Proofpoint’s Annual Human Factor Report Reveals How 2021 Became the Year Cyber Criminals Got Creative

Human Factor 2022

SUNNYVALE, Calif., June 2, 2022Proofpoint, Inc., a leading cybersecurity and compliance company, today unveiled its annual Human Factor report, which provides a comprehensive examination of the three main facets of user risk—vulnerability, attacks, and privilege—and how threat actors continue their ceaseless creativity as they exploit the many opportunities presented by people.

The Human Factor 2022 report dives deep into user risk, drawing on data and insight from a year’s worth of research, covering threats detected, mitigated, and resolved across one of the largest datasets in cybersecurity.

“One constant that remains as organizations approach a sense of normalcy after a disruptive year is that cyber criminals continue to target and exploit people,” said Ryan Kalember, EVP of cybersecurity strategy, Proofpoint. “Last year, attackers demonstrated just how unscrupulous they really are, making protecting people from cyber threats an ongoing—and often eye-opening—challenge for organizations.”

The report draws from a multitrillion-datapoint graph, one of the largest data sets in cybersecurity. Every day, Proofpoint analyzes more than 2.6 billion email messages, 49 billion URLs, 1.9 billion attachments, 28.2 million cloud accounts, 1.7 billion mobile messages and more. This report analyzes data collected throughout 2021 and sheds light on the nature of today’s cyber threats, while offering actionable insight on how to protect employees against them.

Key findings highlighted in Proofpoint’s 2022 Human Factor report include:

  • Cyber criminals recognize that our smartphone contains the keys to both our personal and professional lives. Smishing attempts more than doubled in the US over the year, while in the UK over 50% of lures were themed around delivery notification. In addition, cyber criminals initiated more than 100,000 telephone-oriented attacks a day.
  • High-privilege users are disproportionately targeted. Managers and executives make up only 10% of overall users within organizations, but almost 50% of the most severe attack risk.
  • Over 80% of businesses are attacked by a compromised supplier account each month. Security awareness training focusing on supply chain threats is business critical for organizations.  
  • Microsoft OneDrive and Google Drive are the most common legitimate cloud infrastructure platforms used by threat actors. Last year, 35% of cloud tenants that received a suspicious log-in also experienced suspicious file activity after the breach, revealing that privilege-based risk widens as enterprises move to the cloud. On average, approximately 10% of organizations were found to have at least one authorized active malicious application in their environment.
  • The hand-in-glove relationship between malware groups and ransomware operators continue. More than 20 million messages attempted to deliver malware linked to an eventual ransomware attack between January 1 to December 31, 2021.
  • Attackers piggyback on pop culture. Threat actors used popular figures such as Justin Bieber and The Weeknd, and Netflix series Squid Game in their lures in 2021. By October, cyber criminals were sending Squid Game-themed emails to victims in the U.S., promising early access to the next season, or even the opportunity to be cast in future episodes.
  • Cyber criminals continue to capitalize on global conflicts. Earlier this year, threat actors and APT groups aligned with national interests responded to Russia’s invasion of Ukraine. We saw destructive wiper malware deployed against Ukrainian organizations and key communications infrastructure, in addition to activity from Belarus- and China-aligned actors, specifically targeting European governmental organizations involved in asylum and other relief efforts.

To download Proofpoint’s Human Factor 2022 report, please visit: https://www.proofpoint.com/us/resources/threat-reports/human-factor.

For more information on creating a people-centric cybersecurity strategy, please visit: https://www.proofpoint.com/us/why-proofpoint.

####

About Proofpoint, Inc.

Proofpoint, Inc. is a leading cybersecurity and compliance company that protects organizations’ greatest assets and biggest risks: their people. With an integrated suite of cloud-based solutions, Proofpoint helps companies around the world stop targeted threats, safeguard their data, and make their users more resilient against cyber attacks. Leading organizations of all sizes, including 75 percent of the Fortune 100, rely on Proofpoint for people-centric security and compliance solutions that mitigate their most critical risks across email, the cloud, social media, and the web. More information is available at www.proofpoint.com.

Connect with Proofpoint: Twitter | LinkedIn | Facebook | YouTube 

###

Proofpoint is a registered trademark or tradename of Proofpoint, Inc. in the U.S. and/or other countries. All other trademarks contained herein are the property of their respective owners.

 

PROOFPOINT MEDIA CONTACT:
Estelle Derouet
Proofpoint, Inc.

pr@proofpoint.com