In any modern workplace, there is a constant threat of a security breach. Whether it is through ransomware placed in emails or a form of malware, a breach can be right around the corner. It is imperative to know where to look. Luckily with briefings such as the California’s 2016 Annual Data Breach Report and Symantec’s 2017 Internet Security Threat Report we can see the type of attacks and tools cyber criminals are using to target organizations. According to California’s 2016 Data Breach Report, malware and hacking was the cause of 44.6 million records breached, and it has continued to grow by over 22% in the past four years. This shows why it's so important to always have your organization’s security in mind and to have security measures in place.
One of the things that is really beginning to take a steep rise in popularity amongst cyber criminals is targeting through email. In the past, phishing has been at the forefront of email related attacks. It has since taken a backseat to malware oriented attacks through email with over 357 million variants of malware attacks deployed last year. Whether this malware is in an infected link or attachment these cyber criminals are using creative ways to target users within an organization.
One example is that cyber criminals will attempt to spoof a domain name by buying one very similar to an organization’s. After the similar domain is bought they will use an email address with that domain name to send emails to employees in the real organization with malicious links posing as a fellow employee. Alongside malware, there is the surge in ransomware which threatens to publish/delete or block access to the victim’s data until ransom is paid.
Either threat is incredibly troublesome in any organization as the possibility of making data inaccessible or publishing proprietary data can be detrimental. In the latest report, Symantec has estimated that ransomware costs an organization on average $200 per victim with attackers hauling in at least $34,000 per day. It is safe to say this is a large-scale operation that requires all users to be extra cautious when opening links or attachments.
What can be done to protect against these increasingly dangerous email attacks?
Protecting your organization’s inboxes from these advanced threats is one layer of security. With Microsoft’s Advanced Threat Protection (ATP) this is easy. With ATP’s ability to protect your email in real time against attacks you are able to add an extra layer of security to further strengthen your security. If you want to learn more about ATP and protecting your organization from these email based threats make sure to read up on our more in-depth blog post: Stay Ahead of the Evolving Threat Landscape with Office 365 Advanced Threat Protection (ATP)
Data Breaches from Using Unauthorized Cloud Applications
Another growing security concern are data breaches that occur from users using unauthorized cloud applications. These breaches are not coming from the applications rolled out by an organization’s IT team but instead by the apps that users download themselves to use and store data on. When Symantec asked organizations to estimate how many cloud apps their users were using, most said they believed around 40; they were actually using almost 1,000 different cloud applications. This can pose as a massive threat to an organization, as there is valuable company information in a wide variety of uncontrolled locations -- such as an individual’s Dropbox or Google Drive.
It is important to know where your company data lies and to have the level of security that is implemented on-premises to be reflected in the cloud. With Microsoft’s enterprise-grade Cloud App Security for cloud applications, you are given the tools to have deeper visibility, comprehensive controls, and enhanced protection against potential breaches in non-Microsoft cloud applications. For more information on how to protect yourself in the cloud check out our blog here on Cloud App Security: Microsoft Cloud App Security – On-Premise Security in the Cloud
Another very common way a breach can occur is if users are using the same passwords across multiple websites. For instance, if a user has their personal email account through a popular service and it gets breached and they use the same password globally it is then possible for someone to log into that user’s account within your organization. This can be especially troublesome if an organization is not limiting the amount of administrative level privileges being given out. As a result, your whole organization could be exposed at an administrative level. With Microsoft’s Identity Manager,you can thwart identity theft with its ability to discover and map permissions across multiple systems per userwhile maintaining a common identity for your users. Another added benefit of Identity Manager is its ability to enable users with powerful tools such as group membership and self-password reset.
Know the Trends
No matter how confident you are in your organization’s security it is always incredibly important to stay up to date with the latest trends amongst cyber criminals as you never know what sort of vulnerabilities they will begin to go after next. Luckily with in-depth security reports such as Symantec’s yearly Internet Security Threat Report and California’s Annual Data Breach Report, you can stay on top of these trends and make sure you are aware of the threats that are occurring.
If you are interested in how Interlink can help you decide if services such as Cloud App Security or Advanced Threat Protection make sense in your environment, then please contact us today!