Printed from BusinessInsurance.com

Phishing remains most popular cyberattack vector: Report

Posted On: Apr. 5, 2019 2:20 PM CST

Phishing

Hackers continue to use phishing as their primary means of gaining access to firms’ systems, says a law firm in a data security incident response report.

Phishing was the attack vector in 37% of the more than 750 incidents that Cleveland-based Baker & Hostetler LLP helped manage in 2018, according to its fifth annual Data Security Incident Response Report, issued Friday.

Phishing “is simple and effective, and it often goes undetected,” says the report. “The most common phishing scenario we saw was a message designed to trick a user into providing Office 365 account credentials,“ the report said.

As more assets are moving into the cloud “where they can be accessed with just a username and password, the importance of using a multipronged approach to address this risk is critical,” the report says.

Phishing was followed closely by network intrusions, with some form of intrusion occurring in 30% of incidents, the report said,

The report also analyzes ransomware, reporting that 91% of the time an encryption key was received when the ransom was paid. The average ransom paid last year was $28,920 according to the report, with $250,000 the largest ransom paid in 2018, although in 2019 three firms had already paid ransoms of at least $1 million.

The report states that while entities feel compelled to be transparent by making an external statement early in an incident’s investigation, “Unfortunately, these early statements are often wrong. Within the first 72 hours of awareness, most entities have not even contained the incident, let alone learned its scope.”

The report also states that over the past several years, there has been a split in the types of litigation filed in response to these incidents. As entities have taken measures to reduce incidents involving the loss or theft of unencrypted data, class actions filed over data’s physical theft have decreased and class actions involving criminal attacks on networks have increased, according to the report.

Chubb Corp. said in a report issued in February that small- and medium-sized entities are particular targets of cyber criminals as these firms increasingly digitally transform their business processes, although there are steps they can take to protect themselves.