In 2019, nearly one-third (31 percent) of all cyber incidents we investigated had a known infection vector that could be traced back to a malicious email or phishing attack. In the “Launch Attack” phase, phishing is the critical bottleneck that, if successfully defended against, can make a substantial difference in the risk and impact the organization may face.įigure 1: IBM X-Force IRIS Cyberattack Preparation and Execution Framework Phishing attacks are also the phase that occurs at a critical juncture in the X-Force IRIS Cyber Preparation and Attack Frameworks, a model we use to assess threat actors’ activity.
X-Force IRIS assists clients in responding to cyberattacks and data breaches on a daily basis, from forensic research to in-depth intelligence, giving our team a front-row perspective of the types of attacks organizations face and how threat actors most likely found a way inside.Īccording to X-Force IRIS data, phishing attacks are the most common known attack vector for malicious cyber actors who target organizations. View From the Front Line: Phishing Still a Top Entry Point While the plague of phishing is unlikely to wane in the near future, having current data on the severity of the problem and a few remediation measures in one’s back pocket can assist organizations in addressing risks more effectively. To explore the current state of phishing against enterprise networks, this blog will pair the perspectives of X-Force IRIS, our front-line response and intelligence teams, and X-Force Red, our team of veteran hackers who are hired to run phishing attacks against real organizations, to present new data and analysis. Of those, 68 percent appear to use it as their only infection vector, according to information from our ongoing analyses. IBM X-Force IRIS has found that 84 percent of the APT groups we track use spear phishing as a primary infection vector.
These groups are some of the most advanced cyberthreat actors in the world, underscoring the reliability of, and risk from, phishing as an attack vector. Many advanced persistent threat (APT) groups use phishing as a means of delivering malware, remote access Trojans (RATs) or malicious links to recipients. Their ability to create authentic-looking emails with believable logos, letterheads, wording and topics of interest to the target audience continues to fool even the most security-savvy users into opening an attachment or clicking on a malicious link. Even as training for employees and end users improves, so do the tactics of threat actors crafting and deploying phishing emails. Phishers prey on human emotion and the urge to act on written words, and since phishing is so ubiquitous in our work environments, it is a constant threat. In 20, attackers used phishing as an entry point for one-third of all attacks tracked by IBM X-Force Incident Response and Intelligence Services (IRIS) - the most commonly used of all known attack vectors. Phishing has long been an infection vector of choice for threat actors, and for good reason - it is relatively easy, inexpensive and consistently successful.
0 kommentar(er)
