The Information Commissioner’s Office (ICO) has been hit by a 2,650 per cent surge in email attacks during 2021, with a staggering rise in spam emails, according to official figures.
The data, retrieved by the Freedom of Information Act (FOI) and analysed by the Parliament Street think tank, uncovered the volume of phishing emails detected, malware detected and blocked, and spam detected and blocked month by month in 2021.
The number of attacks rose significantly from 150,317 in January to a startling 4,135,075 in December, an increase of 2,650 per cent.
Detected and blocked spam accounted for the majority of the attacks, with a 2,775 per cent increase between January and December, with December, in particular, seeing a huge spike in attacks.
Phishing emails rose by 20 per cent from January to December, whilst malware soared by 423 per cent.
The bulk of the December of attacks came from spam, with 4,125,992 attacks, whilst phishing emails made up 7,886 attacks and malware accounted for 1,197 attacks.
The giant leap in December coincides with the mass spread of the Omicron variant which came accompanied with a swarm of covid test-related attacks, as well as Christmas scams in the lead up to the holidays.
Edward Blake, Area Vice President EMEA, Absolute Software, comments, “Cyber attacks are targeting organisations across the globe at an alarming rate, once again reminding businesses of the need to re-evaluate and revamp their security protection if it is not up to scratch.
“Cyber security is not just about protecting endpoints via anti-malware or email cybersecurity solutions. Whilst these are important, there are now a variety of access points for cybercriminals to capitalise on that IT leaders need to be aware of. These include vulnerable unpatched applications and network vulnerabilities, stolen or illegally purchased log-in credentials, or even by hacking unprotected smart devices.
“In fact, it’s no longer even safe to assume that a cybercriminal hasn’t already gained access to your organisation’s system, which is why it’s imperative that businesses adopt a Zero Trust approach to their cyber defences. This will ensure that malicious actors can not move laterally across a network once they have gained access, ensuring that a breach in the system does not necessarily equate to a breach in data.”
Steven Peake, Manager for Barracuda Networks, commented, “The pandemic continues to be a catalyst for opportunistic cybercriminals to try and prey on unsuspecting, vulnerable people. Our recent research showed a 521 per cent surge in covid test-related phishing attacks, so it is hardly surprising to see major organisations, such as the ICO, hit by such a high volume of threats as they represent lucrative targets. Phishing emails, malware and spam in particular account for a large proportion of the threats these organisations face so they need to implement measures to protect themselves. These cyber attackers aren’t going anywhere anytime soon.
Utilising sophisticated email security which leverages artificial intelligence can help to identify threats engineered to bypass basic defences, such as spam filters, and block them before they can cause damage is an important measure for protection. Leveraging technologies should be paired with staff education, providing awareness of phishing attacks, covid related scams and other possible incoming threats.”