Cybercriminals focus on social engineering as other attacks decline
The latest Global Security Report from Trustwave, based on analysis of more than a trillion logged events in 2019, reveals that corporate systems continue to be most targeted by cybercriminals, at 54 percent.
This is followed by e-commerce at 22 percent down five percent when compared to 2018. Cloud services have seen the biggest increase and are now the third most targeted environment accounting for 20 percent of investigated incidents up significantly from seven percent the previous year.
Social engineering remains the favored method of compromise. Half of all incidents investigated by Trustwave analysts were the result of phishing or other social engineering tactics, up from 33 percent in 2018.
Interestingly though the volume of spam email hitting organizations fell from 45.3 percent in 2018 to 28.3 percent in 2019 due to several large spamming operations reducing their activities or vanishing altogether.
"Our 2019 findings depict organizations under tremendous pressure contending with adversaries who are methodical in selecting their targets and masterful at finding new pathways into environments as the attack surface widens," says Arthur Wong, chief executive officer at Trustwave. "We continue to see the global threat landscape evolve through novel malware delivery, inventive social engineering and the ways malicious behaviors are concealed. How fast threats are detected and eliminated is the top cybersecurity priority in every industry."
Organizations do seem to be getting better at detecting threats though. The median time duration from threat intrusion to detection when detected internally dropped to just two days, down from 11 days in 2018. However, the median time duration from threat intrusion to detection when detected externally by a third party rose significantly to 86 days from 55 days just a year ago.
There's lots more detail in the full report which you can get from the Trustwave site.