Tom Keating, Vice President at Proofpoint, highlights how cyber attacks are forcing companies to become more creative when approaching their cybersecurity
The modern threat landscape is rapidly evolving - with larger attack surfaces, more access points, and increasingly sophisticated cyberattacks, particularly in the wake of recent large global events.
After two years of pandemic-induced disruption, many parts of the world have returned to something close to “business as usual”. And for cyber criminals, that means getting back to innovating, iterating, and broadening their range of attacks to successfully siphon sensitive data from organisations and employees that may be better prepared.
There’s no denying that email-borne attacks remain rife – and successful. In fact, our 2023 State of the Phish Report revealed that among the global organisations that experienced attempted email-based phishing attacks last year, eight in 10 organisations (84%) experienced at least one successful attack.
And while conventional phishing remains successful, many threat actors have started shifting to newer techniques, such as telephone-oriented attack delivery (TOAD) and adversary-in-the-middle (AitM) phishing proxies that bypass multifactor authentication. These techniques have been used in targeted attacks for years, but 2022 saw them deployed at scale.
Proofpoint researchers have also seen a marked increase in sophisticated, multi-touch phishing campaigns, engaging in longer conversations across multiple personas. Whether it’s a nation state-aligned group or a BEC actor, there are plenty of adversaries willing to play the long game to get what they want from an organisation.
While many threat actors are still experimenting, what remains the same is that attackers exploit people, and they are the most critical variable in today’s attack chain. To keep pace with the new tactics deployed by threat actors, it is imperative for organisations to assess their cybersecurity posture, and more importantly, consider how they can innovate and ensure their people are a strong line of defence.
To address this, Proofpoint continues to deliver on innovations that empower organisations to bolster their defences. So far this year, we have announced a host of innovations across our Aegis Threat Protection, Identity Threat Defenseand Sigma Information Protection platforms, empowering organisations to stop malicious email attacks, detect and prevent identity-based threats and defend sensitive data from theft, loss and insider threats.
These new innovations further enhance our leading threat and information protection platforms, in addition to our newly formed Identity Threat Defense business (formerly known as Illusive). Identity theft is a growing threat in today’s digital landscape. By compromising just one employee’s identity, attackers are able to slip through existing defenses. And they can complete their attacks in a matter of days. Proofpoint Identity Threat Defense helps organisations to “break the attack chain” by detecting and preventing identity risk, stopping lateral movement and privilege escalation. It also allows organisations to augment and safeguard their productivity investments, such as Microsoft 365, with maximum deployment flexibility.
Another key advancement in our solutions is our Supplier Threat Protection offering. It only takes a quick look at recent headlines on the big cyber breaches to see that trusted supplier relationships are another growing attack vector. Our data also illustrates this threat, with 69% of organisations experiencing a supply chain attack within the past year, and global CISOs rating it as one of their top concerns. With Proofpoint Supplier Threat Protection organisations can detect compromised supplier accounts so that security teams can swiftly investigate and remediate. This new product proactively monitors for and prioritizes known compromised third-party accounts, simplifies investigation with details on why the account is suspected compromised and which employees recently communicated.
Whatever the vector or technique, one thing remains the same: cybercriminals are focused – forever honing their skills and techniques to get what they want. If organisations aren’t doing the same, there can only be one winner.
This article appears in the summer edition of Sync NI magazine. To receive a free copy click here.