• by Ray Schultz , Columnist, May 11, 2017

Stop thinking of the United States as an innocent victim of cyber crime.

The U.S. was the source of 41% of the world’s phishing attacks last year, making it the global leader, and 63% of all cyber crime attempts in general, according to an analysis of trillions of security logs and six billion attempted attacks by NTT Security.

NTT doesn’t comment on this — its purpose is to prepare organizations for the threat. But what a sorry finding it is, based on our reading of the charts.  

The U.S. was followed as a phishing source by the Netherlands (38%) and France (5%). Overall, Europe, the Middle East and Africa (EMEA) together accounted for 53% of the world’s phishing, NTT Security continues.

There was, however, one other leader — Japan. It was the largest source of botnet activity, accounting for almost half of the volume.

Of the cyber attacks against the Americas, 65% came from the region, and 54% from the U.S. alone. Another 17% originated from China and 5% from Turkey. And of the attacks against EMEA, 26% were from the U.S., 10% from the UK and 11% from France.

The top phishing targets were governments (65%) and business and professional services. Among the latter, health care was the first industry (17%), followed by finance (16%), business services (14%) and retail (12%).

So what else can we learn from this report? Here are some findings of the criminal misuse of email: 

• Phishing accounted for 73% of the malware sent to organizations.
• Nearly 30% of the attacks targeted Adobe products, Java, Microsoft Internet Explorer. Flash Player, Microsoft Internet Explorer, and Microsoft Silverlight were the most targeted end-user technologies.
• Almost 80% of the detected ransomware was in four industries: business and professional services (28%), government (19%), health care (15%), and retail (15%).
• Only 25 passwords accounted for nearly a third of all authentication attempts against NTT Security Honeypots (i.e., systems built as lures to attract attackers and gather information).

How many organizations had an incident response plan to fight all this? Only 32% — hardly enough, but better than the 23% reported in prior years. But companies without such a plan risk these damages from phishing:

Given all we know about phishing, you’d think we would have put an end to it by now. But no — over 60% of NTT Security’s recent incident response engagements were related to the activity. And here are the ways phishing can hurting your company:

• Infecting an employee’s computer with malware
• Obtaining personal information for one or more employees
• Obtaining an employee’s username and password 
• Convincing an employee to perform wire transfers

We urge you to read NTT's full Global Threat Intelligence Report: In addition to recommending specific actions, it makes the case that the problem cannot be ignored.

“Enterprise clients face a wide variety of threats,” says Kazuhiro Gomi, president and CEO of NYY America, in the report. “While advanced malware may be a significant issue, attackers to not limit themselves and complex security breaches and intellectual property theft from organized groups and potential state sponsored attacks require more advanced strategies.”

What a pertinent comment, given the probes into the alleged Russian hacking of our political candidates.