IT Brief New Zealand - Technology news for CIOs & IT decision-makers
Story image
Cyber attacks rise 2,650% from January to December
Tue, 15th Feb 2022
FYI, this story is more than a year old

Malware, phishing and spam emails are soaring as cyber criminals target confidential data with more intent.

For instance, the Information Commissioners Office (ICO) has been hit by a 2,650% surge in email attacks during 2021, with a staggering rise in spam emails, according to official figures.

The data, retrieved by the Freedom of Information Act (FOI) and analysed by the Parliament Street think tank, uncovered the volume of phishing emails detected, malware detected and blocked, and spam detected and blocked month by month in 2021.

The number of attacks rose significantly from 150,317 in January to a startling 4,135,075 in December, an increase of 2,650%.

Detected and blocked spam accounted for the majority of the attacks, with a 2,775% increase between January and December, with December in particular seeing a huge spike in attacks.

Phishing emails rose by 20% from January to December, whilst malware soared by 423%. The bulk of the December of attacks came from spam, with 4,125,992 attacks, whilst phishing emails made up 7,886 attacks and malware accounted for 1,197 attacks.

The giant leap in December coincides with the mass spread of the Omicron variant which came accompanied with a swarm of COVID-19 test related attacks, as well as Christmas scams in the lead up to the holidays.

Absolute Software area vice president EMEA Edward Blake says, “Cyber attacks are targeting organisations across the globe at an alarming rate, once again reminding businesses of the need to re-evaluate and revamp their security protection if it is not up to scratch."

Blake says, “Cybersecurity is not just about protecting endpoints via anti-malware or email cybersecurity solutions. Whilst these are important, there are now a variety of access points for cyber criminals to capitalise on that IT leaders need to be aware of.

"These include vulnerable unpatched applications and network vulnerabilities, stolen or illegally purchased log-in credentials, or even by hacking unprotected smart devices.

"In fact, it's no longer even safe to assume that a cyber criminal hasn't already gained access to your organisations system, which is why it's imperative that businesses adopt a zero trust approach to their cyber defences.

"This will ensure that malicious actors can not move laterally across a network once they have gained access, ensuring that a breach in the system does not necessarily equate to a breach in data.

Barracuda Networks manager Steven Peake says, “The pandemic continues to be a catalyst for opportunistic cyber criminals to try and prey on unsuspecting, vulnerable people.

"Our recent research showed a 521% surge in covid test related phishing attacks, so it is hardly surprising to see major organisations, such as the ICO, hit by such a high volume of threats as they represent lucrative targets.

"Phishing emails, malware and spam in particular account for a large proportion of the threats these organisations face so they need to implement measures to protect themselves. These cyber attackers aren't going anywhere anytime soon.

"Utilising sophisticated email security which leverages artificial intelligence can help to identify threats engineered to bypass basic defences, such as spam filters, and block them before they can cause damage is an important measure for protection.

"Leveraging technologies should be paired with staff education, providing awareness of phishing attacks, covid related scams and other possible incoming threats.