Cybersecurity Awareness Month

Since October 2004, activities during Cybersecurity Awareness Month have raised awareness of the dangers of online threats and offered guidance on ways to mitigate them. This guidance has dramatically shifted over the last 20 years based on the everchanging threat landscape and ingenuity shown by bad actors when implementing their attacks.

If one thing has remained consistent over the past two decades, it’s that attack prevention strategies must adapt to the threats they face and encourage creative critical thinking.

Defenders of cybersecurity must never be complacent. Let’s take a look at how the most common cybersecurity threat has evolved over time, and how security professionals have adapted to combat it.

Phishing

Phishing attacks have been a plague since the 90s and according to a 2023 study, 9 in 10 cyber-attacks start with an illegitimate email. Successful phishing activity often creates an access point for other cybersecurity threats such as ransomware attacks, account takeovers and business email compromise.

1990s - 2000s

Through the 90s and early 2000s, phishing scams began to capitalize on the increasing activity of online business as eCommerce found its footing. This period was highlighted by scammers sending fictitious emails requesting updated credit card details for major eCommerce platforms, which then redirected to websites impersonating legitimate payment sites.

It was during this time that Cybersecurity Awareness Month was launched and provided user education on best practices against this growing cyber threat.

2010s

Entering the 2010s, the widespread growth of social media and crypto opened new avenues for cybercriminals to explore. The standard email approach remained as the primary attack method, but new illicit strategies emerged, such as weaving harmful code into pixels within images.

Security professionals adapted by developing software to prevent phishing attempts. This software began to vet emails, shared domains and attachments before scam communications could reach their intended inboxes.

2020s

The present day has seen scammers further refine their messaging, and use deepfake technology and AI generated emails to generate convincing communications at a quicker rate.

The finance industry is particularly targeted, as the increased use of file-sharing platforms for document exchange opens a plethora of opportunities for phishing attacks by savvy bad actors.

To combat current phishing vulnerabilities, modern cybersecurity professionals use a multi-layered approach that utilizes email filtering software, workplace awareness training and device management.

As cybercrime continues to evolve so too do those who fight it. Cybersecurity Awareness Month reminds us of the importance of staying vigilant.