Businesses face all kinds of threats every day—competitors, the economy, laws and regulations, and increasing employee benefit costs to name a few. But cyber threats are increasingly becoming one of the more common threats that companies regularly face. In fact, the FBI estimates that more than $5 billion has been lost worldwide to email scams. Is your business aware of the email security threats out there?
There are a number of common of threats, and with the help from our Email Security Partner, Mimecast, here the ones business decision makers need to be aware of and control:
Mass-mailed, untargeted phishing
The vast majority of attacks start with simple phishing attempts sent to a mass audience. While it’s the successful ransomware attacks that often receive the most attention in the press, it’s actually relentless phishing campaigns that are responsible for the vast majority of ransomware deliveries, as well as compromised account credentials that provide system access to cyber criminals. Normally, ransomware attacks start with a phishing campaign—either broad-based or highly targeted (spear-phishing). Given that phishing messages are sent in enormous volumes, it’s almost inevitable that at least some of these messages will find their way to users’ inboxes. Phishing—rather than malware—is increasingly the attack vector of choice because it is so lucrative and successful.
Targeted and highly targeted phishing
Spearphishing is a variant of phishing in which just a single company, a group of users within a company, or an affinity group (such as developers) are targeted by bad actors with a more focused message. Business Email Compromise (BEC) is an even more targeted type of phishing that often will go after just a single user within a company, such as the chief financial officer. When a bad actor is able to capture login credentials for business email accounts, it provides them with the opportunity to defraud organizations of enormous sums of money. The FBI reports that more than $5 billion has been lost to BEC scams around the world. As just a couple of examples, a public school in Portland almost lost $3 million to a successful business email compromise attack, and a county government in North Carolina was fooled into paying $2.5 million to the wrong account of a contractor working on a building project.
Ransomware was quite common during 2016, dropped off a bit during 2017 and 2018, but came back with a vengeance in 2019, particularly in the government space. For example, successful ransomware attacks impacted four cities in Florida in April and June 2019, and more than 20 local governments in Texas in one weekend during August 2019. One security vendor reported that two-thirds of 70+ ransomware attacks in the United States during the first half of 2019 targeted state and local governments. Ransomware can be particularly damaging not only because it can require replacement of desktop computers, laptops and other endpoints, but because of the enormous disruption it can cause within an organization, with the potential of putting some companies permanently out of business.
Data breaches are particularly egregious because they are responsible not only for the theft of sensitive information like customer data or valuable intellectual property, but they can cause a company to run afoul of regulations that require sensitive data to be kept secure. For example, the European Union’s General Data Protection Regulation (GDPR) enables regulators to impose very large fines on offending organizations, in some cases reaching as high as €20 million or four percent of the previous year’s revenues. In the United States, the California Consumer Privacy Act also carries with it enormous fines for data breaches, and it allows individual consumers whose data was breached to receive compensation when their data was lost or stolen. It’s important to note that some ransomware authors are now posting to public sites the data they have stolen if their victims do not pay the ransom they demand, combining the damaging impacts of ransomware and data breaches into an even worse threat.
Bad actors often attempt to steal account credentials in an attempt to find a more credible avenue for their criminal activity. For example, if a cybercriminal can trick someone into revealing their credentials for their Office 365 account, such as through a phishing attack, those credentials can be used to send spearphishing or BEC attempts to others within the same organization. These attempts will generally be more successful because they are coming from an actual account within the company.
Zero-day malware threats
Desktop and server operating systems that are widely used suffer from a variety of known vulnerabilities. Moreover, unpatched systems of various kinds increase the risk of being compromised by many types of malware. For example, the NotPetya ransomware attack in 2017 succeeded in establishing a destructive foothold worldwide because of exploits of known-but-unpatched vulnerabilities in Windows-based platforms. Other malware works stealthily in the background over time to scout the infected network and spread quietly to infiltrate an ever-expanding collection of devices before turning lethal.
Preventing Email Attacks
With all these threats out there, it’s important to have some email security solutions in place to protect your business. To help provide our customers with the very best protection, Great Lakes Computer Corporation has partnered with Mimecast (a cybersecurity provider that helps companies worldwide make email safer, restore trust and bolster cyber resilience). We have several layers of protection we can provide. Click below to learn more!