Spam has been found to make up the majority of ICO attacks.
Official figures obtained through the Freedom of Information (FOI) Act revealed that the Information Commissioner’s Office (ICO) faces a 2,650% surge in email attacks in 2021
The data, analyzed by the Parliament Street think tank, showed spam detected and blocked to make up the majority of email attacks in the ICO, with a 2,775% increase recorded between January and December. .
Meanwhile, phishing emails increased by 20% from January to December, and malware increased by 423%.
The majority of attacks in December came from spam, with 4,125,992 attacks, while phishing emails consisted of 7,886 attacks and malware reached 1,197 attacks.
The attacks that particularly intensified in December coincided with the widespread spread of the Omicron variant, accompanied by a number of attacks associated with the COVID test, including Christmas scams before the holiday season.
Why email is still the most important vector taken advantage of by attackers
Chris Powell, head of the cyber lab at 6point6, explores why email remains the most important vector of attack exploited by attackers. Read here
“The pandemic continues to be a reason for opportunistic cyber criminals to try and hunt down unsuspecting, poor people,” said Steven Peake, manager at Barracuda Networks.
“Our recent research has shown a 521% increase in phishing attacks associated with covid testing, so it’s not surprising to see major organizations, such as ICO, hit by so many threats because they represent lucrative targets.Phishing, malware and spam emails in particular account for a large part of the threats these organizations face so they need to implement measures to protect themselves.These cyber attackers are not going anywhere anytime soon. “
Protecting against email attacks
To stay protected against email attacks such as spam, phishing, and malware, Peake suggests using measures that use AI, to identify threats designed to bypass defenses such as email filters. spam.
“The use of sophisticated email security that uses artificial intelligence is an important measure for protection,” he continued.
“The use of technologies should be paired with staff education, providing awareness of phishing attacks, COVID-related scams and other possible incoming threats.”
Edward Blake, EMEA area vice-president at Absolute Software, commented: “Cyber security is not just about protecting endpoints through anti-malware or email cyber security solutions. Although it is important these, now have a variety of access points for cyber criminals to take advantage of what IT leaders should know.This includes weak unpatched applications and network vulnerabilities, stolen or illegally purchased login credentials, or even by hacking unprotected smart devices.
“In fact, it is no longer safe to assume that a cyber criminal has not yet gained access to your organization’s system, which is why businesses need to use a zero trust approach in their cyber defenses. This will ensure that malicious actors cannot move across a network once they have access, ensuring that a system breach does not necessarily mean a data breach. “