Not very surprisingly, a recent report shows that cyber attacks not only increased in numbers in 2020, they were also, generally speaking, more successful. German Company SoSafe GmbH published their “Human Risk Review 2021” annual report, which shows that during the COVID-19 pandemic, specifically employees of organizations have been in the focus of cyberattacks. Which emphasizes the role employees play in protecting organizations from these threats, a fact which was also a result in a similar report from SANS Institute.
In addition to a general look at the cyberthreat landscape, the Human Risk Review report particularly highlights the human factor and the technical and psychological tactics cybercriminals use to provoke clicks on phishing mails. For the first time, the report powerfully shows that the likelihood of cyberattacks succeeding has increased during the pandemic and in times of remote working. The data is based on more than 1.4 million data points, malware analyses, an awareness study with more than 5,000 participants, and a survey of more than 100 cyber security experts.
On the basis of exclusive response data, the SoSafe Human Risk Review illustrates what various reports have already indicated in recent months: The threat situation has been further exacerbated by the COVID-19 pandemic. Social hacking, which is designed to provoke clicks on phishing mails by manipulating emotions, is becoming increasingly popular among cybercriminals in these uncertain times. The majority of cyber security experts surveyed believe that the probability of attacks being successful has increased during the crisis. More than 4 in 10 have perceived an increase in cyberattacks. The analysis of the SoSafe reaction data solidifies these assumptions: The temporal connection to and thematic integration of the coronavirus has made phishing attacks more successful. The report also provides unprecedented insights into the technical and psychological mechanisms underlying cyberattacks, such as which attack vectors were most popular among criminals last year and which of those promised most success.
Some of the other Key findings from the report:
- The COVID-19 pandemic makes social engineering attacks more successful – up to 4 in 5 recipients clicked on Corona-related phishing mails: During the first lockdown, a rapid increase in ransomware types was observed. The analyses show that the probability of success of such attacks also increased at the same time – the click rate on phishing mails was significantly higher during the lockdown phases. Phishing mails referring to the COVID-19 pandemic were particularly promising for cybercriminals. While the average click rate is 29%, phishing mails with the word “Corona” in the subject line provoked click rates of up to 78.8%.
- The shift to remote work also offers increased potential for attack. The introduction of new collaboration tools makes employees more vulnerable to phishing attacks. Half of all employees clicked on phishing mails sent in the context of introducing remote tools such as Microsoft Teams or Slack.
- The “office grapevine” protection is missing. Detecting phishing mails is more difficult in decentralized organizations. As the analyses reveal, when working remotely the click rate on phishing mails is generally higher than in the office. Decentralized organizations show click rates which are three times higher than those of centralized organizations.
- A rather surprising result from the report: So-called digital natives click on phishing mails most often. Contrary to the assumption that younger users would have higher digital literacy, the report shows just the opposite in a separate study of over 5,000 citizens. With an average click rate of 38%, 18- to 29-year-olds are well ahead of other age groups, who clicked only one in four phishing mails.
The human factor and cyber security are growing closer together
The report also gives an outlook on future developments. The most important hypothesis: Social engineering and cyberattacks that take advantage of new work models such as remote working will continue to have a decisive influence on cyber security in European organizations and should therefore be the focus of respective security and training measures. A positive outlook: As many as 6 out of 10 cyber security experts surveyed are planning to expand their awareness measures in the future. Employees play a decisive role when it comes to cyber security.
You can find the full report here