Intelligent CIO Middle East Issue 34 - Page 96

t cht lk address being spoofed. This makes it difficult for end-users to spot attacks. It has been stated that 91% of cyberattacks and their resulting data breaches now begin with a spear phishing email message. Phishing has evolved in lockstep with the ‘malware-as-a-service’ phenomenon. Phishing emails come in all shapes and sizes and unfortunately no single product will fully protect your business from phishing attacks. Phishing is now run as a business and cybercriminals have been using different attack strategies to retrieve information from their target. Some of the strategies include phishing services, off-the-shelf phishing kits and business email compromise. Free phishing kits An interesting facet of the phishing ecosystem is that there is a large number of actors committing attacks but only a small number of phishers that are sophisticated enough to write a phishing kit from scratch. Because of this, phishing kits are now widely available for download from dark web forums and marketplaces and give attackers all the tools they need to create profitable phishing attacks: emails, web page code, images and more. Attacks-as-a-service In fact, attackers don’t even need to know how to create malware or send emails anymore. As-a-service and pay-as-you-go solutions permeate most online service technologies and phishing is no different, with a range of services increasingly available to attackers: • Ransomware-as-a-service allows a user to create an online account and fill out a quick web form, including the starting ransom price and a late payment price for victims. The provider of the service then takes a cut of each ransom paid, with discounts offered if the user is able to translate the malware code into new languages or if the volume of the attack exceeds a certain level • Phishing-as-a-service allows users to pay for phishing attacks to be sent for them, using global botnets to avoid known dodgy IP ranges. Guarantees are even made to only bill users for delivered email messages, much like any legitimate email marketing service 96 INTELLIGENTCIO “ PHISHING IS NOW RUN AS A BUSINESS AND CYBERCRIMINALS HAVE BEEN USING DIFFERENT ATTACK STRATEGIES TO RETRIEVE INFORMATION FROM THEIR TARGET. These services have led to the explosion of phishing attacks highlighted earlier, as any attacker can launch an attack regardless of technical skill. Phishing attack prevention: How organisations must protect themselves from getting hooked Stop threats at the door The best defence against phishing emails is your email gateway. Email protection is your watch guard, blocking 99% of unwanted email at the gateway, including malicious attachments, content and URLs, long before an end-user ever sees them. Web filtering is another must-have as a front- line defence, filtering and blocking infected URLs should your users click an email link. And file sandboxing ensures those nasty malware laden downloads get removed from the threat chain early on. Protect your weakest link – users Even with the best upfront filters, attacker methods such as BEC – with no executables or links to detect – may still get through. Appropriate training and education is critical for ensuring that all your employees know how to spot and deal with these types of email messages. Secure your last line of defence If your click-happy end-users inadvertently unleash potent, powerful malware on to your systems, there’s still ample opportunity to stop the damage and even reverse its effects. Next-generation exploit prevention solutions will identify, analyse and neutralise the effects of even the most advanced, unseen malware out there and automatically clean up all trace of infection so you can get on with your day. Know your business Make sure your company processes are understood, that you encourage employees to question requests that seem out of