Businesses See Spike in Email Compromises

Businesses See Spike in Email Compromises

By Bill Yates

The good news on the cybersecurity front is that ransomware attacks are down this year. The bad news is that attempts at credentials thefts have skyrocketed. 

People at MSP Expo 2023 learned what they’re up against from a panel discussion titled “The Many Faces of Cyber Threat” 

Moderated by security-industry veteran Mark Daley, CEO of DaleyPros Consulting, the talk featured experts from companies that sell cybersecurity software to MSPs and other networking companies. 

“We are seeing many more business email compromises,” said Kieran Frost, chief operating officer at email security provider Sendmarc. “We’ve seen a trend away from impersonation used to immediately take cash and a move toward obtaining credentials.” 

Frost, who came from Australia to speak at the conference, said tackling cybersecurity is a never-ending task. “It takes a lot,” he said. “You never achieve it. You’re always chasing it. Threats change every day.” 

To guard against today’s ever-evolving threats, companies need layers of protection within their IT stack, said Mikey Pruitt, MSP evangelist at content-filtering software provider DNSFilter.  

 The average attack costs hundreds of thousands of dollars to recover from, Pruitt said. “Phishing is a big deal,” Pruitt said. “There’s lots of ways to mitigate phishing.” 

Distributed networking offers its own set of issues, he said. “Identity is really the big vulnerability when you’re going to the cloud,” he said. “Each of these machines have their own vulnerability points.” 

“They protect themselves from the most common things, except the thing that will put them out of business,” said Jacob Thankachen, CEO and co-founder at cybersecurity software provider CybrHawk. 

“Probably the biggest threat is credentials theft,” Thankachen said. Once bad actors have access, they can upgrade their permissions and begin to destroy you. 

Configuration is another issue, Frost said. Many customers don’t take the time to deploy their security software properly. “Don’t just go with the default settings on MSFT Defender,” he said. 

Implementing multi-factor authentication should be required, Thankachen said. “Get away from test messaging,” he said. “It is not secure.” 

Frost likes the Zero Trust approach, with appropriate access granted to only those who need it. He said to classify data appropriately so that leaked IDs can do the least damage possible. “You can actively minimize risk,” he said. 

All panelists were frightened by the capabilities of generative AI. “Every tool used by the good guys are used by the bad guys too,” Thankachen said. 

“The number of deep fakes we see this year is going to blow your mind,” Frost said. 

Frost said engines like ChatGPT have the capability to analyze and upgrade threat scripts used by bad actors. Pruitt said there’s a danger that bad actors can more successfully “model real people who you know and trust.” 

Thankachen said there’s little understanding – and no use – of generative AI in the cybersecurity field. “Everyone is fighting to develop it now,” he said. 

Like all cybersecurity experts, Thankachen said training is the key to minimizing human error. “Train people what to spot and how to report it,” he said. Companies need to encourage people to not respond by clicking, but by logging into the private network that supposedly issued the email. 

Ultimately, the message has to come from the top. “Don’t make security an option,” Thankachen said. 

“If we’re talking to the executives about security, we should be talking about risk,” Frost said. “Remediation costs can be cataclysmic.”


Edited by Greg Tavarez
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

Communications Correspondent

SHARE THIS ARTICLE
Related Articles

Shining a Light on the Dark Web: Searchlight Cyber Debuts Comprehensive Hub

By: Greg Tavarez    3/28/2024

The Dark Web Hub is a one-stop shop for crucial context and continuously updated information on dark web marketplaces, ransomware actors, hacking foru…

Read More

Stellar Cyber and Trellix Bridge the Gap in Security Operations

By: Greg Tavarez    3/28/2024

Stellar Cyber announced the integration with Trellix Endpoint Security HX to allow customers to deploy more robust security solutions and improve thei…

Read More

CyberSaint Raises $21M in Series A Funding to Continue Securing its CyberStrong Customers

By: Alex Passett    3/27/2024

CyberSaint announced that it succeeded in a huge $21 million Series A funding round. This was led by Riverside Acceleration Capital (RAC) with other i…

Read More

US Education Receives Security Upgrade with Free Browser Protection Offered by Conceal, Carahsoft

By: Greg Tavarez    3/27/2024

Conceal and Carahsoft recently unveiled an initiative to fortify the cybersecurity infrastructure of U.S. educational institutions.

Read More

Cato's AI Takes Control of Security and Incident Response

By: Greg Tavarez    3/27/2024

With Cato's recently announced Network Stories for Cato XDR, advanced AI algorithms instantly identify outages in customer networks and conduct root c…

Read More