Key Insights from Hornetsecurity's Cyber Security Report 2024

In 2023, Hornetsecurity processed over 45 billion emails, providing a unique vantage point to dissect the complexities of the Microsoft 365 threat landscape. Hornetsecurity's annual Cyber Security Report gets to the heart of the matter, offering not only a snapshot of the current state of Microsoft 365 security but also crucial insights into emerging threats, trends, and informed projections for the year ahead. In this edition of "The Sting of Security", we will provide key findings from the report. 

There are a lot of junk emails

Out of that pile of 45 billion emails, 36.4% were classified as unwanted. Pause for a moment to absorb this statistic; more than one in every three emails in ALL email communications we looked at wasn't something the recipient wanted. Out of that portion, 96.4% were spam or rejected outright (never analyzed further as we knew it was coming from a bad sender). The remaining portion, just over 3.6%, was categorized as malicious.   

These malicious emails come in various flavors. Phishing continues to reign supreme among malicious emails, constituting 43.3% of the menacing ensemble. Notably, this marks a 4%pt increase from the previous year. Following closely are malicious URLs, which are experiencing an 18%pt surge and now stand at 30.5%. These statistics underscore the critical importance of fortifying our defenses against these sophisticated cyber threats. 

There's a lot of junk attached to those emails

The most prevalent types of malicious email attachments are HTML files at 37.1%, followed by PDFs at 23.3%, and archive files (ZIP etc.) at 20.8%. The previous year's usage of DOCX and XLSX files has dropped since Microsoft disabled macros by default in Office. HTML files will continue to be popular, as every mail client and OS knows how to handle this web standard format.   

Industry targeting

Both in last year's report and this year's, we found that attackers don't have a strong preference for one industry vertical over another. In essence, if you can pay a ransom, you're a target.   

However, we did find three sectors that were overrepresented:  

• Research 
• Entertainment 
• Manufacturing.  

Research entities frequently deal with highly sensitive intellectual property, elevating the potential for a lucrative payoff. Similarly, with its wealth of intellectual assets, manufacturing also becomes an attractive target. These sectors are also often seen as a soft target as they have a lot of insecure IoT and OT devices on their networks, which can be used as springboards for compromise. Finally, the entertainment sector presents an appealing target due to its substantial financial transactions, as evidenced by recent breaches at MGM and Caesar. 

Brand impersonation

Email attacks leveraging brand impersonation continue to increase. Among the top 10 impersonated brands are DHL, Amazon, LinkedIn, Microsoft, FedEx, and Netflix. This technique capitalizes on trust, significantly elevating the risk of unsuspecting users falling prey to cyber threats. 

Conclusion

The full Cyber Security Report 2024, which is free to download, covers much more than this quick taster. It analyzes the major breaches and trends in the Microsoft 365 space over the last 12 months and makes predictions on what cyber security trends we'll see in 2024. In addition, you will discover strategies to fortify your organization, insights on vendor overdependence, and more.