2021 Retirement Plan Limitations
On October 26, 2020, the Internal Revenue Service announced the cost-of-living adjustments (COLA) that will take effect January 1, 2021 (IRS Notice 2020-79). ...
One sector benefiting from the shift to remote work continues to be cybercrime, including Malware-as-a-Service (MaaS) model cybercrime groups, who will attack a specific target for the right price. The shift by many to fully remote operations has presented cybercriminals with an continuous opportunity for financial gain during the pandemic. Businesses that may not have had a remote work policy in place or properly implemented security controls to manage remote work are easy targets for threat actors. Additionally, without the ability to communicate face-to-face during the course of business, the volume of emails being sent to conduct business has increased. Attackers have seen these factors and decided to capitalize on the opportunity presented to them.
One organization tracking this trend is Mimecast, a company specializing in cloud-based email management and security. Mimecast provides solutions that filter emails to provide protection against malicious URLs, malware, impersonation attacks and internal threats. In June of this year, Mimecast released their Threat Intelligence Report – Black Hat USA Edition 2020 whitepaper. This whitepaper covers the overall cyber threat landscape both in the United States and globally for the period January 2020 to June 2020. Using data from the threats that Mimecast’s email security solutions have detected and blocked, the report provides key insights into the latest trends occurring in the 2020 cyber threat landscape.
From January 2020 to June 2020 the Mimecast Threat Center analyzed more than 195 billion emails in the US and Caribbean region, and globally, Mimecast processed over 378 billion emails. 92 billion emails of the 195 billion emails processed in the US were rejected as being potentially malicious. 671 million emails globally and 290 million emails in the US were linked to a cyber-attack campaign. The day with the greatest number of detections was April 21st, 2020 in the United States with 3.9 million detections and February 11th, 2020 globally with 7.1 million detections.
From analyzing these blocked emails, Mimecast was able to report that threat actors were increasingly attempting to impersonate legitimate email senders, otherwise known as phishing. Mimecast reported a 24% increase in phishing attempts from January 2020 to April 2020 alone. The Mimecast Threat Center attributed these attacks to organized crime groups with the primary motivation being financial gain, in contrast to other motivations such as intellectual property theft. The most common means of attack was to pair these phishing attempts with ransomware to allow attackers to extort payment from the owners of the systems affected.
With this shift to remote work, businesses had to quickly roll out the infrastructure to support their new remote environment and policies, procedures, and controls have not been as stringent as they would in a traditional work environment. This gave attackers a golden opportunity to launch more attacks and increase the success of the attacks they perform. In their report, Mimecast split these threats into four categories: spam, impersonation attempts, opportunistic attacks, and targeted attacks:
What Can You Do To Protect Yourself?
Looking at the numbers from Mimecast’s report, with 290 million malicious email detections in the first six months of 2020 alone, it’s not a matter of if an attacker attempt to act against you or your organization, it’s a matter of when. We have all been targeted in some way by malicious actors, whether that takes the form of spam emails, phishing, or something more complex. But the good news is that there are easily achievable ways of reducing the likelihood of a successful attack.
About Schneider Downs Cybersecurity
The Schneider Downs cybersecurity practice consists of experts in multiple technical domains. We offer a comprehensive set of information technology security services including penetration testing, intrusion prevention/detection review, ransomware security, vulnerability assessments, and a robust digital forensics and incident response team. For more information, visit www.schneiderdowns.com/cybersecurity.
In addition, our Incident Response Team is available around the clock at 1-800-993-8937 if you suspect your organization is experiencing a network incident.
On October 26, 2020, the Internal Revenue Service announced the cost-of-living adjustments (COLA) that will take effect January 1, 2021 (IRS Notice 2020-79). ...
Schneider Downs continues to track the evolving landscape of federal financial programs offered in the wake of the business disruption caused by the coronavirus ...
We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.
Ask us
One PPG Place, Suite 1700
Pittsburgh, PA 15222
contactsd@schneiderdowns.com
p:412.261.3644
f:412.261.4876
65 East State Street, Suite 2000
Columbus, OH 43215
contactsd@schneiderdowns.com
p:614.621.4060
f:614.621.4062
1660 International Drive, Suite 600
McLean, VA 22102
contactsd@schneiderdowns.com
p:571.380.9003