Without vulnerable humans, hackers would have a much harder time breaching systems, because targeting exploits is too expensive and too risky.
A new report by Proofpoint says that almost all of the threats observed require human interaction (opens in new tab) to execute.
Of all the threats which Proofpoint observed in the past year, more than 99 per cent required a person on the other end to enable a macro, open a file, click a link or open a document, in order to be successful. Proofpoint concludes that humans are the most important link in the chain of cyberattacks.
“Cybercriminals are aggressively targeting people because sending fraudulent emails, stealing credentials, and uploading malicious attachments to cloud applications is easier and far more profitable than creating an expensive, time-consuming exploit that has a high probability of failure,” said Kevin Epstein, vice president of Threat Operations for Proofpoint. “Individual users are the last line of defence,” he added.
Most of the time, hackers are trying to get vulnerable humans to open a Microsoft Office file loaded with malware. Almost a quarter of all phishing emails (opens in new tab) sent last year have had an Office file. This year, however, hackers are moving more towards the cloud, with DocuSign and Microsoft cloud services being used in phishing attacks (opens in new tab).
Hackers are usually interested in stealing credentials, creating feedback loops and lateral movement. To that end, they use banking Trojans, information stealers, RATs and other, non-destructive strains whose purpose is to remain resident on infected devices and continuously gather data.
Proofpoint’s full report can be found on this link (opens in new tab).