New research looks into human factors in cyber attacks
- Published: Friday, 24 April 2015 07:13
Proofpoint, Inc., has released the results of its annual study that details the ways attackers exploit end-users' psychology to circumvent IT security. The Human Factor Report 2015 reveals that last year was the year attackers “went corporate” by changing their tactics to focus on businesses rather than consumers, exploiting middle management overload of information sharing, and trading off attack volume for sophistication.
The Proofpoint findings reiterate how human actions, not simply system or software vulnerabilities, has significant implications on enterprise security: and what protection is necessary in a “world where everyone clicks.”
Key findings from The Human Factor Report 2015 include:
- Every organization clicks. On average, users click one of every 25 malicious messages delivered. No organization observed was able to eliminate clicking on malicious links.
- Middle management is a bigger target. Representing a marked change from 2013 when managers were less frequently targeted by malicious emails, in 2014 managers effectively doubled their click rates compared to the previous year. Additionally, managers and staff clicked on links in malicious messages two times more frequently than executives.
- Sales, finance and procurement are the worst offenders when it came to clicking links in malicious messages, clicking on links in malicious messages 50-80 percent more frequently than the average departmental click rate.
- Clicks happen fast. Organizations no longer have weeks or even days to find and stop malicious emails because attackers are luring two-out-of-three end users into clicking on the first day, and by the end of the first week, 96 percent of all clicks have occurred. In 2013, only 39 percent of emails were clicked in the first 24 hours; however, in 2014 that number increased to 66 percent.
- Attacks are occurring mostly during business hours. The majority of malicious messages are delivered during business hours, peaking on Tuesday and Thursday mornings. Tuesday is the most active day for clicking, with 17 percent more clicks than the other weekdays.
- Users learn, but attackers adapt faster than users can learn. The use of social media invitation lures, which were the most popular and effective email lures in 2013, decreased 94 percent in 2014. Email lures that employ attachments rather than URLs, such as message notification and corporate financial alerts, increased significantly as a vector. During select days in 2014, Proofpoint saw a 1,000 percent increase in messages with malicious attachments over the normal volume. The most popular email lures in 2014 included: e-fax and voicemails notifications, and corporate and personal financial alerts.
Proofpoint’s report is based on data gathered from its suite of advanced threat protection products that are live within customer environments. To obtain a copy of Proofpoint's Human Factor Report, please visit www.proofpoint.com/humanfactor