Tips to protect your business from an email security breach
Recent high profile cyberattacks have many businesses evaluating email security protocols in an effort to protect themselves from increasingly sophisticated—and potentially devastating—breaches. Matthew Gardiner, a cybersecurity strategist at Mimecast suggests in a recent article, that the key to staying one step ahead of cybercriminals is to think of them as a business working in “a well-oiled, thriving criminal industry… rather than thinking of a clandestine hacker working out of a basement.”
This is important, according to Gardiner, because understanding what motivates these criminals—profit, for the most part—and how their operations function and work together—forming “partnerships, specializations, and supply chains”—helps businesses better understand what they’re up against. In addition to thinking of cybercriminals like business adversaries, implementing crucial protection strategies starts with a good working knowledge of the different types of email cyberattacks out there today.
Phishing for weakness
Phishing email attacks are the most common, largely because they’re fairly simple and, unfortunately, quite effective. They involve fraudulent emails that attempt to trick the recipient into revealing personal information, clicking a link that installs malware, or opening a malicious file attachment. Generally speaking, there are three different types:
- Broad phishing attacks are non-targeted and largely prey on our tendency to click first, think second. As Gardiner points out, “We’re digital-first, we aim to please, and we’re used to moving fast.” Cybercriminals can send these types of emails out in incredibly high volumes and are counting on only a relative few to be caught off guard or not paying attention for the trick to pay off.
- Spear-phishing attacks are more sophisticated in that the email is specifically targeted at an individual or organization and uses specific ‘insider’ knowledge to gain trust. “Think of them as targeted ads for premium customers,” says Gardiner. Email attacks on both the 2017 French presidential election and the Democratic National Party in recent months were the result of spear-phishing attacks. In the latter example, emails claiming to be from Google were sent to DNC staff members advising them to change their passwords due to a sign-in attempt in the Ukraine.
- Impersonation attacks are the most elaborate of the phishing schemes as attackers assume the identity of someone in your organization that you know and trust. With minimal digging, cybercriminals can mine enough credible information that they can impersonate someone within the organization “and then send an email to accounts payable asking for a wire transfer, or to HR requesting a dump of employee tax information.” Think it could never happen to you? Think again. Employees at both Facebook and Google fell for a similar scam that almost cost them nearly $100 million.
- Ransomware is the type of malware behind the recent WannaCry attack, which targeted computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments in Bitcoin cryptocurrency. Organizations hit by the attack included Britain’s National Health Service, Spain’s Telefónica, FedEx, and Deutsche Bahn. These attacks are particularly crippling as they hold files hostage or lock victims out of systems until a ransom is paid.
Protecting your business starts with identifying vulnerabilities
In reality, everyone in your organization needs to be aware of and vigilant when it comes to potential email attacks, as any attack has the potential to cripple operations at any level.
Having said that, particular focus on protecting any data or systems with the potential for high value ransom, as well as the personal data of employees with “the most financial power, influence and access” is incredibly important.
Tips for strengthening “cyber resilience”
- Advanced email security . Email security systems only focus on stopping spam or common malware. Instead, use secure email gateway systems to more effectively process all incoming emails prior to their delivery via a mail server. Most email security gateways prevent transfer of unwanted content such as malware, phishing attacks, and spam while others may also detect and block transmission of sensitive data like credit card numbers and healthcare records.
- Prioritize protection of valuable systems and data . Ransomware attacks are particularly devastating because they bargain on the immeasurable value of your data. For this reason, Gardiner suggests that you “identify the systems you could not stand to lose, and then prioritize security around them.”
- Dispatch patches frequently . Effective vulnerability patching programs are your best defense against cybercriminals who are constantly looking to exploit vulnerabilities in software programs. This is the reason why WannaCry was able to infiltrate hundreds of thousands of systems. “Organizations should stop using old or unsupported operating systems and applications. And certainly do not use pirated software—which, surprisingly, was another weakness exploited by WannaCry,” says Gardiner.
- Rally the troops . Even with all of the best security systems and processes firmly in place, it is challenging to stay one step ahead of cybercriminals. Don’t forget: they are running a high-functioning, sophisticated organization themselves. When an attack manages to break through the other layers of protection, your team needs to have the knowhow to recognize threats and understand how to deal with them. Regular reminders and training are critical.
Cybercriminals do not discriminate. Any business or organization, big or small, could be a potential target. An all-encompassing, focused approach is your best bet to help protect your organization against these sophisticated adversaries.