Six months in: What we learned by analyzing threat data from the first half of 2021

It’s hard to believe, but the mid-year update to our annual Webroot BrightCloud® Threat Report is here. As expected, a dynamic threat landscape has shifted once again. Phishing actors have returned from a ‘hacker holiday,’ our predictions about supply chain attacks were borne out, and cybercriminals continue to find low-hanging fruit in consumer devices.

There’s plenty more great information in the full report, but here are some highlights.

Consumer devices are twice as likely to be compromised as business devices

Pre-pandemic, this may have not been all that dire. But with the shift toward remote workforces, the consequences become more significant. Organizations that are saving budget on office space should consider reinvesting it in managed hardware and software for remote employees.

Managed Service Providers (MSPs) are the most heavily targeted vertical among our customers

BrightCloud® Threat Intelligence has tracked a surge in attacks targeting MSPs, outpacing those in other all other verticals including oil and gas, manufacturing and wholesale. Because MSPs’ access to client endpoints can be weaponized by attackers, all such businesses should at minimum mandate two-factor authentication as an additional hurdle for cybercriminals to clear.

Cybercriminals are continuing to target software supply chains

Phishing attacks against large RMMs and other software vendors are now commonplace. Recent high-profile attacks reflect a new favored strategy of targeting supply chains to gain widespread access to organizations. The accessibility these targets provide to their user base heightens the stakes of a security breach, and defenses must keep up.

After a hiatus, phishing scams are running full bore once again

After a January to April slump, we witnessed a 440 percent spike in phishing sites created since May 2021. Nearly half (46%) of all phishing sites now use HTTPs to try to fool more sophisticated users. Interestingly, the gaming platform Steam was targeted throughout the slump with 99% of sites targeting it using HTTPS, suggesting the arrival of new, highly focused threat actors.

Security awareness training continues to be among the most effective ways to prevent a compromise

User error continues to be the main cause of data breaches. Yet security awareness training is inexpensive and proven effective at lowering clicks on phishing links. Yearly cybersecurity training is not sufficient, but when conducted monthly it can reduce the likelihood of a user clicking on a phishing email by 75 percent.1

Click here for more findings from the mid-year update to our annual Threat Report.

1. Based on internal Webroot testing data

Related posts

How to Improve Your Cyber Resilience by Strengthening User Privileges

The Dark Side of Viral Content: How Negative Reviews Can Snowball

Testing Gaming Monetization: Walking the Line Between Profit and Player Experience