According to a new survey by the SANS Institute set to be released on Aug. 11, exploits against endpoints are on the rise and the damage associated with such compromises are growing at a fast rate.
“The perfect storm is upon us,” Lee Neely, mentor and instructor at the SANS Institute, said. “Ransomware is on the rise and its primary distribution mechanisms, phishing and web drive-bys, are at the top of the successful attack list.”
Survey respondents said that impactful threats enter organizational infrastructures though a number of ways. Seventy-five percent of respondents said that impactful threats had entered though email attachments, 46 percent said such threats also entered though a user’s browser via malicious links and 41 percent saw threats start at the browser with web drive-by downloads. Those types of threats rely on users and the security associated with their connected devices to initiate their attacks.
Phishing combined with ransomware make up the top significant impact threats worldwide, with 68 percent of respondents saying that they have seen an increase in general phishing threats, 49 percent saw an increase in ransomware, and 47 percent saw an increase in targeted phishing and phishing company executives, also known as spearphishing and whaling.
“Users and their endpoints are ground zero for the attackers trying to take over our systems and information,” Neely said. “The current threat landscape is showing the gaps in our defense mechanisms are ripe for exploit.”