Phishing attacks have proven to be much more successful in 2023 than in previous years, claims a new report from SASE experts Netskope.
According to the article, threat actors were three times more successful in their phishing, compared to attacks at the end of 2022. The success rate is still relatively low, the researchers said, also thanks to improvements in anti-phishing filters. as user awareness.
The latest increase is due to hackers using more personal email accounts in their attacks.
Chinese, Russian and Ukrainian attackers
So far this year, the number of people downloading a phishing attachment from a personal webmail app compared to managed organization webmail apps is 16 times higher. More than half (55%) of the malware people wanted to download was deployed through cloud apps, the most popular delivery method. Microsoft OneDrive, which Netskope describes as “the most popular cloud app in the enterprise,” hosted more than a quarter of all cloud malware downloads.
For Ray Canzanese, Director of Threat Research at Netskope Threat Labs, good defense starts with a long, hard look in the mirror: “If organizations can look at who our main adversaries are and the incentives that motivate them, then you can look at your watching defense. and ask, ‘What protection do I have against these tactics and techniques? How will this help me better determine what my defensive strategy should be?’”
“If you can defend yourself effectively against the techniques described in the report, you will defend yourself effectively against a very large group of opponents. No matter who you’re up against, you’re going to have defense mechanisms.”
The most successful criminal organizations are in Russia and Ukraine, while the most dangerous geopolitical groups (which typically prey on sensitive data against targets in the financial services and healthcare industries) come from China, Netskope claims. TrickBot developers Wizard Spider were seen as the top group trying to target users of the Netskope Security Cloud platform.
Geopolitical groups tend to target Africa, Asia, Latin America and the Middle East, while financially motivated groups tend to target Australia and North America.