According to F-Secure, over one-third of all security incidents start with phishing emails or malicious attachments sent to company employees. Emails are still the weakest link in security chain.
An email has shifted to an essential part of daily life that many businesses rely on email services now as a central communication tool to deliver official documents, and have a business conversation. Email is also important for individual users to stay in touch with friends, chat with colleagues etc.
However, the mail also provides the best ways to cybercriminals for infiltrating into their targets. Because it is easy to hide under a fake email account and trick user.
According to F-Secure’s report, email risks still pose a great danger to businesses.
The single most common source of breaches analyzed in the report was attackers exploiting vulnerabilities in an organization’s Internet facing services, which is 21 percent of security incidents investigated by F-Secure’s incident responders. [1]
Phishing 16% and emails with malicious attachments 18% together accounted for about 34% of breaches.
Cybercriminals use basic social engineering schemes such as sending fake emails, rather than hacking into systems. There are a lot of different ways different attackers can use email, and these attacks are popular because almost every company relies on email for communication. Therefore it important to think before they click on attachments
1- Email is the weakest link in security chain
Other significant findings in F-Secure report include:[1]
- Organizations were hit by targeted and opportunistic attacks in nearly equal proportion to one another
- Insider threats accounted for one-fifth of security incidents
- Incident responders were contacted after the security perimeter was breached in nearly 80 percent of cases
- The most common post-breach action taken by attackers was spreading malware (mostly for financial gain, but also for espionage or maintaining access for future purposes)
- 13 percent of investigations turned out to be false alarms.
2- Effective Solutions Against Email-based Attacks
To bring an effective solution, people, process and technology elements must be included in cyber security measures that the three of the elements must be applied to take the necessary steps against the security threats in a rmonious way to keep cyber security at balance.
That’s why Keepnet Labs is important. Its distinctive features and competitive advantage stemming from its holistic and multi-layered security modules, that include people, process and technology as a whole. Keepnet Labs’ platform is based on the philosophy of ultimate cybersecurity, adopting three-element, people, process and technology to create cyber security awareness. The company is dedicated to continuously innovating and expanding its line of security products in order to meet the needs of a dynamic and rapidly growing networked population. None of the competitors provides the whole features Keepnet Labs presents. [2]
Keepnet Labs has 5 platform modules working ‘hand-in-glove’ to provide a market-leading, holistic solution. The modules are Phishing Simulator, Awareness Educator, Email Threat Simulator, Threat Intelligence, Incident Responder. These enti-phishing solutions can protect your weakest link in security chain.
Phishing Simulator:
- Simulates phishing attacks in a benign environment.
- Tracks user responses and reports
- Quantify vulnerability
- Facilitate proactive response
- It has customisable, scheduled and self-service
Awareness Educator:
- On-demand Cyber-security awareness training
- Automated in response to a failed Phishing Simulation
- Comprehensive training content covering all current threat
- types and learning styles
- Serious gaming integration
- Granular reporting for total visibility
Email Threat Simulator:
- Regularly tests your technological investments (such as firewalls, anti-spam and anti-virus), using simulation logic to mimic the attack vectors targeting organisations like yours through your email services.
- Techniques include email harvesting, domain squatting, vulnerability scanner, client side attacks, malicious attachments, ransomware samples, misconfiguration, browser exploits and file format exploits.
Cyber threat Intelligence:
- Scans the web searching for signals and data that may represent a breach of your data security and therefore a threat to your business.
- The constant vigilance afforded to you by the Threat Intelligence module shortens the time between potential data breach and defensive response.
Incident Responder:
- Incident Responder module allows user to report suspicious emails with one click via our Outlook add-in,
- Sends the email content to our suspicious email analyser for header, body and attachment analysis.
- Creates a variety of attack signatures for alarm generation or blocking active security devices.
- Integrated 3rd party service licenses – Virustotal, Zemana Anti-Malware, Trapmine and Roksit DNS Firewall, Carbon black, Fireeye, Splunk, Qradar, Arcsight and more …
- Automated incident investigation on client inbox & active response
3- Resources
[1] http://bit.ly/2GDD6Iq
[2] http://bit.ly/2CkoYpm
“This post is originally published at www.keepnetlabs.com”
Teknoloji Haberleri