Press "Enter" to skip to content

Spear-phishing up and the four strains of ransomware

Barracuda released new data on spear-phishing.   The report found that the average employees at smaller businesses, which have less than 100 employees, will experience 350% more social engineering attacks than an employee of a larger enterprise. That doesn’t mean that smaller businesses are more targeted than large, simply that because they are smaller, an individual employee will see more attacks. Merely seeing more threats per person shouldn’t make a company safer or less safe.

Researchers at Zimperium have analyzed hundreds of thousands of phishing websites and found that there’s been a significant rise in websites explicitly designed for mobile phishing attacks, now making up three-quarters of all phishing sites.   Mobile is the new risk area.  

And in an analysis by cybersecurity company Intel 471, four types of ransomware make up nearly three-quarters of reported incidents.   Almost one in five reported incidents involved Conti ransomware, famous for several incidents over the past year, and nearly 30% of incidents were LockBit 2.0.  

Speaking of Conti, while they had a pretty significant leak… and it turns out, the damage didn’t last.  Experts say the notorious ransomware gang has pivoted all too easily, replacing much of the infrastructure exposed in the leaks while moving quickly to hit new targets with ransom demands. 

So just in time, NIST has detailed appropriate ways to assess an organization’s adherence to the agency’s go-to list of enhanced security requirements for protecting controlled but unclassified information.     

Why do we care?

A smaller company will have individual employees seeing more attacks.  This SHOULD result in more ability to train them – and one has to do the training to get protection.  And with the risk now on mobile too, so much more important.

There’s a certain comfort for me in the knowledge that there are four strains to focus on – the problem is less technical sophistication and more volume and ease of digital deployment.   Not to say those aren’t massive problems…. But it’s the systemized nature of the opponent more than their raw technical diversity.   

I have an interview coming out this weekend discussing the cybersecurity landscape related to the war in Ukraine – look for that.