Bad actors continue to be persistent, warns expert
A new report has highlighted the importance of a multilayered cybersecurity approach for businesses of all sizes due to threat actors that have continued to “double down on longstanding tactics while demonstrating innovation with new techniques.”
According to the 2023 OpenText Cybersecurity Threat Report, the past year saw a significant increase in cyber threat actors concealing the location of URLs that host malware and phishing sites, as the percentage of malicious links concealed behind a proxy or geolocation-masking service increased by 36% year over year.
Online cybersecurity threats have also continued to emerge at an alarming pace, the report found, with malicious websites “coming online daily.” At the same time, legitimate sites were occasionally compromised and co-opted for nefarious purposes.
“Cyber bad actors, including nation-state players, continue to be persistent, innovative and effective,” said Prentiss Donohue, executive vice president at OpenText Cybersecurity. “Acknowledging risks and preparing accordingly with a multilayered approach to protecting data are recommended courses of action for businesses of every size.”
Other highlights from the report include information about malware, as rising geopolitical tensions continued to influence malware campaigns.
According to the report, manufacturing remained to be the top industry vertical targeted by malware attacks. Additionally, an analysis of high-risk URLs has shown that each malicious domain hosts 2.9 malware links on average, compared to 1.9 phishing links.
On the subject of phishing, email phishing was found to be the primary vector for infection, with over 1 billion unwanted emails being classified as such. Furthermore, spear phishing email traffic grew by 16.4% annually and now accounts for about 8.3% of all email traffic.
The OpenText report also drew attention to ransomware as it remains a “significant threat,” with median payments rising from $70,000 to almost $200,000.
Finally, it emphasized the importance of having a multilayered cyber defence strategy, noting that there was a 40.3% reduction in the number of devices that encountered malware for users who adopted three layers of protection, namely Webroot SecureAnywhere, Webroot Security Awareness Training, and Webroot DNS Protection, versus just one.