Blog courtesy of KnowBe4
Written by Stu Sjouwerman
Analysis of data collected by Internet and security services vendor Akamai shows an unimaginable number of cyberattacks, demonstrating how frequently these attacks are happening.
If you’ve been paying attention at all the last few years, you’re already keenly aware that cyberattacks are an ongoing problem, with attack attempts occurring every day. But new Akamai data analysed by VPN vendor Atlas VPN shows there are nearly 17,000 cyberattacks against organisations around the globe every second. Considering Akamai processes somewhere between 15-30% of the world’s Internet traffic, this new analysis speaks volumes representing much of the world.
According to the data, the breakdown of the attacks is as follows:
- 72% of attacks involved malware
- 22% were command & control (that is, the attacker takes over control of a system and then steals or deletes data)
- 5% of attacks were strictly phishing attacks
Source: Akamai
According to the article, the delineation between when phishing is and is not used in the other types attacks is not clear, stating that C&C and malware attacks can be a part of phishing attacks. I’m curious about this lack of clarity, as there are really only a few initial attack vectors possible today:
- Vulnerabilities in applications and operating systems
- Web-based attacks
- Remote desktop attacks (RDP)
- Phishing attacks
Given that malware attacks rely on gaining access to an endpoint or server, it makes sense that phishing and/or RDP attacks are likely used in a majority of the largest segment of the Atlas VPN analysis.
Whether phishing attacks represent 5% of attacks on your organisation or (in my opinion) the majority of them, it’s necessary to stop phishing by empowering users to spot suspicious content immediately through Security Awareness Training so they won’t interact with and engage the potentially malicious links, attachments, or email content.
Free Phishing Security Test
Would your users fall for convincing phishing attacks? Take the first step now and find out before the bad guys do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.
Here's how it works:
- Immediately start your test for up to 100 users (no need to talk to anyone)
- Select from 20+ languages and customise the phishing test template based on your environment
- Choose the landing page your users see after they click
- Show users which red flags they missed, or a 404 page
- Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
- See how your organisation compares to others in your industry