State of the Phish 2023

February 28, 2023

Following the release of Proofpoint’s 2023 ‘State of the Phish’ report today, cybersecurity experts Rick Jones, CEO and Co-Founder of DigitalXRAID, and Lawrence Perret-Hall, Director of CYFOR Secure, have offered their insights on the report’s key findings.

While Rick cautions against organisations paying ransom demands, Lawrence considers the rise of BEC and ‘MFA fatigue’ attacks.

Rick Jones, CEO and Co-Founder, DigitalXRAID states, “It’s unsurprising that only 33% of organisations who paid ransoms regained access to their data. Fundamentally, no company should pay up in the event of a ransomware attack; paying up does not guarantee stolen data will be returned, and even if it is, the data remains compromised and is lost in the eyes of GDPR.

“Furthermore, the report found 64% of insurers were willing to pay their customers’ ransoms either partially or in full. Considering that a significant proportion of insured organisations are not covered for this eventuality, it’s clear that cyber insurance, though important, cannot be the only element of a security strategy. And insurers paying out on financial losses should not condone paying up to ransom demands.

“While the temptation to give in to a ransom is strong – particularly for smaller businesses with fewer in-house resources to monitor for threats and remediate gaps in security – paying up only serves to further incentivise bad actors. Organisations should, instead, be looking to deploy a range of proactive cybersecurity measures. These should include 24/7/365 threat monitoring and detection, and a Security Operations Centre (SOC) that can identify and respond to an attack before data is compromised.”

Comments by Lawrence Perret-Hall, Director, CYFOR Secure says, “According to Proofpoint’s 2023 report, 86% of organisations have experienced an attempted Business Email Compromise (BEC) attack. BEC had almost dropped off completely in the past, with multi-factor authentication (MFA) being viewed as a cybersecurity ‘silver bullet’, particularly by insurers. However, we’ve been seeing BEC attacks become a critical issue again recently, as cybercriminals find ways to evade MFA. ‘MFA fatigue’ – a technique that bombards users with push notifications until they mistakenly approve a malicious log in – has grown in popularity amongst bad actors and is unfortunately proving to be very successful.

“To counter the risk of BEC and social engineering attacks, organisations need to be acting proactively. It’s first about assessing your risk level; understanding if you have sufficient training and phishing simulations in place for staff, testing how well they are trained against these types of attacks and auditing processes e.g., do you have MFA in place and is it working effectively? It’s also then about knowing what to do if the worst happens. Enterprises, large and small, need to establish incident response playbooks and business continuity plans to mitigate against a successful attack, and invest in a cybersecurity retainer to ensure experts are on hand to help with remediation.”

To read more news and exclusive features see our latest issue here.