Gavin Wood is the Chief Technology Officer at Chess. With over 20 years in the IT industry, Gavin has a track record of driving successful business transformation through technology. An avid yachtsman, he's a massive advocate for remote working and anywhere operations.
In this article Gavin Wood, CTO at Chess covers:
Email, businesses depend on it, and regardless of whether you love it or hate it, it’s here to stay. Even with the seemingly unstoppable rise of teams/zoom (other collaboration tools are available), email remains the primary business communication tool in most organisations. Cybercriminals are fully aware of this and are able to use email as a gateway into a business. This is known as Phishing.
Today, I will deep dive into what Phishing is and how you can ensure you and your business are better protected.
Phishing is a type of social engineering attack, where an attacker sends a fraudulent email to a victim with the aim of triggering a response, such as revealing sensitive information, trigging a malicious payload such as ransomware, or even voluntary transferring funds to the attacker’s account.
There are several types of Phishing:
Bulk Phishing: Bulk sending emails that are not personalised or targeted. A spray and pray approach.
Spear Phishing: Directly targeting a person or business through personalisation of the email message and content, with the aim of increasing the effectiveness of the attack. The attacker may be looking for the credentials of someone with poorly configured privileges, such as domain admin.
Whaling: Spear Phishing through targeting the senior/executive team or other high-value targets within a business.
CEO Fraud: The opposite of Whaling, by sending a Spear Phishing attack to someone in the business from the CEO with the aim of getting that person to do as asked.
Threats, Tools for Protection, and The Ever-Changing Landscape
On Demand Video Series
Johan Dreyer, EMEA Field CTO at Mimecast, and Gavin Wood, CTO at Chess, discuss the biggest Cybersecurity threats right now, the critical set of tools required for protection, and how to keep ahead of ever-changing cyber threats.
So why has the shift to hybrid working been the focus for cybercriminals?
One of the main factors is the global COVID pandemic, which forced businesses to adopt new ways of working very quickly. This rapid transition to new technologies lead to many businesses not fully assessing the impact, especially on IT security. For example, has your new hybrid working model been through the same level of security sign off as your previous office-centric approach? Have you tested this new setup with an independent third party to verify your security assumptions? These scenarios and security stages were evidently missed in large due to the speed of transition.
Secondly, cyber attackers are capitalising on people. No matter what technical controls are in place, the human element cannot be underestimated. According to Tessian, 43% of people admitted to making a mistake at work that had security repercussions. Phishing works because people can be hacked. Hackers take advantage of our natural phycological tendencies to trick us into behaviours that allow them to be successful.
The new hybrid working approach is a factor in this. However, remote working and all its advantages can bring new stressful elements, from household distractions such as childcare. Being “always available” can cause us to be more vulnerable to clicking that email. Tessian reported that, 57% of their survey respondents feel more distracted when working from home.
Microsoft 365 Live Hack
Compromised in less than 15 minutes
I don’t think anything we can do will stop criminals; it’s just too easy and profitable for them to stop. The main way to combat attacks is to have a strong set of technical controls in place to remove the possibilities of a Phishing email reaching a person’s inbox.
Adopting a layered approach to security is useful to ensuring you're protected. Filter the mail using a trusted provider before it even hits your infrastructure and have appropriate filtering rules in place for your mail processing system. Also make sure to ensure that DKIM, SPF, and DMARC configurations are in place and working correctly.
Ultimately, use an industry leader in endpoint technologies that can block any threats that do make it through! Test your defences and use a trusted provider to assess your security.
Finally, and most importantly, educate your people. If Phishing works because it takes advantage of our behaviour, train your people to be aware and know what action to take if they suspect they are being Phished.
Email: The Danger Within
On Demand Webinar
Learn why your email needs additional security and how to best protect against threats.
For more advice, contact us today by filling the form below
Your top vulnerabilities
Gavin Wood, CTO at Chess, takes a trip down memory lane, summarising his years of experience in the industry and the new level of protection all organisations need.
Buyer's Guide Managed Security Services
Find out what to look for and avoid when sourcing Managed Security Service Providers.