Email attacks prevalent in critical infrastructure firms

Email security breaches have impacted 80% of critical infrastructure organizations around the world during the past 12 months, TechRepublic reports.

While more than 80% of entities expect intrusions — particularly phishing, data theft, and zero-day malware attacks, to hold steady or increase over the next year — more than half of respondents continue to believe the non-malicious nature of email messages and attachments by default, an analysis from OPSWAT revealed.

"With the level of threat posed by email attacks expected to increase over the next 12 months, critical infrastructure organizations intent on strengthening their email security posture must take a dramatic approach that emphasizes prevention and preclusion of email-borne threats," said OPSWAT researchers. Such findings follow a recent NCC Group report detailing a slight increase in ransomware attacks against critical infrastructure entities as threat actors become less concerned about potential sanctions, which have been increasingly deemed as inevitable.