this post was submitted on 24 Dec 2023
21 points (80.0% liked)

cybersecurity

3249 readers
1 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Enjoy!

founded 1 year ago
MODERATORS
 

The Internet and email is old at this point.

It can be reasonably argued that email links are a significant threat vector right now.

So far, we just keep trying to sandbox links or scan attachments, but it's still not stopping the threat.

My questions for comment:

  • Would removing anonymity from email reduce or remove this threat? If business blocked all uncertified email senders, would this threat be gone?
  • Why can't we do PKI well after a few decades?
  • Does anyone believe PKI could apply to individuals? In the context of identity for email, accounts, etc?

I see services like id.me and others and wonder why we can't get digital identity right and if we could, would it eliminate some of the major threats?

Image credit: https://www.office1.com/blog/topic/email

Edit, post not related to the site or any service, just image credit.

you are viewing a single comment's thread
view the rest of the comments
[–] bahbah23@lemmy.world 10 points 10 months ago (4 children)

Would you mind pointing me at research that demonstrates that email links are the number one threat vector right now?

[–] cryptiod137@lemmy.world 4 points 10 months ago

I can say from personal experience that that is the case, but I don't have any empirical evidence.

[–] colossus@infosec.pub 3 points 10 months ago* (last edited 10 months ago)

As someone who leads a major MDR and IR service, phishing was the root cause of about 7.5% of incidents last year. Exploits are #1 around 47% of incidents, followed by compromised credentials around 30% of incidents.

This only represents SME and Enterprise. Phishing likely could be #1 for individuals.

[–] MSgtRedFox@infosec.pub 1 points 10 months ago (1 children)

A quick Google search gives tons.

  • Introducing Cloudflare's 2023 phishing threats report: This report analyzes global survey responses, simulated phishing exercises and real-world attacks, and reveals a 1,265% increase in phishing emails since the launch of ChatGPT, a generative AI tool that can create convincing fake content¹.
  • CISA, NSA, FBI, and MS-ISAC Release Phishing Prevention Guidance: This guide outlines phishing techniques malicious actors commonly use and provides guidance for both network defenders and software manufacturers to reduce the impact of phishing techniques used in obtaining credentials and deploying malware².
  • The State of Phishing 2023: This report takes an in-depth look at cybersecurity threat trends with insights into how cybercriminals are swiftly advancing and what is required to stop them. It also highlights how attackers use deceptive links, identity deception, and brand impersonation to trick their victims³.
  • 2023 'State of the Phish' - Findings Sneak Peek: This study covers more countries and more threat types than ever, and uncovers critical gaps in people’s security knowledge and behavior. It also shows how today’s cyber threats are evolving and how attackers exploit the entities we trust and need to get work done⁴.
  • The Biggest Security Threat of 2023? It's Phishing: This article explains how phishing works and why it is still such a threat, and what you can do to keep yourself safe. It also warns about the dangers of spear phishing, HTTPS phishing, email phishing, and vishing⁵.

These are some of the sources that I found that support the claim that phishing is one of the top cyber security threats and vectors for 2023. I hope you find them useful and informative. 😊

Source: Conversation with Bing, 12/24/2023 (1) Introducing Cloudflare's 2023 phishing threats report. https://blog.cloudflare.com/2023-phishing-report/. (2) Introducing Cloudflare's 2023 phishing threats report. https://blog.cloudflare.com/2023-phishing-report/. (3) CISA, NSA, FBI, and MS-ISAC Release Phishing Prevention Guidance. https://www.cisa.gov/news-events/alerts/2023/10/18/cisa-nsa-fbi-and-ms-isac-release-phishing-prevention-guidance. (4) CISA, NSA, FBI, and MS-ISAC Release Phishing Prevention Guidance. https://www.cisa.gov/news-events/alerts/2023/10/18/cisa-nsa-fbi-and-ms-isac-release-phishing-prevention-guidance. (5) The State of Phishing 2023 | SlashNext. https://slashnext.com/state-of-phishing-2023/. (6) The State of Phishing 2023 | SlashNext. https://slashnext.com/state-of-phishing-2023/. (7) 2023 'State of the Phish' - Findings Sneak Peek | Proofpoint US. https://www.proofpoint.com/us/blog/security-awareness-training/2023-state-of-the-phish-findings-sneak-peek. (8) 2023 'State of the Phish' - Findings Sneak Peek | Proofpoint US. https://www.proofpoint.com/us/blog/security-awareness-training/2023-state-of-the-phish-findings-sneak-peek. (9) The Biggest Security Threat of 2023? It's Phishing - MUO. https://www.makeuseof.com/biggest-security-threat-2023-phishing/. (10) The Biggest Security Threat of 2023? It's Phishing - MUO. https://www.makeuseof.com/biggest-security-threat-2023-phishing/.

[–] CaptObvious 4 points 10 months ago (1 children)

How do these demonstrate that email is the main attack vector?

[–] MSgtRedFox@infosec.pub 1 points 10 months ago (1 children)

Did you need it to say: I felt like the number one? I was basing my assessment on all the recent breach notices I've heard.

Maybe you can qualify the threats statistically, or from Gartner surveys.

Right now, we're all left with people having to deal with being one click away from workstation compromise, PrivEsc, exfil. Boo.

[–] CaptObvious -1 points 10 months ago

These seem to focus on phishing. There are other threats. Phishing happens via channels other than email.

You may be right in your assessment, but this evidence doesn’t support your claim.

[–] tastysnacks@programming.dev 0 points 10 months ago (1 children)

Why does it have to be number one?

[–] bahbah23@lemmy.world 1 points 10 months ago

OP originally said number one and edited their post.