Chris Visagie, iOCO Manager, Security Software unpacks the true impact of not protecting the most vulnerable system in your organisation
Email is such an integral part of everyday life that we tend to overlook, or are simply unaware, that it is the single biggest threat to cybersecurity. Almost all cybercrime is either email-based or employs email as part of the process. This implies that when prioritising security threats, it should be quite easy to determine where to focus your company’s security posture, logically. However, this is not happening.
Many organisations are still focusing their efforts on networks, endpoints, web traffic and email. During a recent webinar, cybersecurity advisor Alan Levine shared a chief information security officer (CISO)’s journey from “Doubter to Believer”, where he outlined the sequence of events during a nation-state attack on Alcoa and Arconic, both US-listed companies, and what changed his mind about e-mail security. During the discussion, he made the point that they had just about everything in place to prevent a cyberattack.
Closer to home, recent breaches at well-known companies such as Experian, Momentum Metropolitan and Life Healthcare Group are a reminder that this is phenomenon transcends borders and that South Africa is also the target of sophisticated orchestrated attacks.
According to Verizon Data, 96% of breaches where caused by people. Current employees. Ex-employees. Future employees. Thieves. For example, business email compromise (BEC) and email account compromise (EAC) attacks, which require human interaction to be successful, have cost organisations worldwide more than $26 billion between June 2016 and July 2019, according to the FBI.
The notion of people being a vulnerability is becoming more prevalent this year, specifically due to the global pandemic which has made working from home the new normal. In addition, staff isolated in their homes, without daily interaction with colleagues and general ‘people connectivity’ feeding feelings of fear and isolation. It has created the perfect storm for attackers who take advantage of peoples’ uncertainty.
Attackers are actively abusing brands, names and logos of companies and organisations in an attempt to give credibility to their campaigns and to manipulate the recipients. This includes spoofing and abuse of the brands of international health organisations around the world, including the World Health Organization (WHO), the United States Centers for Disease Control (CDC), and more.
Attacks are also not just focused on email phishing or similar but are also actively using organisations’ cloud strategies against them. Looking at Office365, for example, a scam using a OneDrive message for sharing a file/document has become much more common during the work-from-home period due to people having to collaborate remotely on documentation; scams using links from webinars also increased exponentially. While these types of attacks have various “lures” all relate to some element within the Office365 cloud environment.
These examples support the notion that most of the current threats require an action ; they also reinforce the fact that with the “new normal”, social engineering-based attacks have become prevalent in various formats, including combinations thereof, with e-mail systems mostly in the mix.
Attackers take time to research and understand relationships that exist in organisations and leverage these to be effective. As such, organisations need to have a consolidated view of the various attack vectors to manage multiple attack chains. The fact remains that the discreet unit of defence is still a human being and as such it has become imperative that organisations support and guide their people using targeted education and awareness campaigns based on real-world threats and/or user behaviour.
Calculate your risk factors and the likelihood of your business suffering e-mail attacks. Know what needs to be protected. All data is not created equal. All e-mails are not equal and may contain confidential information, creating a gateway into your business.
In conclusion, take pro-active steps to protect the most vulnerable IT system in your organisation – email.
For media queries or interviews contact
Jose de Nobrega, Jose.DeNobrega@iOCO.tech
About Proofpoint
Proofpoint, Inc. (NASDAQ: PFPT) is a leading cybersecurity company that protects organizations’ greatest assets and biggest risks: their people. With an integrated suite of cloud-based solutions, Proofpoint helps companies around the world stop targeted threats, safeguard their data, and make their users more resilient against cyber-attacks. Leading organizations of all sizes, including more than half of the Fortune 1000, rely on Proofpoint for people-centric security and compliance solutions that mitigate their most critical risks across email, the cloud, social media, and the web. More information is available at www.proofpoint.com.
About iOCO
Established to simplify ICT, iOCO is Africa’s leading integrated technology services company, with the largest concentration of skills on the continent. As a Level 1 B-BBEE end-to-end ICT managed service provider and Cloud systems integrator, iOCO operates with over 20 years’ experience. Its team of more than 4 500 specialists delivers custom development and integration, open source, enterprise applications, data and analytics, compute and platforms, digital industries and manage and operate solutions to over 1 000 top tier customers.
Inspired by digitally native internet organisations (iO) and creative organisations (CO) of the future, iOCO helps customers navigate the path to an exponential future. To achieve this vision, iOCO holds strategic OEM partnership agreements with more than 90 global leaders, including Proofpoint, Micro Focus, Kofax and Hyland.