Phishing attacks surge amid rise in remote work

Phishing and ransomware attacks have surged by 11% and 6% respectively due to the unprecedented number of people working remotely, according to Verizon’s latest Data Breach Investigations Report.

The 2021 edition of the report analysed 5258 breaches from 83 contributors across the globe, including in Australia.

Breach simulations included in the report found that the median financial impact of a breach is US$21,659 ($28,048), with 95% of incidents falling between US$826 and US$653,587.

The report found that 61% of data breaches analysed involved credential data. Additionally, 95% of organisations suffering credential stuffing attacks had between 637 and 3.3 billion malicious login attempts through the year.

According to the report, in Asia–Pacific the majority of breaches remained attributable to external, financially motivated actors stealing credentials with phishing attacks and using them to gain access to mail accounts and web application servers.

The transition to remote working has brought other challenges for businesses in multiple industries, the report found, with attacks on web applications representing 39% of all breaches analysed.

“The COVID-19 pandemic has had a profound impact on many of the security challenges organisations are currently facing,” Verizon Business CEO Tami Erwin said.

“As the number of companies switching business-critical functions to the cloud increases, the potential threat to their operations may become more pronounced, as malicious actors look to exploit human vulnerabilities and leverage an increased dependency on digital infrastructures.”

The report found that threats vary across industries. For example, in the financial and insurance industries, 83% of data compromised in breaches was personal data, but this fell to just 49% in the professional, scientific and technical services sectors.

Image credit: ©stock.adobe.com/au/Weerapat1003