Email threats spike 101%, remains a top attack vector
Global cybersecurity firm Trend Micro blocked over 33.6 million cloud email threats in 2021, a 101% increase on the previous year.
The company says this stark increase in attacks proves that email remains a top point of entry for cyber attacks.
According to Trend Micro, many Australian businesses faced spear phishing, business email compromise (BEC) and email-based ransomware attacks in 2021. Trend Micro's recent research on the mounting number of cyber risks highlighted that 48% of local organisations do not believe their method of assessing risk exposure is sophisticated enough, underlining the vulnerability of Australia's corporate sector to increasingly insidious email threats.
"Each year we see innovation in the threat landscape and an evolution of the corporate attack surface, but each year email remains a major threat to organisations," says Mick McCluney, technical director at Trend Micro.
"The best shot defenders have at mitigating these risks is by taking a platform-based approach, to shine a powerful light on threats and deliver streamlined prevention, detection and response without limits," he says.
The data was collected over the course of 2021 from products that supplement native protection in collaboration platforms such as Microsoft 365 and Google Workspace.
Other key findings include:
- 16.5 million detected and blocked phishing attacks, a 138% increase as the hybrid workforce continued to be targeted
- 6.3 million credential phishing attacks, a 15% increase as phishing remains a primary means of compromise
- 3.3 million malicious files detected, including a 134% surge in known threats and a 221% increase in unknown malware
More positively, ransomware detections continued to decline by 43% year-over-year. This could be because attacks are becoming more targeted, along with Trend Micro's successful blocking of ransomware affiliate tools such as Trickbot and BazarLoader.
Business email compromise (BEC) detections also fell by 11%. However, there was an 83% increase in BEC threats detected using Trend Micro's AI-powered writing style analysis feature, indicating that these scams may be getting more sophisticated.
Earlier this month, Trend Micro announced VicOne - dedicated security for the electric vehicles and connected cars.
"At Trend Micro, we are driven by the desire to secure the connected world. As we focus on this mission, it is imperative that we free ourselves to explore the various new business models that fit the new supply chain," said Eva Chen, CEO, and co-founder of Trend Micro.
"With VicOne, we anticipated an urgent OEM need for enhanced automotive cybersecurity. Built with the best of Trend Micro innovation, it will offer tremendous value to the industry."
Electric vehicles are increasingly exposed to remote digital threats across a range of new attack scenarios. Original Equipment Manufacturers (OEMs) and suppliers must urgently build comprehensive cybersecurity protections into their ecosystem to comply with the new United Nations regulation, WP.29 (UN R155).