Complex Made Simple

Mimecast Research finds 75% of organisations in UAE saw an increase in impersonation attacks

Email mpersonation attacks wrecking havoc on UAE businesses. Here's what to do

Major Increase in Targeted Attacks Like Impersonation Fraud, Spear Phishing and Business Disrupting Ransomware UAE impersonation attacks increased by 75%, with 77% of those organisations impacted by impersonation attacks having experienced a direct loss The report also found that almost a third (62%) encountered a ransomware attack that directly impacted business operations

By Mimecast: A leading email and data security company

As cybercriminals continue to use email as a primary vehicle to steal data and deliver advanced threats, the results of this research provide valuable insights and trends around what’s affecting organisations the most and how they can improve their overall security posture.  

Social engineering attacks are a rising concern for organisations because they’re often one of the most difficult to control. Most notably, the report found that in the UAE impersonation attacks increased by 75%, with 77% of those organisations impacted by impersonation attacks having experienced a direct loss, specifically loss of customers (23%), financial loss (21%) and data loss (40%). Phishing attacks were the most prominent type of cyberattack, with 94 percent of respondents having experienced phishing and spear phishing attacks in the previous 12 months, and 75% cited seeing an increase in phishing attacks over the same time period. 

Not only are email-based attacks on the rise, but they’re affecting how confident people are in their organisation’s cybersecurity defenses – and ultimately the ability to do their jobs. According to the report, 39% believe it is likely or inevitable their organisation will suffer a negative business impact from an email-borne attack this year. The report also found that almost a third (62%) encountered a ransomware attack that directly impacted business operations. Fifty-eight percent of UAE respondents noted having downtime for two to three days, whereas 29 percent experienced downtime for four to five days. 

Read more: 72% of the Global 2000 Companies Located in the Middle East Exposed to Email Fraud Risk

Email security systems are the frontline defence for most of attacks. Yet, just having and providing data on these attacks is not what creates value for most respondents,” said Josh Douglas, vice president of threat intelligence at Mimecast. 

“Survey results indicate that vendors need to be able to provide actionable intelligence out of the mass of data they collect, and not just focus on indicators of compromise which would only address past problems. The Mimecast Threat Analysis Center was also able to identify the top 5 industries being impacted by impersonation attacks which closely aligned with the findings in the report. Financial, Manufacturing, Professional Services, Science/Technology as well as Transportation Industries are top targets globally. Understanding these key pain points helps organisations build a more comprehensive cyber resilience plan.”    

Survey findings in numbers over the previous 12 months: 

94% of organisations experienced phishing attacks 

87% experienced email-based spoofing of business partners or vendors 

75% of organisations saw increases in impersonation attacks; 43% phishing; and 39% internal threats/data leaks 

77% of impersonation attack victims dealt with a direct resulting loss 

81% saw an attack where malicious activity was spread from one infected user to other employees 

62% of organisations experienced a business-disrupting ransomware attack 

39% believe it’s likely or inevitable they’ll suffer a negative business impact from an email-borne attack

Email attacks

39% believe suffering a negative business impact from an email-borne attack is either likely or inevitable.

6% feel it’s inevitable their organisation will suffer a negative business impact from an email-borne attack 

Impersonation and Phishing Attacks: Rising and Worsening

75% said they saw the volume of impersonation attacks increase

77% of impersonation attack victims experienced a direct resulting loss

 -87% saw email-based spoofing of business partners or vendors looking to gain access to money, sensitive intellectual property or login credentials

– 45% have seen this increase 

94% of respondents experienced a phishing attack, 43% saw an increase

Specifically, 35% saw an increase in targeted spear-phishing attacks with malicious links

Read more: Four corporate email oversights that put your organization at risk

Internal Threats and Data Leaks

A massive 81% saw an attack where malicious activity was spread from one infected user to other employees. 10% above the global average

– 41% reported a spread of infected email attachments

– 58% reported a spread of infected URLs via email 

39% noted an increase in internal threats and data leaks

25% feel their email security systems fall short in monitoring and protecting against email-borne attacks or data leaks in internal-to-internal 

32% feel they fall short when it comes to outbound emails

34% feel their email security system falls short in automated detection and removal of malicious emails that have already landed in employees’ inboxes

Ransomware and Downtime

Almost a third (62%) encountered a ransomware attack that directly impacted business operations. 

92% of ransomware victims suffered at least two days of downtime. Three days was the average

Dealing with Data Loss

77% of impersonation attack victims dealt with a direct resulting loss (data, financial or loss of customers)

40% cited data loss, 21% said financial loss, and 23% noted lost customers

30% noted data loss as the thing that hurt their organisation the most

Threat Intelligence: It’s About Taking Action

Immediate Action is Key

99% are using threat intelligence sources, whether in-house or commercial

Yet only 69% consider it an extremely important asset to their organisation right now

24% say it’s very important

76% note that it will be extremely important in the next 12 months

74% use email security systems that provide threat intelligence data to their security teams

And 74% said their email security system can consume and apply threat intelligence data to their other security systems

4% noted that threat intelligence efforts are not happening now or in the future 

Read more: Report reveals phishing attacks with malicious URLs up 126%

Top 10 Takeaways from 2019 State of Email Security report – United Arab Emirates

1-Playing defence only won’t cut it; in 2019 and beyond, you’ve got to be prepared for the worst. 39% of respondents believe that suffering a negative business impact from an email-borne attack is either likely or inevitable. 

2-Security breaches don’t just slow you down, they have a direct impact on your business. The average downtime from a ransomware attack is three days. 

3-Create your plan to combat impersonation attacks. In the previous 12 months alone, more than 86% of respondents experienced an impersonation attack, and 75% saw these types of attacks increase. 

4-One bad click can quickly create a cascade of bad events. 81% of organisations saw malicious activity spread from one infected user to other employees. 

5-Phishing isn’t going away anytime soon. 94% of respondents experienced a phishing attack in the previous 12 months. 

6-If you’re part of a supply chain, you’re a significant target. 87% of IT decision-makers saw email-based spoofing of business partners or vendors in the previous 12 months.

7-Ransomware is on the rise—still. Almost a third (62%) of organisations encountered a ransomware attack that directly impacted business operations. 

8-Data loss should be your biggest concern. Of the organisations that encountered an email-based impersonation attack in the last 12 months, a jaw-dropping 77% experienced a direct loss (data, financial, or loss of customers). 30% of those who suffered losses because of email‐based impersonation attacks noted data loss as the thing that hurt their organisation the most. 

9-Awareness training needs serious attention, improvement and investment. The most widely used method (72%) of awareness training happens in a group session. Is that the most timely or engaging method?

10-You can start a cyber resilience plan in four straightforward steps. Just over half (59%) of organisations have a cyber resilience strategy in place.