When BEC Attacks Engulfs Cyberworld!

Understanding and providing email security against business email compromise.

In the aftermath of increasing geopolitical tensions, the world faces a new phenomenon called 'poly-crisis,' a term coined by Adam Tooze, an economic historian who describes simultaneous crises like health, climate, war, inflation, and democratic dysfunction that overlap one another. The Global Risks Report 2023 by WEF suggested how poly crisis increases the risk of businesses being targeted by cybercriminals.

WEF worries about geopolitical unrest caused by catastrophic cyberattacks in the coming years. According to the WEF report, cyber attackers focus on business disruption and reputational damage. In addition, they often send email-based threats that are increasingly sophisticated.

Statistics show 82% of companies report a higher volume of emails, according to the 2023 State of Email Security report (SOES survey). Additionally, the report showed a rise of 75% in email-based threats, where 97% were targeted by email-based phishing attacks. At this stage, caution to employers as 80% believe there is a risk of inadvertent employee data leaks. The SOES survey also showed 66% of respondents believed in the dire need to invest in cybersecurity.

What is their strategy?

Well! the most common strategy is phishing attacks with an email calling for immediate action. The receiver gets a feeling that the mail came from a legitimate firm prompting them to click a link that leads to a malicious website.

Kiri Addison, a senior manager at Mimecast, warns how threat actors capitalize on the vulnerable behavior of employees to steal data.

Workers in companies often receive bulk emails. The attackers are experts in drafting highly personalized emails calling the receiver by first name. The attackers filter users’ social media accounts and send bulk emails that appear so convincing. Call it spear-phishing; that can compromise company emails.

Mails ask a high-level executive for an urgent wire transfer or CFO asking for vital reports, all telling examples of spoofing. Then, through individual employees, they conduct brand impersonation that leads to financial and reputation loss for the company.

There are instances when the in-house team falls prey to brand impersonation, say, an email from a colleague or a partner organization member seeking sensitive information or the sender duping the receiver with malicious links. News of impersonation by the public leads to a loss of reputation that affects the organization's credentials.

Other gaps

A common grievance against the productivity suite is its lack of protection. As a result, organizations using Office 365 need additional layers of protection from business email compromise.

Solutions

·??????AI-based DMARC is the answer to detect and prevent email spoofing techniques.

·??????A domain-based message authentication, reporting, and conformance mitigate risk. For example, domain Keys Identified Mail (DKIM) checks the authenticity of the domain, whether the owner authorizes it or not.

·??????Firms can also resort to email security programs like VeraCrypt, FileVault, DiskCryptor, and AxCrypt as a part of managed cybersecurity services.

·??????Organizations should opt for full-device encryption of organization mobile devices remote workers use.

·??????According to Checkpoint, the organization needs custom threat profiles to prevent BEC attacks. AI solutions should detect people emailed, alien login, and events.

·??????Anomaly detection techniques like unsupervised, semi-supervised, and supervised techniques can identify anomalous data patterns and prevent costly breakdowns.

·??????Firms should have comprehensive access management strategies like documented user registration and de-registration process for approving or revoking access. It also includes verifying the identity of users and associates with user actions and a secure login process. Besides, controls should protect access to networks, systems, and applications.

·??????Training the workers on verifying 'important emails' through SMS/phone calls or other means of confirmation is a solution.

The way ahead

In the backdrop of the global poly crisis, the threat landscape will increase, certainly not decrease. Experience has taught us it is not just a one-time affair like firewalls or shields. Still, a comprehensive solution like cybersecurity managed services that includes threat detection, AI-based solutions, and training for the internal team on how to address various threats are lasting remedies.

By SBase Research Team

About SBase

SBase is a managed cybersecurity services provider, that constantly researches on existing and emerging threats and helps businesses with relevant solutions.