By Mimecast: A leading email and data security company
As cybercriminals continue to use email as a primary vehicle to steal data and deliver advanced threats, the results of this research provide valuable insights and trends around what’s affecting organisations the most and how they can improve their overall security posture.
Social engineering attacks are a rising concern for organisations because they’re often one of the most difficult to control. Most notably, the report found that in the UAE impersonation attacks increased by 75%, with 77% of those organisations impacted by impersonation attacks having experienced a direct loss, specifically loss of customers (23%), financial loss (21%) and data loss (40%). Phishing attacks were the most prominent type of cyberattack, with 94 percent of respondents having experienced phishing and spear phishing attacks in the previous 12 months, and 75% cited seeing an increase in phishing attacks over the same time period.
Not only are email-based attacks on the rise, but they’re affecting how confident people are in their organisation’s cybersecurity defenses – and ultimately the ability to do their jobs. According to the report, 39% believe it is likely or inevitable their organisation will suffer a negative business impact from an email-borne attack this year. The report also found that almost a third (62%) encountered a ransomware attack that directly impacted business operations. Fifty-eight percent of UAE respondents noted having downtime for two to three days, whereas 29 percent experienced downtime for four to five days.
Email security systems are the frontline defence for most of attacks. Yet, just having and providing data on these attacks is not what creates value for most respondents,” said Josh Douglas, vice president of threat intelligence at Mimecast.
“Survey results indicate that vendors need to be able to provide actionable intelligence out of the mass of data they collect, and not just focus on indicators of compromise which would only address past problems. The Mimecast Threat Analysis Center was also able to identify the top 5 industries being impacted by impersonation attacks which closely aligned with the findings in the report. Financial, Manufacturing, Professional Services, Science/Technology as well as Transportation Industries are top targets globally. Understanding these key pain points helps organisations build a more comprehensive cyber resilience plan.”
Survey findings in numbers over the previous 12 months:
94% of organisations experienced phishing attacks
87% experienced email-based spoofing of business partners or vendors
75% of organisations saw increases in impersonation attacks; 43% phishing; and 39% internal threats/data leaks
77% of impersonation attack victims dealt with a direct resulting loss
81% saw an attack where malicious activity was spread from one infected user to other employees
62% of organisations experienced a business-disrupting ransomware attack
39% believe it’s likely or inevitable they’ll suffer a negative business impact from an email-borne attack
39% believe suffering a negative business impact from an email-borne attack is either likely or inevitable.
6% feel it’s inevitable their organisation will suffer a negative business impact from an email-borne attack
Impersonation and Phishing Attacks: Rising and Worsening
75% said they saw the volume of impersonation attacks increase
77% of impersonation attack victims experienced a direct resulting loss
-87% saw email-based spoofing of business partners or vendors looking to gain access to money, sensitive intellectual property or login credentials
– 45% have seen this increase
94% of respondents experienced a phishing attack, 43% saw an increase
Specifically, 35% saw an increase in targeted spear-phishing attacks with malicious links
Internal Threats and Data Leaks
A massive 81% saw an attack where malicious activity was spread from one infected user to other employees. 10% above the global average
– 41% reported a spread of infected email attachments
– 58% reported a spread of infected URLs via email
39% noted an increase in internal threats and data leaks
25% feel their email security systems fall short in monitoring and protecting against email-borne attacks or data leaks in internal-to-internal
32% feel they fall short when it comes to outbound emails
34% feel their email security system falls short in automated detection and removal of malicious emails that have already landed in employees’ inboxes
Ransomware and Downtime
92% of ransomware victims suffered at least two days of downtime. Three days was the average
Dealing with Data Loss
77% of impersonation attack victims dealt with a direct resulting loss (data, financial or loss of customers)
40% cited data loss, 21% said financial loss, and 23% noted lost customers
30% noted data loss as the thing that hurt their organisation the most
Threat Intelligence: It’s About Taking Action
Immediate Action is Key
99% are using threat intelligence sources, whether in-house or commercial
Yet only 69% consider it an extremely important asset to their organisation right now
24% say it’s very important
76% note that it will be extremely important in the next 12 months
74% use email security systems that provide threat intelligence data to their security teams
And 74% said their email security system can consume and apply threat intelligence data to their other security systems
4% noted that threat intelligence efforts are not happening now or in the future
Top 10 Takeaways from 2019 State of Email Security report – United Arab Emirates
1-Playing defence only won’t cut it; in 2019 and beyond, you’ve got to be prepared for the worst. 39% of respondents believe that suffering a negative business impact from an email-borne attack is either likely or inevitable.
2-Security breaches don’t just slow you down, they have a direct impact on your business. The average downtime from a ransomware attack is three days.
3-Create your plan to combat impersonation attacks. In the previous 12 months alone, more than 86% of respondents experienced an impersonation attack, and 75% saw these types of attacks increase.
4-One bad click can quickly create a cascade of bad events. 81% of organisations saw malicious activity spread from one infected user to other employees.
5-Phishing isn’t going away anytime soon. 94% of respondents experienced a phishing attack in the previous 12 months.
7-Ransomware is on the rise—still. Almost a third (62%) of organisations encountered a ransomware attack that directly impacted business operations.
8-Data loss should be your biggest concern. Of the organisations that encountered an email-based impersonation attack in the last 12 months, a jaw-dropping 77% experienced a direct loss (data, financial, or loss of customers). 30% of those who suffered losses because of email‐based impersonation attacks noted data loss as the thing that hurt their organisation the most.
9-Awareness training needs serious attention, improvement and investment. The most widely used method (72%) of awareness training happens in a group session. Is that the most timely or engaging method?
10-You can start a cyber resilience plan in four straightforward steps. Just over half (59%) of organisations have a cyber resilience strategy in place.