Email-borne attacks have flooded news headlines in APAC

The cost of email-borne security attacks is increasing with those affected facing average damages of $US1m according to Barracuda Networks, Inc., a trusted partner, and leading provider of cloud-first security solutions.

Revealing findings of its 2023 Email Security Trends report, which surveyed hundreds of frontline IT professionals across the U.S, EMEA and APAC, Barracuda found that a huge 75 per cent of organisations had fallen victim to at least one successful email attack in the last 12 months, with those affected facing average potential costs of more than $US1 million for their most expensive attack.

The report, which shows how email-based security attacks affect organisations around the world, also pointed towards the increasing cost of these attacks, with 23 per cent of respondents stating that the cost of email-based attacks has risen dramatically over the last year.

According to Barracuda, the fallout from an email security attack can be significant. The most widely reported effects were downtime and business disruption (affecting 44 per cent of those that had been hit), the loss of sensitive, confidential, and business-critical data (43 per cent), and damage to brand reputation (41 per cent).

Results also show notable differences between industries. For example, financial services organisations were particularly affected by the loss of valuable data and money to attackers (cited by 59 per cent and 51 per cent of victims, respectively), while in manufacturing the top impact was the disruption of business operations (53 per cent). For healthcare institutions the recovery costs involved in getting systems up and running again quickly were the most significant (44 per cent). Regardless of size or industry, however, organisations with more than half their employees working remotely faced higher levels of risk and recovery costs.

According to the report, organisations across the globe also feel underprepared to deal with the threat of malware and viruses (34 per cent), advanced email attacks like account takeover (30 per cent) and business email compromise (28 per cent), and even more basic threats like spam (28 per cent).

Email-borne attacks have flooded news headlines in APAC over the past few months, including reports of hacker groups like Dark Pink breaching government and military organisations across Southeast Asia with targeted phishing emails, and the Singapore Police Force revealing a huge $US501m in losses in the city-state due to growing cybercrime, with email phishing accounting for the bulk of attacks last year.

“Email is a trusted and ubiquitous communications channel, and that makes it an attractive target for cybercriminals. We expect email-based attacks to become increasingly sophisticated, leveraging AI and advanced social engineering in their attempts to get the data or access they want and evade security measures,” said Mark Lukie, Director of Solutions Architects, APAC, Barracuda.

“Email-based attacks can be the initial access point for a wide range of cyberthreats, including ransomware, information stealers, spyware, crypto mining, other malware, and more. It is not surprising that IT teams around the world don’t feel fully prepared to defend against many email-based threats. Growing awareness and understanding of email risks and the robust protection needed to stay safe will be key in keeping organisations and their employees protected in 2023 and beyond.”

Tags: BarracudaCyber Security