Why Ransomware and BEC Attacks Are So Successful
In 2021, ransomware remains an extremely impactful threat, with an estimated attack occurring every 11 seconds. Not only is the frequency of ransomware increasing, but it is reported the average ransom fee has increased from $5,000 in 2018 to $200,000 today, with several recent payouts crossing the $10M mark. With all of the recent spotlight on growing ransomware attack volumes and damages arising from phishing, business email compromise and account takeovers, you would certainly want to believe the cybersecurity industry would be focused on increasing security controls and detection policies to prevent such attacks.
From 2020 to 2021, SecureSky’s Global Threat Intelligence Center found among all clients that while some strides were made, unfortunately, it is still way too easy to infiltrate an organization’s email system.
While the average security score among SecureSky clients surveyed almost doubled from 2020 to 2021, the 2021 averages still indicate that only half of the available security controls and detection policies are enabled, obviously leaving the door wide open for ransomware and other malicious attacks.
Looking at the results by industry is also shows several notable trends. The Financial and HealthCare sectors made significant strides but note the scale of this graph shows even the “leading” business sectors are topping out at approximately the 60% mark, leaving 40% unaddressed or misconfigured protections. Pathetically, the legal sector has only enabled, on average, slightly under 20% of available controls and showed no improvement from 2020 to 2021.
The good news is protective controls really can be dramatically improved and quickly if adequate attention is paid to the process. Below are year-over-year scores of three actual SecureSky clients, all of which came to SecureSky in 2020 with significant risk and have made a considerable positive impact in one year, without additional licensing spend.
The substantive improvements were seen with these three representative clients when they deployed SecureSky’s SaaS Security Posture Management (SSPM) tool, the Active Protection Platform, which provides continuous assessment, validation, and enforcement of hardened security standards and detection policies. In addition, each client has embraced SecureSky’s methodology of continuously improving protective controls and lowering their business communication platforms and overall cloud risk.
SecureSky’s Research and Threat Intelligence teams are committed to reduction of cyber security risk and evolving cloud attack techniques in both SaaS and IaaS cloud environments. Check out our other blogs at https://blog.securesky.com/.
Thank you for reading the SecureSky Dynamic Cloud Security Blog.
For more information about SecureSky, or assistance in protecting your Microsoft Teams and cloud SaaS and IaaS environments, please contact us at:
+1 833.473.2759 (+1 833.4SecSky)