As information security professionals approach the finish line of another year, it’s fair to say the past 12 months have once again been packed with incident. Just as cybercrime is no respecter of international borders, so it doesn’t usually conform to neat 12-month cycles. However, taking stock of the biggest trends and stories over the year can be a useful discipline in helping to drive a more strategic way of thinking going forward.
So what have we learned from 2018?What have we learned from 2018? Email is still the #1 threat vector, delivering attacks phishing, BEC, crypto-mining, ransomware, and other attacks in ~ 1 of every 10 messages. via @PhilMuncaster Click To Tweet
Email still the number one vector
First, the stuff you already know. Email continued to be the number one threat vector this year, accounting for over 80% of threats spotted in the wild, according to most estimates. One firm claimed that as many as one in 10 emails are malicious. They deliver phishing attempts, BEC scams, crypto-mining malware, ransomware and much more. Over a third of global organisations Barracuda Networks interviewed for its Email Security Trends 2018 report said they’d experienced a phishing attack. That’s bad news when you consider that 93% of all breaches analysed by Verizon featured a phishing element.
Phil Muncaster is a technology writer and editor with over 12 years’ experience working on some of the biggest technology titles around, including Computing, The Register, V3 and MIT Technology Review. He spent over two years in Hong Kong immersed in the Asian tech scene and is now back in London where information security has become a major focus for his work.