Anita Joseph caught up with Werno Gevers, Regional Manager, Mimecast Middle East to learn more about Business Email Compromise and the threat-security patterns/trends businesses in the Middle East must watch out for in 2023.
How does Mimecast’s advanced email and collaboration security optimise efficacy and help make smarter decisions about communications that fall into the gray area between safe and malicious?
Mimecast uses AI and Machine Learning models based on our analysis of more than 1.3B emails daily. By filtering out malicious emails at scale and driving intelligent analysis of the “unknown,” Mimecast’s advanced email and collaboration security makes information actionable and provides the reliability, resilience, and scale that the modern threat landscape demands. Our solutions take the guesswork out of threat detection and by applying the right detection capabilities at the right time, we are able to offer continuous protection, letting end users work protected, without interrupting their jobs.
Tell us more about the Mimecast X1 platform and how it’s providing the resilience, reliability and scale that the modern threat landscape demands?
The widespread adoption of hybrid work environments coupled with the increased use of digital-centric communication channels has expanded the attack suMimerface – creating new organisational security risks for both people and data. The Mimecast X1 Platform is designed to mitigate risk across email communications and help empower organisations to secure their workplace environment wherever work happens. It does this through various key methods, such as using AI and machine learning to detect emerging and unknown threat types, as well as offering a vast API ecosystem that supports fast, simplified integration of Mimecast with existing security investments.
Business Email Compromise (BEC) is said to be the costliest of Internet crimes, accounting for 44% of the $4.1 billion in US losses reported in 2020. How does Mimecast help organisations implement a complete, holistic strategy to reduce BEC risk?
There are several ways that organisations can prevent BEC attacks from reaching both their own employees and their customers and partners:
- Organisations can leverage Mimecast’s AI-based Brand Exploit Protect and DMARC Analyzer tools to monitor and respond to malicious brand impersonation attacks out in the web and through email. The DMARC protocol gives an organisation full visibility and control of who sends emails on their behalf and protects against BEC phishing attacks that seem to originate within your organisation but were actually crafted by criminals.
- Invest in regular and impactful cyber awareness training for staff, as it is one of the most effective ways of strengthening an organisation’s overall cyber resilience. Empowering employees to understand email threats and be more vigilant will help them resist advanced and targeted threats like BEC.
- Mimecast’s Secure Email Gateway with targeted threat protection is an essential tool in helping to protect employees from these impersonation attacks. Every inbound message is analysed in real time for signs of risk, from sender spoofing to suspicious international characters or body content. Threat intelligence can then be shared instantly across the security stack, empowering all security systems to respond more quickly and effectively.
How can and should, organisations respond to Business Email Compromise, should it happen?
Organisations need a comprehensive, layered strategy for resisting BEC attacks. Central to deterrence, is effective, continuous security awareness training to compel attention, engage employees, and clarify the right actions to take when confronted with a possible attack. Training should be linked to strong policies — for example, independently verifying every request to change a payment account.
Should a BEC attack occur, an organisation should immediately trace and quarantine the affected user’s email and associated credentials, and perform a full audit of all internal and external messaging to curb the spread of any further malicious emails. From there, security teams can trace if any internal systems have been compromised and take steps to further stop remote attackers from gaining access to other connected systems. Once all traces of the BEC attack have been dealt with, the user’s access can be restored after following relevant security protocols.
What are some of the threat-security patterns/trends businesses in the Middle East must watch out for in 2023?
This year is likely to be another busy year in the cybersecurity space and cyberthreats will continue to evolve and become more dangerous. But here is a snapshot of some of the key trends Mimecast’s security experts predict we will see:
- With new employees joining companies at the beginning of the year, there will be an increase in phishing attacks that are engineered to look like congratulatory emails from senior executives. New hires may receive an influx in emails that masquerade as LinkedIn connection requests or onboarding information, but are in fact fake landing pages to harvest credentials for account takeover fraud.
- As a significant portion of the workforce continues to work from home, companies may roll out tighter BYOD policies, or offer separate home networking equipment.
- Combating ransomware will continue to be a top priority for organisations, and it is important that businesses’ ransomware defences are kept up to date as well.
- In 2023, threat actors are likely to take social engineering to the next level. As AI voice cloning technology becomes more powerful and readily available, we will see an increase in impersonation attacks that utilise audio deepfakes. These will be used in combination with compromised email and collaboration accounts.