With a plethora of cloud-based services, including Gmail and Office 365, the delivery stage is perhaps the most inexpensive phase for businesses to implement malware interception today. It is also relatively easy of implement, with little if any impact on business operations. Email scanning and web surfing proxy services located on-premises or in the cloud provide the majority of cyber attack defenses at this stage.
Cloud-based services push defenses outside the organizational perimeter and provide cyber defense value by preventing the attack from even arriving at the endpoint. Even though many of these services have multiple virus definition engines and heuristic analysis capabilities, cybercriminals do occasionally sneak malware past these defenses using old fashion cunning and guile, enticing an employee to click on a link and/or
execute a payload.
The malware-less attack of business email compromise or CEO fraud is an example of a cyber attack that bypasses even the most robust email filtering defenses. Thus, employee awareness training that teaches people to verify any request or unsolicited/suspicious attachment via verbal confirmation can help guard against these increasingly sophisticated social engineering attacks. The so-called “CEO fraud” attacks frequently result in larger payoffs for cybercriminals than ransomware as they appear to be an executiveauthorized money transfer to a business partner.
“Cloud-based services push defenses outside the organizational perimeter and provide cyber defense value by not even allowing the attack to arrive at the endpoint.”
Also, CEO fraud attacks may have other designs than facilitating illicit money transfers. Cybercriminals may also want to steal employee data. According to a SIEM vendor, “Over a third of the respondents to a recent survey reported their executives have fallen victim to a CEO fraud email, and over 80% believed their executives could fall for targeted phishing scams in the future. Those concerns are well-founded. More than 50 organizations, including Snapchat and Care.com, were successfully targeted by CEO fraud emails asking for W-2 information this past tax season alone.”
It’s fair to say, the first layer of cyber defense should be designed to defeat the attack before it even makes it onto the endpoint. However, when the attack arrives in the form of a fraudulent, yet legitimate-looking email, employee awareness training is the best investment companies can make to prevent large-scale loss.