USE OF MALICIOUS WEB LINKS IN EMAILS HAS RISEN BY 144% IN 2023 – NEW HORNETSECURITY REPORT

USE OF MALICIOUS WEB LINKS IN EMAILS HAS RISEN BY 144% IN 2023 – NEW HORNETSECURITY REPORT

  • Hornetsecurity’s Cyber Security Report 2024 reveals phishing remains top email threat, accounting for 43.3% of attacks, but malicious URLs jumped from 12.5% to 30.5% YoY
  • Analysis of more 45 billion emails reveals more than a third (36.4%) are unwanted

Hanover, Germany (28 November 2023) – Hornetsecurity has today launched its Cyber Security Report 2024, which reveals the growing threat of cybercriminals using harmful web links in emails. An analysis of 45 billion emails found a 144% increase in this type of attack compared to last year, rising from 12.5% of all threats in 2022 to 30.5% this year.

It is phishing, however, that remains the most common email attack technique. Its use increased by nearly 4 percentage points this year, rising from 39.6% to 43.3% of all email attacks.

Commenting on the latest report findings, Daniel Hofmann, Hornetsecurity CEO, said: “Email continues to be one of the key methods of attack that threat actors use – and it’s essential that firms of all sizes, and across all sectors, put in place a robust email security strategy to future-proof their business. The boom in malicious web links and steady rise in phishing demonstrates that organizations cannot underestimate the damage such threats can cause, and must ensure they use next gen security service while also maintaining security awareness throughout the workplace.”

Changing face of threats

Of the 45 billion emails analysed, more than a third (36.4%) were categorised as unwanted. Within this category, just over 3.6% – or more than 585 million – were identified as malicious. This represents the widespread nature of the risk, with a vast number of emails posing potential threats.

Most-used file types in malicious emails

Threat actors are savvy and adaptable. In the last year, following Microsoft disabling macros by default in Office, there was a significant decline in the use of DOCX files (by 9.5 percentage points) and XLSX files (by 6.7 percentage points). Instead, cyber-criminals opted for HTML files (37.1% of files analysed), PDFs (23.3%) and Archive files (20.8%). HTML file usage is a particularly notable trend: usage rose by 76.6% over the last year.

Brand impersonation continues to target victims, soliciting sensitive information via phishing. Shipping and e-commerce emails are to be regarded with particular caution: DHL accounts for 26.1% of all impersonations, Amazon 7.7% and Fedex 2.3%. All three were in the top 10 most spoofed. Other popular brands, including LinkedIn, Microsoft (both 2.4%), and Netflix (2.2%), also featured in the top 10.

Industries at risk

This latest Hornetsecurity research confirms that almost every type of business is currently under threat. If an organisation can pay a ransom, it is a target to cyber criminals. However, some industries are at a slightly increased risk.

The research industry is often targeted due to the intellectual property it handles. Entertainment companies are attacked due to the money they handle, such as the 2023 attacks on MGM and Caesars Casinos. Meanwhile, the manufacturing sector is often seen as an easy target for cyber attackers because companies tend to use many IoT devices that can render them vulnerable if not properly secured.

Hofmann added: “Many organisations are too reactive, only responding to specific threats or acting after they have fallen victim. This approach leaves them vulnerable to attack. Businesses need a zero-trust mindset to protect themselves and should adopt all-encompassing security services to set their minds at rest. Our research highlights the adaptability of cybercriminals, and the rapid shifts that have taken place in the last year.

“Companies have a duty to take care of basic security hygiene, train and support all employees, and invest in quality security.”

Cyber Security Report 2024

To read the full Cyber Security Report, including its predictions for 2024, please visit: https://www.hornetsecurity.com/en/cyber-security-report/

For a panel discussion about the findings of this report, please visit: https://www.hornetsecurity.com/en/webinar-decoding-the-cyber-security-report/

Notes to Editor:

  1. The study was conducted by Hornetsecurity’s Security Lab, which reviewed more than 45 billion emails that were processed through Hornetsecurity’s security services, during the reporting period (1 November 2022 – 1 November 2023).
  2. For further information and resources, please see Chapter 5 in the full report: https://www.hornetsecurity.com/en/cyber-security-report/

About Hornetsecurity

Hornetsecurity is a leading global provider of next-generation cloud-based security, compliance, backup, and security awareness solutions that help companies and organisations of all sizes around the world. Its flagship product, 365 Total Protection, is the most comprehensive cloud security solution for Microsoft 365 on the market. Driven by innovation and cybersecurity excellence, Hornetsecurity is building a safer digital future and sustainable security cultures with its award-winning portfolio. Hornetsecurity operates in more than 30 countries through its international distribution network of 8,000+ channel partners and MSPs. Its premium services are used by more than 50,000 customers.

Media enquiries

Please contact us at press@hornetsecurity.com

ALMOST 60% OF BUSINESSES ARE ‘VERY’ TO ‘EXTREMELY’ CONCERNED ABOUT RANSOMWARE ATTACKS – HORNETSECURITY ANNUAL RANSOMWARE SURVEY

ALMOST 60% OF BUSINESSES ARE ‘VERY’ TO ‘EXTREMELY’ CONCERNED ABOUT RANSOMWARE ATTACKS – HORNETSECURITY ANNUAL RANSOMWARE SURVEY

  • More than half of leadership teams are ‘actively involved’ in decision-making on preventing attacks
  • One in five respondents said their company suffered an attack in 2023

Nuremberg, Germany (10 October 2023) – Nearly 60% of companies are ‘very’ to ‘extremely’ concerned about ransomware attacks, according to latest research from leading cybersecurity provider Hornetsecurity. The company released the survey results at IT-SA 2023, Europe’s largest IT security trade show, where it is exhibiting.

In its annual Ransomware Survey, Hornetsecurity revealed that more than nine in ten (92.5%) businesses are aware of ransomware’s potential for negative impact, but just 54% of respondents said their leadership is ‘actively involved in conversations and decision-making’ around preventing such attacks. Four in ten (39.7%) said they were happy to ‘leave it to IT to deal with the issue’.

Over 90 percents of businesses are award or ransomwares danger

Commenting on the findings, Hornetsecurity CEO Daniel Hofmann, said: “Our annual Ransomware Survey is a timely reminder that ransomware protection is key to ongoing success. Organizations cannot afford to become victims – ongoing security awareness training and multi-layered ransomware protection is critical to ensure there are no insurmountable losses.”

Ransomware protection is a necessity

Reassuringly, 93.2% of respondents rank ransomware protection as ‘very’ to ‘extremely’ important in terms of IT priorities for their organization, and 87.8% of respondents confirmed they have a disaster recovery plan in place for a ransomware attack.

However, that leaves more than one in eight organizations (12.2%) without a disaster recovery plan. Of those companies, more than half cited a ‘lack of resources or time’ as the primary reason. Additionally, one-third of respondents said a disaster recovery plan is ‘not considered a priority by management’.

Over 90 percents of respondents sees ransomware protection as very to extremely important

Comparing Ransomware Survey results in 2021-2023

This survey has been conducted annually over the past three years and has included asking respondents if their organization has fallen victim to a ransomware attack.

Since 2021, Hornetsecurity has found relatively small changes in the percentage of respondents saying their organizations have fallen victim to a ransomware attack: 21.1% in 2021, 23.9% in 2022, but a new low of 19.7% in 2023.

Additionally, companies that reported paying a ransom are down from 9.1% in 2021 to 6.9% in 2023.

Some of the data in this survey show positive results, with a majority of respondents reporting they understand the importance of protection, and a drop in ransomware attack victims in 2023, showing companies are becoming more vigilant in their data protection.

Ransomware attacks continue to evolve, though, so organizations must maintain this vigilance. In 2023, 81% of respondents reported they are receiving end-user training in comparison to 2021, when only 71.2% reported they had received training.

“Although organizations have reported fewer ransomware attacks in 2023, the threats haven’t necessarily decreased,“ Hofmann said. “Cybersecurity awareness among all users remains a crucial element to further decrease the risk of falling for these threats, especially as attacks become more sophisticated with new technologies.”

Security tools to combat ransomware attacks

The survey also revealed the most used tools to combat potential threats:

  • 87.8% used to end-point detection software with anti-ransomware capabilities
  • 84.4% cited ‘email filtration and threat analysis’
  • 22.4% mentioned ‘AI-enabled security solutions’ as a tool they are now using to combat ransomware within their organization.

The most common primary security feature to protect backups from ransomware is:

  • Immutable storage (40.6% of respondents)
  • Tight control of user and application permissions (38.3%)
  • Air-gapped storage (27.8%).

Given the unpredictable nature of ransomware attacks, 76.2% of respondents said their business has changed the way it backs up its data. The 73.6% of respondents who have a recovery plan in place for their Microsoft 365 data are ‘very’ to ‘extremely’ confident in their chosen solution, while 55.1% of respondents are ‘very’ to ‘extremely’ confident that their data backups would be safe from a ransomware attack today.

About the survey

Hornetsecurity’s Annual Ransomware Survey 2023 was answered by more than 150 business decision-makers (including IT pros) across small to large enterprises. This year’s annual survey had 46.9% of respondents based in Europe, 30.6% in North America, with the other 21.5% from Asia, Australia, Africa, the Middle East and South America.

Find out more about Hornetsecurity’s latest ransomware survey.

About Hornetsecurity

Hornetsecurity is a leading global provider of next-generation cloud-based security, compliance, backup, and security awareness solutions that help companies and organizations of all sizes around the world. Its flagship product, 365 Total Protection, is the most comprehensive cloud security solution for Microsoft 365 on the market. Driven by innovation and cybersecurity excellence, Hornetsecurity is building a safer digital future and sustainable security cultures with its award-winning portfolio. Hornetsecurity operates in more than 30 countries through its international distribution network of 8,000+ channel partners and MSPs. Its premium services are used by more than 50,000 customers.

Media enquiries

Please contact us at press@hornetsecurity.com.

Hornetsecurity releases “Microsoft 365: The Essential Companion Guide” as a comprehensive resource for businesses using M365

Hornetsecurity releases “Microsoft 365: The Essential Companion Guide” as a comprehensive resource for businesses using M365

  • Hornetsecurity’s essential guide to Microsoft 365 will assist companies with navigating M365 and successfully transitioning to the cloud
  • The eBook has three focus areas: M365 Basics; Managing, Maintaining, and Support for M365; and Security, Backup, and Compliance
London, UK (20 September 2023) – Leading cybersecurity provider Hornetsecurity has published Microsoft 365: The Essential Companion Guide. Launched today, this new guide is designed for IT administrators who manage a Microsoft 365 environment, as well as decision-makers looking to gain an overview of what to expect when migrating to the cloud and ways they can adopt services in Microsoft 365 (M365).
Commissioned by Hornetsecurity and written by respected technology author and Microsoft Certified Trainer, Paul Schnackenburg, Microsoft 365: The Essential Companion Guide is a comprehensive resource that provides an in-depth analysis of Microsoft 365 to help users maximize their efforts when using this platform. This guide also provides links to additional resources for a deeper dive into the applications most relevant to businesses’ specific needs.
M365 the Essential Companion Guide
The guide comprises three core sections, and focuses on the following key areas:
  • M365 Basics: Provides a solid foundation with comprehensive descriptions and insights into the core functionalities of Office 365 and Microsoft 365
  • Managing, Maintaining, and Support for M365: Details the advanced M365 features and configurations. IT administrators can learn effective strategies to manage and maintain their suite to ensure seamless operations for their organization
  • Security, Backup, and Compliance: Strategies to protect a business’ valuable data and ensure compliance with essential security measures and backup protocols.
The publication of this new guide complements Hornetsecurity’s recent launch of Plan 4 “Compliance & Awareness” of its flagship solution, 365 Total Protection. The new Plan 4 of Hornetsecurity’s cloud-based solution is its most comprehensive, taking M365 security management and data protection to the next level by encompassing email security, backup and recovery, compliance, permission management and security awareness. Like Microsoft 365: The Essential Companion Guide, Hornetsecurity’s 365 Total Protection Plan 4 assists IT administrators and businesses to best supplement and amplify their M365 security, awareness and compliance from one central console. “Administrators have a big, and often complex, job on their hands that can become overwhelming given the pace at which technology and business needs continue to advance. Microsoft 365: The Essential Companion Guide will play an important role in giving them a thorough understanding of Microsoft 365 and how to use it to the best of its abilities. With this guide, we want to save time and hassles for M365 administrators, helping them work smarter and not harder,” said Hornetsecurity CEO Daniel Hofmann. Access Hornetsecurity’s Microsoft 365: The Essential Companion Guide here.

About Hornetsecurity

Hornetsecurity is a leading global provider of next-generation cloud-based security, compliance, backup, and security awareness solutions that help companies and organizations of all sizes around the world. Its flagship product, 365 Total Protection, is the most comprehensive cloud security solution for Microsoft 365 on the market. Driven by innovation and cybersecurity excellence, Hornetsecurity is building a safer digital future and sustainable security cultures with its award-winning portfolio. Hornetsecurity operates in more than 30 countries through its international distribution network of 8,000+ channel partners and MSPs. Its premium services are used by more than 50,000 customers.

Media enquiries

Please contact us at press@hornetsecurity.com.
Hornetsecurity releases 365 Total Protection Plan 4 for Microsoft 365 with AI Recipient Validation that prevents misdirected emails

Hornetsecurity releases 365 Total Protection Plan 4 for Microsoft 365 with AI Recipient Validation that prevents misdirected emails

  • Hornetsecurity’s comprehensive 365 Total Protection Suite had so far provided advanced Email Security and Backup for Microsoft 365 (Plans 1-3).
  • The new 365 Total Protection Compliance & Awareness (Plan 4) is an upgraded solution that additionally delivers compliance, permission management and security awareness.
  • It also includes new AI Recipient Validation to prevent misdirected emails and thus data leaks.
Hanover, Germany (5 September 2023) – Leading cybersecurity provider Hornetsecurity has launched its Plan 4 “Compliance & Awareness” solution of 365 Total Protection Suite, offering a higher level of defence and compliance with new AI tools, security awareness service, and permission management for Microsoft 365. This new plan covers a broader range of an organization’s Microsoft 365 security, compliance management and data protection needs, and prevents existing and potential risks of spam, malware, and threats.

AI helps to prevent accidental data exposure

Screenshot AI Recipient Validation
AI Recipient Validation is one of 365 Total Protection’s newest features, providing security and compliance managers with true visibility into how often employees are exposed to potentially misdirected emails and how they respond to them. It protects the end user by providing a warning when an email they are about to send appears to be misguided or contain sensitive information. The user can decide to either adjust their email or continue to send without modification.
Additionally, this new AI-based service continuously updates its understanding of the user’s email communication patterns by learning user behaviour and responses. It then automatically adjusts warnings for outgoing emails and prevents users from receiving similar warnings multiple times.

Strengthening employees’ security awareness

The new 365 Total Protection Plan 4 now also includes Hornetsecurity’s Security Awareness Service, which runs fully automated and continuously measures employees’ security behaviour. As part of this service, the Employee Security Index (ESI®) metric measures the security behaviour of employees to determine how well-versed they are in their security awareness. Based on this metric, additional training and phishing simulations can be adapted to an individual’s specific needs. This service helps to strengthen awareness of cybersecurity risks and threats, and ensures that employees are actively learning how to protect themselves and their organizations.

Easy-to-use permission management improves compliance

Permission management in Microsoft 365 is complex and failure to handle this properly can easily lead to data leaks. The new 365 Total Protection package therefore also includes 365 Permission Manager. This easy-to-use DLP (data loss prevention) service gives admins and CISOs an easy-to-understand view of all permissions and enables effortless auditing, management, compliance policy enforcement and violation monitoring.

Holistic management of risk prevention

“As AI-based technologies increasingly make cyber-hacking more sophisticated and as targeted email attacks multiply, having full protection and preventative measures in place will lessen the risk of a potential data breach. With this latest version of 365 Total Protection, organizations will have all the tools needed to holistically manage risks and protect against them from all angles across security, archive and backup, and now compliance and security awareness,“ said Hornetsecurity CEO Daniel Hofmann.
Learn more about Hornetsecurity’s 365 Total Protection Plan 4 and AI Recipient Validation.

About Hornetsecurity

Hornetsecurity is a leading global provider of next-generation cloud-based security, compliance, backup, and security awareness solutions that help companies and organizations of all sizes around the world. Its flagship product, 365 Total Protection, is the most comprehensive cloud security solution for Microsoft 365 on the market. Driven by innovation and cybersecurity excellence, Hornetsecurity is building a safer digital future and sustainable security cultures with its award-winning portfolio. Hornetsecurity operates in more than 30 countries through its international distribution network of 8,000+ channel partners and MSPs. Its premium services are used by more than 50,000 customers.

Media enquiries

Please contact us at press@hornetsecurity.com.
Hornetsecurity’s new podcast series helps businesses understand and overcome latest cybersecurity risks

Hornetsecurity’s new podcast series helps businesses understand and overcome latest cybersecurity risks

  • Podcast series ‘The Security Swarm’ explores trending cybersecurity topics
  • Conversations with leading cybersecurity experts open up discussions around AI, compliance and Microsoft 365

Hanover, Germany (31 August 2023) – Hornetsecurity has recently launched The Security Swarm podcast series to shed light on the latest cybersecurity issues. The weekly show, hosted by Hornetsecurity’s Andy Syrewicze, brings together experts from across the cybersecurity sector to discuss industry challenges, how businesses can overcome ever-changing threats, and future cybersecurity issues.

The informative and educational series has already looked at topics such as AI and whether ChatGPT could conduct a cyberattack, discussions around Hornetsecurity’s recent compliance survey, as well as a conversation with Microsoft Certified Trainer on how secure Microsoft 365 actually is.

Hornetsecurity CEO Daniel Hofmann said: “The Security Swarm podcast launch has been incredibly successful and delivers insightful conversations about the biggest cybersecurity challenges facing businesses today. This podcast is one of many new approaches we have introduced to support and educate cybersecurity decision-makers across the world.”

the Security Swarm Podcast

The world of cybersecurity should not be taken on alone. A glimpse into the podcast series is available in this trailer.

The podcast can be listened to via the Hornetsecurity website and is also available to download on Apple Podcasts, Google Podcasts, Spotify, and YouTube.

About Hornetsecurity

Hornetsecurity is a leading global provider of next-generation cloud-based security, compliance, backup, and security awareness solutions that help companies and organisations of all sizes around the world. Its flagship product, 365 Total Protection, is the most comprehensive cloud security solution for Microsoft 365 on the market. Driven by innovation and cybersecurity excellence, Hornetsecurity is building a safer digital future and sustainable security cultures with its award-winning portfolio. Hornetsecurity operates in more than 30 countries through its international distribution network of 8,000+ channel partners and MSPs. Its premium services are used by more than 50,000 customers.

 

Media enquiries

Please contact us on press@hornetsecurity.com.

Hornetsecurity launches new Backup Bible to support businesses with data loss prevention

Hornetsecurity launches new Backup Bible to support businesses with data loss prevention

  • Hornetsecurity’s Backup Bible offers business owners actionable content and customisable templates to create a personalised backup strategy
  • The eBook will help businesses maintain data protection systems as well as prepare them for the recovery process

London, UK (5 July 2023) – Leading cybersecurity provider, Hornetsecurity, has today announced the launch of its new Backup Bible – a complete guide to support businesses through all stages of preparing for, responding to, and recovering from a substantial data loss event.

The Backup Bible features 150+ pages of actionable content, divided into four core parts, including customisable templates enabling business owners to create their own personalised backup strategy.

The online support document contains instructions and examples for building and maintaining a thorough data protection system, as well as discussion material on expanding recovery processes throughout the enterprise. Without this, businesses could experience data destruction or losses which could cost them excessive amounts of time and money.

Hornetsecurity CEO, Daniel Hofmann said: “Consistently delivering support for businesses is critical to Hornetsecurity’s success. The new Backup Bible is testament to this goal, with the online content enabling businesses to create sustainable backup strategies, to ensure they are prepared in the event of a data breach.

“The Backup Bible is one of a host of new initiatives – our Security Swarm podcast is another – that Hornetsecurity is delivering, to show consistent support for businesses undergoing cybersecurity challenges.”

About Hornetsecurity

Hornetsecurity is a leading global provider of next-generation cloud-based security, compliance, backup, and security awareness solutions that help companies and organisations of all sizes around the world. Its flagship product, 365 Total Protection, is the most comprehensive cloud security solution for Microsoft 365 on the market. Driven by innovation and cybersecurity excellence, Hornetsecurity is building a safer digital future and sustainable security cultures with its award-winning portfolio. Hornetsecurity operates in more than 30 countries through its international distribution network of 8,000+ channel partners and MSPs. Its premium services are used by more than 50,000 customers.

Media enquiries

Please contact us on press@hornetsecurity.com.