Phishing and Ransomware attacks continue to grow
SBS’s latest cybersecurity update on how Phishing and Ransomware attacks are worse than ever:
CISOs are still the key in protecting organizations from ever-present Phishing and Ransomware attacks.
SBS’s latest cybersecurity update on how Phishing and Ransomware attacks are worse than ever
Does your organization have a CISO? (Chief Information Security Officer)? If it’s a smaller organization or you have a more a traditional structure, probably not.
So, someone needs to step up and act like they are, to fill that critical role. Why? Ransomware and phishing attacks are once again on the rise.
Like, ChatGPT? We do too but get this – hackers use ChatGPT/AI to create convincing phishing emails.
How about the annoying CAPTCHA (pick all the flowers you see)? Get this, they’re using CloudFlare’s CAPTCHAs to conceal credential harvesting forms in their attacks.
Plus, cybercriminals are using trusted services like Microsoft SharePoint, AWS and Salesforce to spread phishing and malware. Another tactic, QR codes; hackers use QR Codes in attacks – they now account for 11% of all malicious emails. Back to CISOs’ role – WFH is awesome right? Sure, but guess what - with the shift to remote/hybrid work – it expands the ‘attack surface’ for many organizations, making cybersecurity even more complex for a CISO. Why? There are now many more ways for hackers to attack employees (on their WFH laptops, work desktop PCs, etc.).
What is one of the biggest vulnerabilities? Human error, this is where CISOs need to step up and keep reminding people about how simple negligence is the biggest culprit.
CISOs need keep briefing and updating employees, making them aware of the latest cyber-threats. CISOs play a critical role in making sure their staff understand that they too, can play part in defending against cyber-threats.
_____________
Sources:
1. Infosecurity Magazine (CISs seeing increasing Cyber-Attacks): https://www.infosecurity-magazine.com/news/70-cisos-expect-cyberattacks-next/
2. Infosecurity Magazine (phishing attacks): https://www.infosecurity-magazine.com/news/341-rise-advanced-phishing-attacks/
3. Dark Reading (‘Ascension Healthcare Suffers Major Cyberattack”): https://www.darkreading.com/cyberattacks-data-breaches/ascension-healthcare-hit-by-cyberattack