With Q1 data now available for our first report of 2022, our cause of loss by vector graph clearly illustrates that fraud, both with and without system infiltration, is experiencing a notable rise. Note the prevalence of vendor incidents that simply cannot be ignored. This is an important reminder to organizations that vendor due diligence should always be a top priority; if your vendors are infiltrated, your organization’s data is vulnerable.
When it comes to ransomware vectors, we see a variety of ways that threat actors are compromising organizations. It’s not enough, clearly, to focus on one area of cyber hygiene. With risk looming on all fronts, just securing the perimeter is no longer enough. Organizations need a comprehensive approach that addresses all stages of the ransomware kill chain in order to be resilient and minimize damage from attacks.
Business email compromise remains an issue, with a particularly notable rise in professional services firms becoming victim to this attack – this industry class rose to 33% in Q1 of this year. Organizations cannot ignore this trend and should be diligent about training and education in response to the threat.
And finally, data exfiltration continues to be an effective tool in the threat actors’ arsenal, making this a natural focus for this quarter’s topical deep dive. Read on to learn more about how extortion is evolving and becoming more complex – and about what that means for your organization.