubtedly
an
important
line
of
defense
for
any
company.

“Security
training
programs
need
to
enhance
cyber
awareness
among
employees
and
firms
should
encourage
a
culture
where
raising
concerns
and
reporting
suspicious
issues
is
a
positive
thing,”
Iacono
says. 

“Our
latest
Kroll
Threat
Landscape
Report
underlines
this
more
than
ever,
as
in
the
last
quarter
employees
faced
not
only
phishing
attacks
but
email
compromises
which
lead
to
extortion
or
the
introduction
of
malware.”

The
Kroll
Threat
Landscape
report
showed
the
continued
use
of
relatively
recently
exposed
vulnerabilities.
While
2021
will
be
remembered
as
the
year
of
the
vulnerability,
2022,
particularly
the
first
quarter,
will
go
down
as
the
year
that
threat
actor
groups
such
as
ransomware
gangs
harnessed
those
vulnerabilities
to
launch
more
destructive
attacks.
 

For
instance,
while
most
activity
around
Log4j
exploitation
in
Q4
2021
revolved
around
cryptominers,
threat
actors
from
multiple
ransomware
gangs
leveraged
the
vulnerability
to
set
the
stage
for
network
encryption
in
Q1
2022.

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.