Cybersecurity Roundup: Kaseya, Barracuda, Qualys, Arctic Wolf Networks
…no easy task, but the services that the vendor community provides, along with ensuring availability during the incident is the best way we can help organizations minimize the impact of the next one.
Barracuda Provides BEC Deep Dive
Business email compromise (BEC) makes up a small percentage of spear-phishing attacks, but it has cost businesses more than $26 billion in the past four years, according to the FBI.
Barracuda‘s latest report, “Spear Phishing: Top Threats and Trends Vol. 3,” reveals new details about these highly targeted threats, including the latest tactics used by cybercriminals and the steps you can take to help defend your business.
According to the report:
- Ninety-one percent of BEC attacks take place on weekdays, with many being sent during typical business hours for the targeted organization to make them more convincing.
- The average BEC attack targets no more than six employees, and 94.5% of all attacks target less than 25 people.
- Eighty-five percent of BEC attacks are urgent requests designed to get a fast response.
- BEC attacks have high click-through rates as one in 10 spear-phishing emails successfully tricks a user into clicking, and that number triples for emails that impersonate someone from HR or IT.
- In the past 12 months, the average amount lost per organization due to spear-phishing attacks was $270,000.
Don MacLennan, Barracuda‘s senior vice president of email protection, engineering and product management, tells us most organizations will have secure email gateways in place to filter incoming messages. Unfortunately, these are no longer enough to detect and block social engineering attacks such as BEC.
“Gateways are designed to look for signs of malicious activity: bad URLs, known spammer and malware are just a few examples,” he said. “BEC email attacks do not contain any of those. What organizations need today is technology that offers visibility beyond the gateway. Machine learning (ML)-based protection that is able to recognize abnormal communication within the organization — for example [an] email address that the CFO doesn’t usually use, or an email request to make a wire transfer that is unusual for a CEO. All of this analysis and subsequent remediation needs to be done in real time. In addition to deploying dedicated spear-phishing technology, businesses need to invest in user education training to make sure their employees are able to recognize and know how to report these attacks. Outside of IT, businesses should implement policies to protect wire transfers through fraud — for example, all wire transfers will need to be confirmed over the phone or in person.”
User security training and phishing simulation campaigns are two examples of ways in which MSSPs can provide a value-added service to their customers, MacLennan said. Some attacks do get through, especially BEC attacks. When they do get through and are reported by users, businesses need to act fast to remediate these attacks and remove malicious messages. MSSPs can use automated remediation tools to help businesses manage their inboxes, investigate and remediate any reported emails, he said.
“Hackers invest time to research their victims and their…