Remote working shift prompts increase in phishing attacks
CLOUD & CYBER attacks are highly targeted to a specific potential individual or set of individuals , and often feature highly-detailed personal information intended to deceive . As this type of attack is more personalised , the success rate for the attacker is higher . According to cybersecurity firm FireEye , spear-phishing emails have an open rate of 70 %, with 50 % of recipients opening enclosed links .
Spear-phishing attacks can be particularly hard to detect , as network security company Barracuda says . Traditional email security relies on reputation analysis , block lists , and signature-matching of malicious attachments and URLs . Spear phishing attacks are carefully designed to pass these checks and go undetected . They often do not have a malicious payload that traditional security can detect , and they often come from high-reputation sender domains or already compromised accounts .
“ It ' s getting harder and harder for regular users to recognise targeted phishing emails and spear phishing attacks ,” Keiron Holyome , BlackBerry ’ s Vice President – UKI , Middle East & Africa , comments . “ This means that when employees are working from home or outside the office , they must be extra vigilant , working with their employer to defend effectively against phishing .
“ Employees are essential in preventing phishing attacks by adhering to security policies , ensuring all of their devices are secured by security software , and immediately installing automatic updates ,” adds Holyome . “ Employers may increase employee knowledge of phishing by providing regular staff training as well as endpoint security measures for both company-owned and employee-owned devices that can be used both online and offline .”
Remote working shift prompts increase in phishing attacks
Research by automation platform
Ivanti has found that the global shift to remote work has exacerbated the onslaught ,
sophistication and impact of phishing attacks . Nearly three-quarters ( 74 %) of respondents said their organisations have fallen victim to a phishing attack in the last year .
Implementing zero trust With the rapid increase in remote working , how can organisations overcome security threats ? As Srinivas Mukkamala , Ivanti ’ s Senior Vice President of Security Products , explains , the answer could be in implementing zero trust .
Zero-trust security requires organisations to continually verify any and all devices that are connected to its network every single time with zero exceptions . As part of a zerotrust strategy , organisations should leverage machine learning to conduct continuous device posture assessment , role-based user access control , and location awareness before granting access to data .
technologymagazine . com 85