Stop thinking of the United States as an innocent victim of cyber crime.
The U.S. was the source of 41% of the world’s phishing attacks last year, making it the global leader,
and 63% of all cyber crime attempts in general, according to an analysis of trillions of security logs and six billion attempted attacks
by NTT Security.
NTT doesn’t comment on this — its purpose is to prepare organizations for the threat. But what a sorry finding it is, based on our reading of the charts.
The U.S. was followed as a phishing source by the Netherlands (38%) and France (5%). Overall, Europe, the Middle East and Africa (EMEA) together accounted for 53% of the world’s phishing, NTT Security continues.
There was, however, one other leader — Japan. It was the largest source of botnet activity, accounting for almost half of the volume.
Of the cyber attacks against the Americas, 65% came from the region, and 54% from the U.S. alone. Another 17% originated from China and 5% from Turkey. And of the attacks against EMEA, 26% were from the U.S., 10% from the UK and 11% from France.
The top phishing targets were governments (65%) and business and professional services. Among the latter, health care was the first industry (17%), followed by finance (16%), business services (14%) and retail (12%).
So what else can we learn from this report? Here are some findings of the criminal misuse of email:
How many organizations had an incident response plan to fight all this? Only 32% — hardly enough, but better than the 23% reported in prior years. But companies without such a plan risk these damages from phishing:
Given all we know about phishing, you’d think we would have put an end to it by now. But no — over 60% of NTT Security’s recent incident response engagements were related to the activity. And here are the ways phishing can hurting your company:
We urge you to read NTT's full Global Threat Intelligence Report: In addition to recommending specific actions, it makes the case that the problem cannot be ignored.
“Enterprise clients face a wide variety of threats,” says Kazuhiro Gomi, president and CEO of NYY America, in the report. “While advanced malware may be a significant issue, attackers to not limit themselves and complex security breaches and intellectual property theft from organized groups and potential state sponsored attacks require more advanced strategies.”
What a pertinent comment, given the probes into the alleged Russian hacking of our political candidates.