Phishing Has Succeeded At More Than Half Of U.S. Organizations

Citing a survey from cybersecurity company Proofpoint, HealthITSecurity reports that more than half of U.S. organizations were successfully phished in 2019, meaning they lost data, had credentials or accounts compromised, or suffered a ransomware attack. More than a third of those surveyed are said to have lost some intellectual property. As high as these numbers are, researcher say they are about the same, or slightly lower, than those from 2018, a trend they attribute to hackers’ increased focus on quality over quantity. One finding may add weight to the repeated official recommendation that victims refuse to pay ransoms: Of those that did pay, twenty-two percent didn’t get their data back. Overall, the majority of phishing victims faced not ransom costs, but rather the costs of downtime and remediation. On a positive note, the survey found that 95 percent of organizations train employees, and that training does work. The problem is that in many organizations the time spent on training is minuscule, and not all employees receive it.