Security Market Segment LS
Tuesday, 07 June 2022 15:24

How 2021 became the year cyber criminals 'got creative': Proofpoint Featured

By Staff Writer

Cyber criminals pivoted to unconventional people-focused attack methods last year, including 100,000 daily smartphone attacks and double the amount of smishing (phishing cybersecurity attacks over mobile text messaging) attempts year-over-year, according to cybersecurity firm Proofpoint’s latest The Human Factor report.

And more than 20 million messages attempted to deliver malware linked to an eventual ransomware attack in 2021, according to the Human Factor 2022 Report which Proofpoint says dives deep into user risk, drawing on data and insight from a year’s worth of research, covering threats detected, mitigated, and resolved across one of the largest datasets in cybersecurity. 

“One constant that remains as organisations approach a sense of normalcy after a disruptive year is that cyber criminals continue to target and exploit people,” said Proofpoint executive vice president of cybersecurity strategy Ryan Kalember. “Last year attackers demonstrated just how unscrupulous they really are, making protecting people from cyber threats an ongoing – and often eye-opening – challenge for organisations.” 

Proofoint says the report draws from a multitrillion-datapoint graph, one of the largest data sets in cybersecurity, and every day it analyses more than 2.6 billion email messages, 49 billion URLs, 1.9 billion attachments, 28.2 million cloud accounts, 1.7 billion mobile messages and more.

The Human Factor Report analyses data collected throughout 2021 and sheds light on the nature of today’s cyber threats, while offering actionable insight on how to protect employees against them. Key findings highlighted in Proofpoint’s 2022 Human Factor Report include:

  • Cyber criminals recognise that our smartphone contains the keys to both our personal and professional lives. Smishing attempts more than doubled in the US over the year, while in the UK over 50% of lures were themed around delivery notification. In addition, cyber criminals initiated more than 100,000 telephone-oriented attacks a day. 
  • High-privilege users are disproportionately targeted. Managers and executives make up only 10% of overall users within organisations, but almost 50% of the most severe attack risk. 
  • Over 80% of businesses are attacked by a compromised supplier account each month. Security awareness training focusing on supply chain threats is business critical for organisations.  
  • Microsoft OneDrive and Google Drive are the most common legitimate cloud infrastructure platforms used by threat actors. Last year, 35% of cloud tenants that received a suspicious log-in also experienced suspicious file activity after the breach, revealing that privilege-based risk widens as enterprises move to the cloud. On average, approximately 10% of organisations were found to have at least one authorised active malicious application in their environment.
  • The hand-in-glove relationship between malware groups and ransomware operators continue. More than 20 million messages attempted to deliver malware linked to an eventual ransomware attack between January 1 to December 31, 2021. 
  • Attackers piggyback on pop culture. Threat actors used popular figures such as Justin Bieber and The Weeknd, and Netflix series Squid Game in their lures in 2021. By October, cyber criminals were sending Squid Game-themed emails to victims in the U.S., promising early access to the next season, or even the opportunity to be cast in future episodes. 
  • Cyber criminals continue to capitalise on global conflicts. Earlier this year, threat actors and APT groups aligned with national interests responded to Russia’s invasion of Ukraine. We saw destructive wiper malware deployed against Ukrainian organisations and key communications infrastructure, in addition to activity from Belarus- and China-aligned actors, specifically targeting European governmental organisations involved in asylum and other relief efforts. 

To download Proofpoint’s Human Factor 2022 report, visit:

Read 1713 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


Thoughtworks presents XConf Australia, back in-person in three cities, bringing together people who care deeply about software and its impact on the world.

In its fifth year, XConf is our annual technology event created by technologists for technologists.

Participate in a robust agenda of talks as local thought leaders and Thoughtworks technologists share first-hand experiences and exchange new ways to empower teams, deliver quality software and drive innovation for responsible tech.

Explore how at Thoughtworks, we are making tech better, together.

Tickets are now available and all proceeds will be donated to Indigitek, a not-for-profit organisation that aims to create technology employment pathways for First Nations Peoples.

Click the button below to register and get your ticket for the Melbourne, Sydney or Brisbane event



It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.


Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News