Monday Morning Impact – May 15

Zscaler: Nearly 50% Increase in Phishing Attacks; Education, Finance, and Government Heavily Targeted

Zscaler, a San Jose-based cloud security company, has released its 2023 ThreatLabz Phishing Report finding that a majority of modern phishing attacks rely on stolen credentials and outlined the growing threat from Adversary-in-the-Middle (AitM) attacks, increased use of the InterPlanetary File System (IPFS), as well as reliance on phishing kits sourced from black markets and AI tools like ChatGPT.

Phishing attacks around the world rose nearly 50% in 2022 compared to 2021, according to the report. Education was the most targeted industry, with attacks increasing by 576%, followed by finance and government, while last year’s top target, retail, and wholesale, dropped by 67%.

The top five most targeted countries were the United States, the United Kingdom, the Netherlands, Canada, and Russia.

AI tools like ChatGPT & Phishing Kits have significantly contributed to the growth of phishing, reducing the technical barriers to entry for criminals and saving them time and resources. Meanwhile, Vishing, or voicemail-themed phishing campaigns, have evolved from SMS or SMiShing attacks. Attackers are using real voice snippets of the executive team in these vishing attacks by leaving a voicemail of these pre-recorded messages. Then, recipients are pressured into taking action, like transferring money or providing credentials. Many US-based organizations have been targeted using Vishing attacks.

“Threat actors are leveraging phishing kits & AI tools to launch highly effective e-mail, SMiShing, and Vishing campaigns at scale”,” said Deepen Desai, Global CISO and Head of Security at Zscaler. “AitM attacks supported by growth in Phishing-as-a-Service have allowed attackers to bypass traditional security models, including multi-factor authentication. To protect their environment, organizations should adopt a Zero Trust architecture to significantly minimize the attack surface, prevent compromise, and reduce the blast radius in case of a successful attack.”

The report also says that recruitment scams on job recruiting sites are also on the rise. Tech industry layoffs have enabled cybercriminals to more effectively leverage fake job postings, sites, portals, and forms to attract job seekers. Victims would often undergo an entire interview process, with some even being asked to purchase supplies to be reimbursed later.

The report is based on 12 months of global phishing data to identify the latest trends, emerging tactics, and which industries and regions are most impacted by phishing attacks. Data was collected from January 2022 through December 2022.
Channel Impact^®
The threats outlined in this report provide a huge opportunity for channel partners to better understand the attack vectors, and thereby provide strengthened value to customers.

Deepwatch Releases 2023 Adversary Tactics and Intelligence (ATI) Annual Threat Report

Ransomware operators conducted frequent attacks and demanded more ransom than ever, according to the 2023 Annual Threat Report created by the Deepwatch, a Tampa-based managed detection and response (MDR) company. The report also states that attackers are brazenly publicizing victims and stoking an ecosystem of access brokers, ransomware service providers, insurance providers, and ransom negotiators.

The war between Ukraine and Russia unleashed a flurry of amateur and state-sponsored attacks and breaches on organizations and critical infrastructure.
A record 26,448 software security flaws were reported by CISA, with the number of critical vulnerabilities (CVEs) up 59% from 2021, a total of 4,135.

“In 2022, Security Operations teams were forced to contend with the dual sided challenge of a rapidly expanding attack surface and increasingly complex threats,” said Jerrod Barton, Senior Director of ATI at Deepwatch. “As we move forward in 2023, data extortion and attacks of opportunity will continue to evolve, employing different extortion tactics and techniques to force victims to pay the ransom. With threats evolving quickly, security organizations must operationalize threat intelligence by gathering data from every possible source, then effectively processing, correlating, and incorporating that information into day-to-day security operations to reduce risk.”

As cybercriminals look for new ways to access sensitive information for financial gain, information stealing malware will continue to grow in popularity in 2023. As the amount of personal and financial data stored and transmitted online increases, cybercriminals will have more opportunities to steal this information. In addition, as more businesses and individuals work remotely and use devices to access sensitive internet-facing systems, the attack surface increases, giving cybercriminals more attack vectors.

Channel Impact^®
With the increasing complexity of software systems and the growing number of devices connected to the internet, the attack surface for cybercriminals continues to expand. As more sensitive information is stored and processed online, the incentives for attackers to find and exploit vulnerabilities in software systems will continue to grow. Furthermore, many companies and organizations do not have sound vulnerability management programs to identify and fix vulnerabilities in their software systems, making them attractive targets for cybercriminals. Channel partner have a powerful opportunity to intercede on their client’s behalf.

Barracuda Updates Partner Resources

Barracuda Networks, a Campbell, California-based cloud security company, has announced key channel hires, additional partner enablement resources, and an expanded global footprint.

The company recently hired Maria Martinez as VP of Channels, Americas and promoted Karen Ward to VP, MSP Sales, Americas. Martinez brings more than 20 years of channel experience, including how to accelerate channel sales growth and enhance program development. Ward has been with Barracuda’s MSP business unit for more than six years, focusing her and the team’s efforts on partner success and development.

Additionally, partner-facing technical education and training have been upgraded, and an increased focus on extended detection and response (XDR) technology has been added.

Barracuda is also expanding its global presence with regional channel ecosystem and sales directors in the Asia Pacific region. Earlier this month, Andy Lau joined Barracuda as Director, Partner Ecosystems and Alliance for Asia Pacific & Japan and Makoto Suzuki joined as Regional Sales Director for Japan.

Channel Impact^®
The updates are expected to upgrade partner experience and help drive partner success, in addition to the expansion of the company’s channel ecosystem.