Survey: Phishing & Ransomware Attacks are Top Concerns

Trend Micro -

The latest ransomware attack we saw targeting Kaseya customers utilized a vulnerability, but if you look at most attacks today, many will start with a phishing email targeting employees. Interestingly our data has shown a shift from these emails containing either a weaponized attachment or a malicious link, to having both now.  Malicious actors apparently are hoping an employee falls for one or the other. 

As a side note, as I was reading this report, which was written not too long ago, I saw this statement and thought it was quite prophetic as we’re currently dealing with the Kaseya attack that started the Friday afternoon of the July 4th holiday weekend:

Cybercriminals are also embracing underhanded guerrilla-warfare tactics to create massively disruptive encryption events at the worst time possible for an organization—such as late in the evening just before a major holiday weekend or vacation, or the day before school starts in the education sector. Such timing increases the social pressure on everyone who has a say in the resolution, making payment of the ransom seem like the easiest way out of the immediate problem.

Modern ransomware attacks now follow a model where the targeted victim’s network is infiltrated first

Read More: