Ransomware is a real concern for every business, from start-ups to large enterprises. As we know, Colonial Pipeline in the USA was victimized by a ransomware attack that caused fuel shortages, and 27 government institutions in Costa Rica declared a national emergency following a ransomware attack. Cyberthreats that can be classified as national security events are the worst possible threat. Cyberattacks such as ransomware and many others are often delivered through phishing.
What Is Phishing?
A phishing attack is a form of social engineering that involves using persuasive messages to persuade someone to do something that is against their best interest or that of their organization. An example of phishing is an email claiming to be from a vendor but containing an infected attachment that appears to be an invoice that must be paid. Opening the file will launch a cyberattack, such as a ransomware attack.
Why Is Phishing A More Serious Threat Than Ransomware?
Approximately 91% of cyberattacks begin with phishing emails, and no business can afford to ignore this threat. Cyberattacks like phishing are particularly dangerous since they are hard to defend against. Malware, like ransomware, may be spread through phishing, but it may not contain any malware at all. By impersonating the CEO and lawyer via email and convincing the Chief Accounting Officer that the transfers would fund acquisitions, fraudsters steal $46.7 million from a wireless product vendor. There was no malware involved, which implies that technological solutions may not be sufficient to prevent such attacks. The user, and not the device, is attacked and device defences provide limited protection.
The FBI in this case forewarned the victim organisation that they were sending funds to an account under FBI surveillance; subsequent transactions were prevented, and part of the lost money was recovered through legal action. Not other victims are as fortunate. Phishing attacks on businesses don’t always use authorised methods of contact. An employee might be solicited online through personal social media use on a personal device and convinced to divulge information about their employer that could be used to conduct a cyberattack. An illustration of this strategy is a fake job interview.
Types of Phishing
Phishing can utilise email, SMS, audio messages, phone calls, or even WhatsApp; it is not restricted to any one technology or platform. Numerous variations exist for phishing. Due to the target’s high level of influence and power, assaults on VIPs or business executives are known as “whaling.” The use of Spear Phishing, in which the attack is customised to appeal to a particular person based on that person’s interests and traits, is another tactic that attackers may use. Threat actors do not limit their attacks to the C-suite; the average person can also be a target of phishing, as shown by the recent wave of attacks in which the victim receives a call threatening to disconnect their residential electricity unless an overdue sum is transferred to a particular bank account.
Building Enterprise Defences Against Phishing
Because phishing is a highly effective cyberthreat that can be customised to deliver many forms of cyberattacks, threat actors frequently employ it. As a result, organisations should pay more attention to it while constructing their cyber defences. In order to construct effective defences against phishing, which targets people, it is necessary to identify each person’s danger exposure and to design the proper countermeasures by integrating strategy, technology, training, and culture.
Strategy
An organisation’s cybersecurity strategy is essential for ensuring resources are used strategically for cyber defence deployment. Resources-driven adversaries cannot be stopped with ad-hoc measures. To ensure organisational alignment with goals, standards, and expectations, a cybersecurity policy should also be framed based on the strategy. Defending against a threat that targets users instead of devices requires ensuring that all stakeholders adhere to the policy.
Technology
Even though phishing may not always involve malware or malicious websites, many phishing campaigns use email to deliver malicious attachments and links. An organisation must implement technology solutions at the network level (such as eScan Threat Management) as well as at the device level (such as eScan Endpoint Security) to prevent any threat activity from occurring. Threat actors regularly update malware and malicious links. AV-TEST registers over 450,000 new malicious programs and potentially unwanted applications every day, so security solutions should also receive frequent definition updates from their vendors so that they can keep up with the latest threats as well. To ensure the effectiveness of such cybersecurity solutions, every device and network within the organization must be protected. Malware can infect an unprotected computer within seconds of one user opening a malicious attachment. The use of IT systems should involve IT system maintenance. A phishing message could be used to deliver malware that exploits an unpatched vulnerability; applying patches and security updates as soon as they become available prevents such phishing attempts from succeeding.
Culture
The culture of a company also plays a role in phishing prevention. If the organisation has a totalitarian culture in which the CEO’s orders must be followed promptly and without question, threat actors can impersonate the CEO and give malevolent orders that have disastrous effects on the firm. Organisations that minimise concentrations of power and responsibility and develop a system of checks and balances to control business processes will be more resilient to phishing attempts.
The ecosystem of the internet includes people, organisations, and products in addition to technologies and goods. Businesses will find it simpler to stay cybersecure if they strengthen the security of their own area of cyberspace by exchanging knowledge and encouraging their vendors and even customers to adhere to cybersecurity best practices to prevent the business from being compromised by an attack that originates from a third party who has access to any of the organization’s IT resources. Working together makes us stronger, and it also makes it less need to worry about any kind of attack. eScan cybersecurity solutions have over 30 years of experience protecting against several kinds of cyberattacks, including phishing. Contact us for more information on how we can assist you in protecting your IT infrastructure and employees from cyberthreats.
