Best ways to protect your organization against advanced email-based cyberattacks

null

Today there are over 100 billion corporate emails exchanged daily. This is because businesses throughout the world rely on email to quickly communicate and collaborate with one another. As long as this trend continues, malicious files, links and attachments will continue plaguing corporate inboxes because it’s a huge challenge to protect against these attacks.

Since we no longer have the 9 - 5 mentality where we must be in our office to connect to our work and work is now more of “something you do,” the number of devices we use to send and receive emails has grown astronomically. While it’s great to be able to manage email at any time of the day from anywhere, it makes security really difficult. This means that today’s businesses face an ever-increasing number of email-based threats focused on getting employees to click on links or open attachments and download malware. With this in mind, you’ll want to find the safest and smartest email security approaches.

Understanding email’s vulnerability

Computer Weekly says email is the biggest threat organisations face and the number of threats continue to grow. These threats include compromises, ransomware, banking trojans, phishing, social engineering, information-stealing malware, and spam – all of which put your business at risk of accidentally disclosing sensitive information. In fact, the most common type of data security incident reported last year was in the form of emails. This is what led Europe to impose strict new rules regarding cyber security and personal data protection. However, this isn’t enough. Businesses need to better understand where they are most exposed and what they can do to minimise this damage.

Email is the biggest threat vector because it lets malicious third parties directly target your employees. With this in mind, you can see why user education about email-related cyber threats is so important. Even with all the tools and technologies in existence today (e.g. email encryption, data loss prevention, social engineering detection, phishing simulation, artificial intelligence), most people believe this training will play the biggest role in improving email security. This is probably because some studies have found that about 79 per cent of threats are caused by poor employee behaviour while only 21 per cent are caused by inadequate tools. While about 47 per cent of these email crimes focus on individual staff members, about 37 per cent of executives were also targeted. The departments with the most to lose here are your finance and sales departments because they have access to sensitive information.

Dealing with email’s vulnerability

Hackers are constantly looking for ways to infiltrate your system. Relying on traditional defences like antivirus and signature-based technologies is no longer sufficient. With the rapid pace at which threats are changing, hackers have been able to adapt and change malware to quickly meet their needs. Instead, network visibility is now critical. Scanning and inspecting emails at the point they cross your email gateway is important, but it doesn’t give you full visibility. Files can still be deemed malicious after it crosses the gateway, which is why they must be continuously inspected and analysed, regardless of their initial disposition. Doing so lets you see changes in behaviours and patterns inside your network so you can change your response if you’re alerted to malicious behaviour later on down the line. This is the only way to guarantee that even sophisticated malware that evades your front-line defences is caught before it causes any damage.

When you do spot a malicious or unknown file it should be sent to a sandboxing solution where it’s thoroughly analysed to identify any malicious behaviour and activity. This helps you understand what the malware is doing or attempting to do in your network. You’ll also be able to tell big of a threat is poses so your security team can prioritise and block it appropriately.

Having this type of security integrated into your larger security strategy will help thwart coordinated attacks and eliminate silos that were created by the inability to share critical threat intelligence. You’ll also want to make sure that your systems integrate and share information so you don’t have any blind spots that limit visibility into your network or create gaps of time and space where cybercriminals during which can launch attacks.

Creating a multi-layer defence

Dealing with cyber security threats to business requires you to have a multi-layered email security defence in place. Cisco says each layer of this defence will act like a safety net by filtering out additional threats so your network remains safe. You can create this by combining tools like reputation-based filtering, anti-spam engines, AV scanning, and sandboxing capabilities. When these working together you can rest assured that you’ll catch as many threats as possible right away.

Unfortunately, Cisco Talos says that even with all your best efforts, email is still a primary attack vector for malicious actors like the Multiple Cobalt Personality Disorder. This creates numerous email-based attacks that spread malware to users of every size. It’s been something that was very active between mid-May and early July of 2018. Some of their attacks have become quite sophisticated – to the point they can continually evade detection.

Managing the “people side” of email

Clear Swift says unfortunately many employees have a ‘laissez-faire’ attitude when they accidentally share or receive an erroneous email. The best way to combat this is by helping your employees understand the ramifications of emails going awry. To do this you’ll need to offer cybersecurity training that encompasses both internal and external threats. This will help your employees understand what it means to be a ‘good data citizen’ instead of being yet another vulnerability in your cyber defences.

Using email in your business today

Cyber criminals send malicious emails targeting your business daily. They want to steal your financial information, credentials, data and other confidential information. About 95 per cent of these breaches occur through email. This can be seen by the “common” viewer simply by looking at the growing volume of spam we receive. Many believe it accounts for about two thirds of all email today. Cyber vulnerability via email costs businesses over $5 billion worldwide yearly. With these factors in mind, you must be certain that your email security solution will truly protect your users, data, and assets.

Evan Morris, Networking Manager, MWR
Image source: Shutterstock/kpatyhka