Every year we at the Security Lab here at Hornetsecurity sift through billions of emails from every year and analyze the data to provide actionable insights to cyber defenders everywhere.
This article serves as your appetizer for the main course, the free report which you can download here.
In this year’s report we processed over 45 billion emails and just over a third of those, 36.4%, were categorized as unwanted. Out of that slice, 96.4% were spam or rejected outright due to external indicators, with 3.6% identified as malicious emails.
Out of all the malicious emails we identified, the majority were phishing emails (43.3% which is a 4% increase from last year) while the second most prevalent type was malicious links at 30.5% (an increase of 18%!). In the report itself we analyze these findings in more detail and tease out how you can use these data to defend your organization.
We also look at attachment types and analyze why certain types are gaining in “popularity” with the criminals and why others are losing their appeal, such as Microsoft Office documents. We also looked at which industry verticals were most targeted (Research, Manufacturing and Entertainment), another point you can use to raise awareness with your organization’s leadership if you need to.
The report looks at backup in Microsoft 365, the need for it and Microsoft’s changing stance on the topic as well as how to manage permissions effectively in a tenant, something that’s very hard using only the built-in tools. The rise of QR code phishing is noteworthy, as is the prevalence of brand impersonation in malicious emails.
As Multi Factor Authentication (MFA) adoption is increasing, criminals are adapting using Attacker-in-the-Middle kits such as W3LL to trick users and stealing identity tokens, even when MFA is used. The risks of vendor overdependence are analyzed in the report, and we also look at several high-profile security events in the Microsoft 365 sphere, including the highly sophisticated Storm-0558 attack on Entra ID.
An interesting part of last year’s report was our predictions for emerging risks and trends we’d see over the last 12 months, in this year’s report we look at how we did with those. We also outline our predictions for the coming year, which include the use of AI for both attack and defense, MFA bypass technique proliferation, supply chain attacks and the risks of network slicing in 5G networks. There are many others, and we go in depth in the report.
The report rounds out with a look at how you can protect your organization, how to build a cyber resilient culture, getting the basics of cyber hygiene right, and how to adopt a zero-trust mindset across the whole business.
Hopefully this has enticed you to grab the full Cyber Security Report, get all the details and most importantly, improve your own and your organization’s security posture. We at Hornetsecurity are here to help you.