Phishing Attacks Top List of Initial Access Vectors with Backdoor Deployment as Top Objective
New data looking back at the cyber attacks observed in 2022 shows that phishing continues to dominate as initial access brokers seem to be growing their business using backdoors.
The rise of the initial access broker (IAB) over the last two years has been a case study in a service meeting the demands of a market. Think about the rise of ransomware-as-a-service (RaaS) over the last few years putting world-class malware into the hands of literally anyone – including those with no cyber skills. So, if you’re a young newbie who wants to get into the ransomware game, you still need to have access to a victim network, right?
Enter in IABs.
These folks sell access for anywhere from $10 to $10,000 and, according to IBM Security’s latest X-Force Threat Intelligence Index report, it appears that this is a prevalent business model for ransomware threat actors.
According to the report:
- 41% of incidents started with a phishing or spear phishing attack
- Deployment of backdoors was the top action objective at 21% of incidents
- Extortion was leading impact of attacks at 27% of incidents
These actions topping the list help to paint the picture that IABs use phishing and/or spear phishing to deploy backdoors, establishing persistent access to the victim network. Then ransomware affiliates purchase the access, set their newly-purchased ransomware free within the victim network and reap the rewards of their efforts.
This business model isn’t going anywhere, as it allows each of the players in the cybercrime ecosystem to focus on just the part they’re really good at. And because phishing is the primary driver of success here, it’s also the point at which your organization needs to put the most emphasis on. This includes a layered preventative solution-based approach, as well as Security Awareness Training for your users to ensure that anything that gets by your security solutions doesn’t stand a chance against your cyber-educated users.
The world’s largest library of security awareness training content is now just a click away!
In your fight against phishing and social engineering you can now deploy the best-in-class simulated phishing platform combined with the world’s largest library of security awareness training content; including 1000+ interactive modules, videos, games, posters and newsletters.
You can now get access to our new ModStore Preview Portal to see our full library of security awareness content; you can browse, search by title, category, language or content topics.
The ModStore Preview includes:
- Interactive training modules
- Videos
- Trivia Games
- Posters and Artwork
- Newsletters and more!
PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/one-on-one-demo-partners?partnerid=001a000001lWEoJAAW