Cybersecurity Awareness Month provides an opportunity for organizations to hear from cyber experts on key trends they're seeing in their field. Today, we heard from David Richardson, VP of Product Management at Lookout on how phishing attacks will continue to evolve.
“For nearly 20 years, the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) have recognized October as Cybersecurity Awareness Month. This observance is a collaborative effort between the public and private sector to draw attention to the dangers of cyberattacks that threaten individual consumers, businesses, government agencies and our critical infrastructure and essential services. This year’s chosen theme – “See Yourself in Cyber” – underscores the role that everyone plays in improving cybersecurity practices.
As part of this theme, CISA and NCA recommend several key actions individuals can take to protect their online information and privacy. One of these steps – recognize and report phishing – is perhaps one of the most powerful tactics we have to combat bad actors. Most cyberattacks or data breaches start with phishing, and the number of phishing attempts continues to rise each year. According to Lookout data, exposure to phishing increased 127% between Q4 2020 to Q1 2021. When phishing is used to steal login credentials, it opens up a world of possibilities for the cybercriminals, and a world of hurt for the impacted individual or business. With one set of credentials, bad actors can then try to log in to a number of common cloud-based services such as Office 365, Google Workspace, AWS, Salesforce, etc. Once they’ve successfully logged in to one of these accounts, they can move laterally within an organization and find highly sensitive and valuable information to either encrypt for ransom or exfiltrate to sell on the dark web. Same is true for individual consumers, especially since it’s so common for people to use the same passwords across multiple accounts.
Phishing attacks have continued to evolve in techniques and sophistication, but the basic approach of trying to create a sense of urgency or impersonating a figure of trust or authority has remained pretty constant. When contacted in this manner, it’s important to take a step back, evaluate the situation and find alternative ways to validate the request. It’s also critical for organizations to implement proper security controls across mobile devices, cloud services and on-prem and private apps, and to enforce Zero Trust across the infrastructure.”