Intelligent CIO Middle East Issue 35 | Page 20

LATEST INTELLIGENCE BEST PRACTICES FOR PROTECTING AGAINST PHISHING RANSOMWARE AND EMAIL FRAUD PRESENTED BY O verview Security teams and the organisations they support live in difficult times: they increasingly are the targets of sophisticated threats developed by a shadowy and very well financed cybercrime industry that has demonstrated it can often outsmart even the most robust security defences. Cybercriminals are aided by the fact that security teams often lack the human and financial resources necessary to keep pace, and so often cannot defend against the latest threats that are directed against them. Download whitepaper here Add to this the fact that security teams often support users who unwittingly aid cybercriminals (or occasionally become them) through mistakes or intentional acts that can result in the loss of sensitive data or corporate funds. Consider what security teams are up against: • Cryptocurrency mining on endpoints increased by 8,500% during 2017 and the trend is accelerating: one vendor found that the deployment of illicit 20 INTELLIGENTCIO • • • • • cryptomining scripts grew by 725 % during a four month period ending in January 2018. The practice of injecting malware into software updates increased by 200 % during 2017. The number of web application vulnerabilities increased by 212 % in 2017, and more than one- half of these vulnerabilities have a public exploit that hackers can use. There was a 54 % increase in mobile malware during 2017. In February 2018, there was one phishing attempt in every 3,331 emails and one piece of malware for every 645 emails. That means that in an organisation of 500 email users who receive a median of 100 emails per day, the security infrastructure will receive 15 phishing attempts and 77 pieces of malware each day. While the massive ransomware campaigns we saw in 2015 and 2016 have abated to some extent, we continue to see targeted ransomware campaigns focused on specific industries like healthcare and government, among others. Moreover, the number of ransomware variants continues to increase: one source found a 74% www.intelligentcio.com