When people think of phishing attacks, what often comes to mind is a Nigerian Prince asking for a bank transfer. As long as employees are savvy, the risk seems quite low. Maybe your company even has insurance to protect against cyber theft. However, modern day phishing attacks are much more sophisticated than most people realize, and the fallout from an attack goes well beyond what can be covered by an insurance policy.
If your IT department, security team, or messaging group are asking for budgets to combat phishing attacks, here are some reasons you should listen:
1. Phishing attacks result in very public embarrassments
From HBO to Sony to Facebook and Google, the list goes on, Falling victim to a phishing attack will put your company in the headlines in the worst way. Recovering the trust and reputation will take much longer than the recovery of the lost data.
2. Hackers turn your email into a cyber weapon as a way to attack your customers, partners, and vendors
Your organization will not be the only victim; access to your organization includes access to everyone with whom your organization is connected. The attack will affect your customers, partners, and vendors. Last year we wrote about such an instance where an affected user passed the phishing attack on to every single one of their contacts.
3. The cost of phishing goes beyond just what the hackers steal
Vade Secure estimates the total cost of a single spear phishing attack on a company with $100 million in revenue to be $7.2 million, nearly 10% of their annual revenue. These costs mainly come in during the recovery from the attack.
Depending on your industry there can be fines and penalties from regulating bodies for your lack of compliance. Such was the case in this recent $400,000 settlement with HIPAA after a data vulnerability at a healthcare center was found to be a violation of the Privacy Rule.
Your IT teams need to scramble to find the offending email, disable accounts, estimate scope of breach, and rework policy. Here are the steps Microsoft recommends for identifying a single compromised account. Still, the work needed to recover from a far reaching attack can be exponentially greater. Business can to come to a standstill until the threat is contained.
The largest cost is invisible: loss of revenue resulting from loss of customer confidence and trust. A report by IBM estimated that reputational costs account for 40% of the total cost of a cyber attack on average.
4. Hackers are now targeting C-Suite executives
Hackers seek the biggest bounty. Seemingly benign, low-level breaches serve as a beachhead to target employees with the most access and power. If you are an executive and using Office 365, you are the target. Without dedicating an entire IT team just to monitoring the security of each executive, the only option is to implement a robust security solution that can block attacks and flag suspicious behavior immediately. The true role of security is to allow executives to focus on day-to-day productivity rather than playing cyber security whack-a-mole.
For many executives, their name is their brand. When a phishing attack is perpetuated under the name of a high ranking executive, it tarnishes their personal brand as well as that of the organization. The latest Internet Crime Report from the US Department of Justice discloses that spear phishing attacks on executives cost businesses $360 million in 2016. (Data for 2017 is not yet available, but is expected to be considerably higher).
The Avanan Solution
A phishing attack is not an email. It is a process. Most security tools try to stop attacks through file analysis: read an email, then block or allow. Avanan has end-to-end information and correlates it to identify the phishing event, detecting the attack even if there is no email to be read.
Industry-Standard Capabilities are only the beginning
Avanan implements the traditional email security layers of SPF/DKIM/DMARC checks and URL filtering by leveraging the three largest realtime blacklists and the most advanced malware and phish-detection tools in the industry. These methods are generally already implemented by the default security and only catch about 15% of phishing attacks at the time the email is received. Most phishing attacks that bypass the default security are true zero-day and come from highly reputable senders. They bypass the most popular email gateways.
Advanced Machine Learning Analysis of over 300 attack indicators
In order to catch the more advanced attacks, Avanan has developed a unique machine learning algorithm that analyzes 300 indicators in each message accross every email component: headers, subject and body, links, attachments and the content those point to, and more. More importantly, the API-based integration also allows Avanan to analyze all historical emails to determine the prior trust relations between the sender and receiver. Unlike email gateways that analyze each message in isolation, Avanan applies both user and company-level context analysis to catch malicious messages.
Even with these security measures, users may still lose their credentials. With hundreds of millions of passwords lost in 2017 alone, it may not be necessary to send a phishing attack to log in as one of your employees. In order to provide a complete solution, the Avanan platform analyzes every form of account activity to detect and block account takeovers. This is done by correlating login events with past activity based on geography, time of day, and other indicators and account activity, such as sending outgoing phishing emails, sending a high volume of emails, or sending emails with multiple recipients. By correlating these indicators through another machine learning filter, the algorithm is able to flag compromised accounts and respond without ever seeing a suspicious email.