wonderfully unique software solutions

Fighting off ransomware? Don’t neglect other business email threats

With ransomware in the news, it can be easy to overlook other typical business email related threats such as phishing or other malware, cybersecurity specialist Hornetsecurity has warned.

“If you had to guess which cyber-attack flavour cost businesses the most money globally, most people would have said ransomware,” the company said in a blog post.

Most people remember the Colonial Pipeline attack shutting down gas access for the Eastern seaboard of the US for several days: that particular attack seems to have been the one that caught people’s attention, according to the Hornetsecurity team.

“Until last year, ransomware was however not the biggest cash cow for the criminals; it was business email compromise, and only last year, according to the latest FBI report, was that overtaken by financial fraud.”

And although most breaches involve external actors, almost one in five are inside jobs, according to several reports. Paying attention to internal risks from potentially disgruntled employees and so on is also important, said Hornetsecurity.

“Having a strong insider risk program is crucial, and it needs to be based on more than just data loss prevention (DLP) technical controls,” it said.

“Insider risk is a spectrum from someone inadvertently breaking a rule about emailing business data to a personal email address ‘to work at it over the weekend’ to inappropriate language, harassment, theft of intellectual property or sabotage.”

Diversity of attack vector and risk

A majority of breaches are caused either directly or indirectly by human error, which ranges from clicking the links in a phishing email or similar, or failing to properly deploy available cybersecurity solutions or follow policies to the letter when required, Hornetsecurity explained.

That’s before you consider that many cybercrimes likely go unreported.

“The takeaway here is to apply a zero-trust approach to securing your business, verifying each connection and authentication. Applying policies to only allow connections from managed devices is a good idea, or at least enforce stricter policies for personal devices,” Hornetsecurity advised.

“Since the primary vectors for the initial foothold are phishing emails, ensuring that as many of those as possible never reach your user inboxes is vital.”

Adopting a zero-trust approach to security from a vendor such as Hornetsecurity means that authentications and connections are checked and verified explicitly each time against a policy engine, rather than assuming connections on trusted networks are safe.

Additionally, “least privilege access” means ensuring users only have the access they need, while assuming that an attacker will sooner or late get in. Sufficient security must be in place that attacks can be caught fast, Hornetsecurity said.

The vendor offers a portfolio of Microsoft 365 focused cybersecurity solutions for security and backup of email in the cloud, including advanced threat protection, spam and malware protection, email encryption, and continuity of service.

( Photo by Jesse Collins on Unsplash )

Recent Articles

Cross-browser testing provider BrowserStack named Microsoft ‘partner of choice’

Software testing platform provider BrowserStack has announced a strategic partnership with Microsoft to support Visual Studio App Center users transitioning to BrowserStack...

JetBrains rolls out full-line code completion for its IDEs

Developer tools company JetBrains has added to its AI-enablement tools with full-line code completion for its integrated development environments (IDEs), separate to...

OpenText renews X12 supply-chain data standards partnership

Enterprise information management (EIM) software vendor OpenText is renewing its partner licensing agreement with the X12 electronic data interchange (EDI) standards organisation.

LiveAction NPM performance extended for Cisco unified server users

Network intelligence from vendor LiveAction has been certified to work with high performance Cisco servers, increasing availability of its packet data and...

CoSoSys endpoint DLP helps protect NHS ambulance services

Endpoint Protector by CoSoSys was deployed to control removable devices and enforce endpoint encryption wherever some 4000 staff at NHS South East...

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Weirdware monthly - Get the latest news in your inbox