It's predicted that in 2017 business and consumer emails will reach 269 billion messages every single day
. Of those 269 billion messages, spam and malicious emails — which could include anything from a phishing attack to ransomware to malware — will account for 65 percent of the total email volume.
These numbers are striking, which is why Sean Vogt, Director of Operations at Zix's Center of Excellence for Advanced Threat Protection, discussed in a recent webinar
the increasingly severe consequences of email-borne cyberattacks and the steps organizations can take to protect themselves.
According to all meaningful metrics, the threat landscape is growing. Organizations must understand why it's so large, what's going on in the marketplace, and why they should expect that cyberattacks will be an ongoing threat well into the future.
A Cybersecurity Strategy for Maximum Protection
In recent years, ransomware, business email compromise (BEC) scams, and phishing have proven to be brutally effective threats. When a solution is developed to eliminate one problem, cybercriminals simply improve or create another one, forcing businesses to constantly play catch up.
And when an email inbox is potentially being bombarded by all three, the risk for a breach is even greater.Thus, organizations that follow these strategies can better protect themselves and their people from this broad threat landscape:
- Ransomware: The frequency of ransomware attacks increased by 4,000 percent in March 2016. During peak periods of the attack, as many as 100,000 computers were infected daily. For the most comprehensive coverage, organizations should rely on the best-in-class security solutions and a layered approach that incorporates email filtering, firewalls, and browser protections. Because email is at the frontline of the battle, organizations should also implement solutions that provide active protection that goes beyond known signatures to filter out all suspicious messages.
- BEC Scams: Attackers made over $360 million from BEC scams targeting U.S. companies in 2016 alone. And while this attack strategy is comparatively low in volume by ransomware standards, the average profit per scam is exponentially higher, with $30,000 extorted per victim. Thus, hackers behind these scams are highly motivated to catch people off-guard and cash in. The best defense strategy is to put policies in place that proactively prohibit that. For instance, organizations can create a system that requires phone confirmation before approving an unexpected request for payment.
- Phishing: In addition to advanced threat protection, user training is an effective and efficient defense mechanism — for phishing specifically and for all of these threats more generally. Keeping users up-to-date on the latest attacks, and training users on things like password strength can help eliminate a major source of an organization's vulnerability.
Any organization that dismisses, minimizes, or otherwise ignores the present and future threat of cybersecurity is playing with fire. At Zix, we know that no protection strategy is foolproof. Organizations that remain aware of the threat landscape and utilize these strategies to protect themselves from email-borne attacks are ensuring that they're cybersecurity platform is as good as it can be.
For a deeper dive into this topic, watch the archived webinar Wake Up and Smell the Breaches: Staying Ahead of Cyberattacks