Ransomware and phishing attacks soar during pandemic, finds Beazley
Ransomware attacks were up by a quarter in the first three months of 2020, according to the Beazley Breach Response (BBR).
BBR said the number of incidents involving ransomware reported to its service had increased by 25 percent compared to the last three months in 2019. It said that while “no industry was immune”, manufacturing showed “the steepest increase” with reported attacks up 156 percent in Q1 2020 compared with Q4 2019.
During Q1, BBR saw a particular spike in ransomware incidents at service providers for banks and credit unions as well as for healthcare organisations, which led to multiple reports.
As ransomware attacks grew, email attacks dropped by 16 percent in Q1 2020 from the quarter before, but BBR emphasised that it remains a problem.
It said that financial services, healthcare and retail sectors reported fewer compromised email incidents than in Q4 2019 “this may prove to be a temporary reprieve tied to behavioral changes amid the response to COVID-19”.
“Employees first adjusting to working from home may have been less responsive to emails generally, and organisations may have been more focused on quickly ramping up remote working capacity than on identifying and reporting email incidents.”
Moving in the second quarter of 2020, BBR saw cyber criminals making greater use of the opportunities presented by the pandemic.
Analysts warned: “We are likely to see more employees falling victim as attacks accelerate. Research from security awareness training experts KnowBe4 reveals that COVID-19-related scams ranging from social media posts, smishing (text message phishing) and, above all, email phishing have skyrocketed during this time.
“During the pandemic, attackers are taking advantage of the fact that many employees have been working from home, without the technical protections that their corporate networks often provide.”
Remote working means employees are having to use personal computers “without the advantage of managed endpoint protection or even regular patching schedules that are also managed by the typical IT team”. BBR added that many organisational policies are “not designed to function in these distributed environments, leaving them less protected against wire transfer fraud and similar attacks”.
Already registered?
Login to your account
If you don't have a login or your access has expired, you will need to purchase a subscription to gain access to this article, including all our online content.
For more information on individual annual subscriptions for full paid access and corporate subscription options please contact us.
To request a FREE 2-week trial subscription, please signup.
NOTE - this can take up to 48hrs to be approved.
For multi-user price options, or to check if your company has an existing subscription that we can add you to for FREE, please email Elliot Field at efield@newtonmedia.co.uk or Adrian Tapping at atapping@newtonmedia.co.uk
Editor's picks
Editor's picks
More articles
Copyright © intelligentinsurer.com 2024 | Headless Content Management with Blaze