eSentire 2Q17 Threat Report: Phishing, Fraud Attacks On the Rise
Fraud attacks rose 14 percent on a quarter-over-quarter basis in the second quarter of 2017, according to the latest threat report from managed detection and response (MDR) services provider eSentire. In addition, eSentire noted phishing, a “preferred attack vector over client-side exploitation,” played a key role in the fraud attack increase in 2Q17.
Other findings from the eSentire “2017 2Q Quarterly Threat Report” of more than 1,500 proprietary network and host-based detection sensors included:
- Reputation block attacks increased 12 percent on a quarter-over-quarter basis.
- Malicious code attacks fell 5 percent between the first and second quarters of 2017.
- The largest spike in information gathering and intrusion attempts took place in mid-May; this occurred around the same time that the WannaCry ransomware spread worldwide.
- Malicious code attacks often took place on weekdays, while information gathering and intrusion attempts showed no preference for any one day of the week in 2Q17. Also, fraud attacks and phishing-related activities occurred most frequently in the middle of the week.
- Finance organizations experienced the largest total volume of cyberattacks and biotechnology and technology firms suffered the largest volume per active Internet device in 2Q17.
The number of cyberattacks was nearly identical in the first and second quarters of 2017, eSentire said. Furthermore, eSentire’s “Q1 2017 Midmarket Threat Report” showed intrusion attempts were the most prominent threat type in the first quarter.
Tips to Combat Cyber Threats
Mitigating the effects of cyberattacks is a major challenge for organizations of all sizes and across all industries, eSentire indicated. However, organizations that understand how to eliminate security gaps may be better equipped than others to stop cyberattacks before they can cause long-lasting brand reputation damage.
Cybercriminals continue to target dated vulnerabilities, eSentire said, and organizations should consider expediting the deployment of critical software security patches and performing regular scans of publicly facing infrastructure. With these security tactics, organizations can improve their vulnerability detection and remediation and stop cyberattacks before they can escalate, eSentire pointed out.