Skip to content

At The Identity Organisation, we're here to help!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    Phishing Attacks Top List of Initial Access Vectors with Backdoor Deployment as Top Objective

    New data looking back at the cyber attacks observed in 2022 shows that phishing continues to dominate as initial access brokers seem to be growing their business using backdoors.

    The rise of the initial access broker (IAB) over the last two years has been a case study in a service meeting the demands of a market. Think about the rise of ransomware-as-a-service (RaaS) over the last few years putting world-class malware into the hands of literally anyone – including those with no cyber skills. So, if you’re a young newbie who wants to get into the ransomware game, you still need to have access to a victim network, right?

    Enter in IABs.

    These folks sell access for anywhere from $10 to $10,000 and, according to IBM Security’s latest X-Force Threat Intelligence Index report, it appears that this is a prevalent business model for ransomware threat actors.

    According to the report:

    • 41% of incidents started with a phishing or spear phishing attack
    • Deployment of backdoors was the top action objective at 21% of incidents
    • Extortion was leading impact of attacks at 27% of incidents

    These actions topping the list help to paint the picture that IABs use phishing and/or spear phishing to deploy backdoors, establishing persistent access to the victim network. Then ransomware affiliates purchase the access, set their newly-purchased ransomware free within the victim network and reap the rewards of their efforts.

    This business model isn’t going anywhere, as it allows each of the players in the cybercrime ecosystem to focus on just the part they’re really good at. And because phishing is the primary driver of success here, it’s also the point at which your organization needs to put the most emphasis on. This includes a layered preventative solution-based approach, as well as Security Awareness Training for your users to ensure that anything that gets by your security solutions doesn’t stand a chance against your cyber-educated users.


    The world’s largest library of security awareness training content is now just a click away!

    In your fight against phishing and social engineering you can now deploy the best-in-class simulated phishing platform combined with the world’s largest library of security awareness training content; including 1000+ interactive modules, videos, games, posters and newsletters.

    You can now get access to our new ModStore Preview Portal to see our full library of security awareness content; you can browse, search by title, category, language or content topics.

    The ModStore Preview includes:

    • Interactive training modules
    • Videos
    • Trivia Games
    • Posters and Artwork
    • Newsletters and more!

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/one-on-one-demo-partners?partnerid=001a000001lWEoJAAW

    Sign Up to the TIO Intel Alerts!

    Back To Top