A report from cyber-security experts, Secureworks claims that ransomware is no longer the number one method of cyber-attack for hackers looking solely for profit.
From analysing more than 500 real-world security incidents that took place in 2022, Secureworks research has discovered that cyber-thieves now prefer to use Business Email Compromise (BEC) attacks.
According to the report, the number of BEC incidents doubled, making it the most common type of attack. Phishing (a form of social engineering where attackers deceive people into revealing sensitive information or installing malware such as ransomware) now accounts for 33% of cyber incidents where an initial access vector could be established, up from just 13% in 2021.
Although Secureworks noted that ransomware incidents reduced by 57% last year, they are still a concerning threat. The researchers speculate the change could be that law enforcement agencies are getting better at stopping them, or it might just be a change in tactics. BEC attacks might be easier to run, because they can phish multiple organisations at once, looking for potential victims without needing any advanced skills or tactics.
There are a number of actions that organisations can take to stay safe from BEC attacks, including educating employees about cyber awareness and keeping passwords secure, as well as setting up a strong email security system, including using multi-factor authentication where possible.
You should also check out Cyber Essentials, a UK certification scheme designed to show whether an organisation has cyber security protection in place. Find out more about Cyber Essentials, and how First Class can help you protect your business from cyber attacks here.
