Familiar and emerging cyberthreats will pose continuing challenges in the year ahead.

5 Min Read
Cyber security concept. Encryption.
Getty Images

Cybercrime continues to increase, and cybercriminals persist in developing new and more insidious approaches to escalate their success rate at compromising business networks and stealing credentials, data and cash. These attacks are becoming more sophisticated, highly targeted and increasingly costly.

The emerging attack techniques being used by cyber criminals are designed to evade traditional email security, including gateways and spam filters. More often than not, the attacks originate from high-reputation domains or already-compromised email accounts, and don’t necessarily include malicious links or attachments. Because most traditional email security techniques rely on domain reputation and email credentials, the attacks are more likely to be successful.

In a new e-book, Protecting Your Business From Cyberthreats in 2020, Barracuda outlines these emerging security vulnerabilities along with strategies to protect your network, applications and data. The e-book analyzes proprietary research conducted during the past 12 months to provide an outlook of top potential cybersecurity threats for 2020 and practical solutions that businesses can use to help defend themselves.

Phishing Gets Personal

Phishing has been a persistent threat, and these types of attacks continue to evolve. In traditional phishing, emails are sent to large numbers of recipients, with just a small percentage of victims responding.

Spear phishing attacks, however, are targeted and personalized. Victims are researched by cybercriminals, who sometimes impersonate a coworker or trusted business. In either case, the attackers are generally trying to obtain login credentials or financial information.

With credential theft, the attackers can launch an account takeover, which has been identified as one of the fastest-growing email security threats. In these attacks, cybercriminals impersonate trusted brands and use social engineering and phishing tactics to steal login credentials and access accounts. Once an account is compromised, hackers can then launch other types of attacks. According to Barracuda’s research:

An analysis of account-takeover attacks found that 29% of organizations had their Office 365 accounts compromised in March 2019. More than 1.5 million malicious and spam emails were sent from the hacked Office 365 accounts in that one month. With more than half of all global businesses already using Office 365 and adoption continuing to increase, hackers want to take over accounts because they serve as a gateway to an organization and its data — a lucrative payoff for the criminals.

 Identifying and removing these email threats is often a manual process, which means that response times lag behind the ability of the attacks to spread across organizations and to other networks.

Malware Becomes Modular

Like phishing, malware attacks have evolved considerably. Malware is typically hidden in a document attached to an email. Once opened, it is automatically installed and then updated continuously to fool users and security services.

There has been a substantial increase in these attacks. Barracuda’s data from April 2019 indicated that 48% of all malicious files detected in the previous 12 months were documents. More than 300,000 unique malicious documents were identified.

Modular malware attacks are also increasing, and these attacks are even more complicated and dangerous than document-based malware. Modular malware can selectively launch different payloads and functionality, depending on the target and the goal of the attack. This approach has been used in banking Trojans and info stealers.

Ransomware Attacks on the Rise

Ransomware has grown into one of the biggest security challenges, and is increasingly difficult to combat. These attacks lock down systems or encrypt data. The attackers then blackmail the company or user into paying them to unlock those systems. Ransomware attacks have targeted individual computers, companies, hospitals, cities and other organizations.

Like malware, these attacks originate with malicious email files, and small and midsize businesses have proven particularly vulnerable because they often lack the IT resources that are needed to protect against the attacks.

Cybersecurity Success Requires a Multi-Pronged Approach

Phishing, malware and ransomware all require a multi-layered protection strategy that includes both technology and security awareness training.

Because most of these attacks are tailored to avoid detection by gateways and spam filters or rely on psychological manipulation to succeed rather than using malicious attachments, it’s crucial to implement a security solution that leverages artificial intelligence (AI) to detect and protect your customers.

Using machine learning, security solutions can analyze normal communication patterns. This makes it easier to spot anomalies that could indicate an attack. These advanced detection techniques can help fill the gaps caused by human error and help companies keep up with rapidly evolving threats.

These solutions also can detect where suspicious emails are coming from, as well as abnormal behavior such as emails requesting that users change their passwords. Additionally, these solutions can monitor email accounts for malicious inbox rules, which could indicate an account takeover attempt, for instance.

IT solution providers must deploy technology that recognizes when accounts have been compromised and can remediate takeovers in real time by alerting users and automatically removing malicious emails sent from compromised accounts.

Training is also critical. Make sure your customers and staff can recognize attacks and know how to report them properly. Educate them about spear phishing, ransomware and other types of attacks during regular security awareness training. Put procedures in place to guard against unauthorized wire transfers. Regularly test your customers using attack simulations.

Finally, implement a robust backup and disaster recovery solution that can help mitigate the damage caused by an attack. This can minimize downtime and prevent data loss, while also ensuring that your systems can be quickly restored. It is also important to remember that backup and disaster recovery solutions are needed not just for on-premises devices, but also for Office 365 and other cloud-based applications and solutions.

For more information, download Protecting Your Business from Cyberthreats in 2020  here.

Chris Crellin is Senior Director of Product Management for Barracuda MSP, a provider of security and data protection solutions for managed services providers, where he is responsible for leading product strategy and management.

 This guest blog is part of a Channel Futures sponsorship.

Read more about:

MSPs
Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like