An increasing number of cyber-attacks are taking place by e-mail. A recent report published by Trend Micro, partner of Kirey Group, entitled "Cloud App Security Threat Report 2021", confirms this trend by presenting data collected in 2021 by the Trend Micro Cloud App Security platform.
The report’s main topic is the e-mail inbox, which has become even more susceptible to cyber-threats in the 2020-2021 biennium since the pandemic has suddenly changed the organization of work and IT infrastructure.
E-mail threats blocked by Trend Micro in 2021 were 74.1% overall: a considerable number, confirming e-mail as one of the most effective channels for spreading malware, phishing, ransomware, and business e-mail compromise (BEC) attacks. In absolute terms, there were 33.6 million email threats blocked by Trend Micro in 2021, +101% over the previous year.
👉 Read the full Trend Micro report
The number of malware files detected and blocked by Trend Micro Cloud App Security in 2021 exceeds 3 million, of which more than 2.5 million are unknown. This is an exponential growth of +196% compared to malware files detected in 2020. On the qualitative side, however, we can see a refinement in the tactics used by cybercriminals: they are more elaborated and leverage social engineering lures.
Phishing attacks are also showing an increasing trend, with a total of more than 6 million frauds registered and blocked in 2021, marking a +15.2% over 2020.
For ransomware, on the other hand, the trend is downward, with -43.4% compared to 2020. This can be attributed both to the greater effectiveness of prevention systems such as Trend Micro's and to the change in the attack strategy of contemporary ransomware, which is now geared toward targeting specific users who are very carefully chosen based on vulnerability and ability to bring profit.
In the cybersecurity ecosystem, business e-mail compromise (BEC) threats still account for a small portion of the total: in 2021, Trend Micro Cloud App Security identified over 280,000 of them, -10% over 2020. However, these frauds continue to generate very serious losses for both businesses and individuals: according to the FBI's most recent Internet Crime Report, in 2021 alone, BEC attacks earned cybercriminals about $2.4 billion. A huge loss, due to the devious techniques by which BEC frauds operate: they are emails curated in form, coming from senders who may appear plausible and difficult to distinguish from colleagues, suppliers, or customers’ emails. Using spoofing techniques, cybercriminals gain the trust of their target (often C-level, executive, or manager), to steal sensitive data, and authorize or arrange payments.
Cyberattacks and frauds are no more just occasional events that affect only multinational corporations: today they are widespread across all levels of business. That's why it’s important to rely on a structured organization like Kirey Group which, in this evolving scenario, can guide your business in adopting the most appropriate tools and procedures to counter cyberthreats.
Advice from the Kirey Security area allows the organization to deploy an effective and comprehensive threat protection system, which considers all stages of the process: from preventive actions to incident triage, to the definition of procedures for recovering operations in the shortest possible time. All this is possible thanks to Kirey Group's valuable expertise in security, supported by a strong partner network that counts the best vendors on the market.