wonderfully unique software solutions

Fighting off ransomware? Don’t neglect other business email threats

With ransomware in the news, it can be easy to overlook other typical business email related threats such as phishing or other malware, cybersecurity specialist Hornetsecurity has warned.

“If you had to guess which cyber-attack flavour cost businesses the most money globally, most people would have said ransomware,” the company said in a blog post.

Most people remember the Colonial Pipeline attack shutting down gas access for the Eastern seaboard of the US for several days: that particular attack seems to have been the one that caught people’s attention, according to the Hornetsecurity team.

“Until last year, ransomware was however not the biggest cash cow for the criminals; it was business email compromise, and only last year, according to the latest FBI report, was that overtaken by financial fraud.”

And although most breaches involve external actors, almost one in five are inside jobs, according to several reports. Paying attention to internal risks from potentially disgruntled employees and so on is also important, said Hornetsecurity.

“Having a strong insider risk program is crucial, and it needs to be based on more than just data loss prevention (DLP) technical controls,” it said.

“Insider risk is a spectrum from someone inadvertently breaking a rule about emailing business data to a personal email address ‘to work at it over the weekend’ to inappropriate language, harassment, theft of intellectual property or sabotage.”

Diversity of attack vector and risk

A majority of breaches are caused either directly or indirectly by human error, which ranges from clicking the links in a phishing email or similar, or failing to properly deploy available cybersecurity solutions or follow policies to the letter when required, Hornetsecurity explained.

That’s before you consider that many cybercrimes likely go unreported.

“The takeaway here is to apply a zero-trust approach to securing your business, verifying each connection and authentication. Applying policies to only allow connections from managed devices is a good idea, or at least enforce stricter policies for personal devices,” Hornetsecurity advised.

“Since the primary vectors for the initial foothold are phishing emails, ensuring that as many of those as possible never reach your user inboxes is vital.”

Adopting a zero-trust approach to security from a vendor such as Hornetsecurity means that authentications and connections are checked and verified explicitly each time against a policy engine, rather than assuming connections on trusted networks are safe.

Additionally, “least privilege access” means ensuring users only have the access they need, while assuming that an attacker will sooner or late get in. Sufficient security must be in place that attacks can be caught fast, Hornetsecurity said.

The vendor offers a portfolio of Microsoft 365 focused cybersecurity solutions for security and backup of email in the cloud, including advanced threat protection, spam and malware protection, email encryption, and continuity of service.

( Photo by Jesse Collins on Unsplash )

Recent Articles

RealVNC remote-access highlighted by six finalists for Raspberry Pi prize

RealVNC, maker of RealVNC Connect, has named six finalists for this year's RealVNC Raspberry Pi Prize with winner and runners-up to be...

Cyberattack climate entails customised firewalling, notes Stormshield

Firewalling at the edge is no longer enough so organisations increasingly need to combine suitable location with segmentation and zero-trust strategies that...

Palm vein biometrics market set to explode this decade

The market for palm-vein based biometrics has been forecast to expand in line with a compounded annual growth rate of 22.4% from...

Automox targets unsigned scripts with PowerShell signing capability

Endpoint management company Automox is unveiling Worklets Signing, which complements Worklets and Ask Otto with a view to helping companies dodge the...

Arista warns SMBs to take precautions against edge threats

Arista Networks, the vendor of Arista Edge Threat Management (ETM) has warned that SMBs aren't always aware of the extent of targeting...

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Weirdware monthly - Get the latest news in your inbox