The Colonial Pipeline ransomware attack in May created chaos that rippled throughout the economy. The six-day shutdown interrupted the flow of gasoline, diesel, jet fuel and other petroleum products between Texas and the East Coast. It drove gas prices to their highest levels in years, led to panic buying across large swaths of the country and forced airlines to adjust their flight schedules to conserve fuel.
Authorities now say it began when a Colonial employee clicked on a seemingly safe email link or attachment. The FBI and the U.S. Cybersecurity & Infrastructure Security Agency (CISA) have identified the criminal hacking group DarkSide as the perpetrator, noting that the group has a long history of using email-borne phishing attacks to gain unauthorized network access.
It is an unfortunately familiar storyline.
Organizations constantly struggle to protect themselves from attacks that enter the computing environment through email. Email has become the No. 1 delivery mechanism for ransomware, malicious attachments, malicious URLs and other malware. Most attacks involve spoofed emails that trick recipients into clicking on links or opening attachments with malicious payloads.
The problem became particularly acute last year as businesses became more reliant upon email communications while operating with remote workforces. According to a recent Vanson Bourne study, 80 percent of companies say their email usage increased in 2020 — and malicious actors seized on the opportunity.
There was a 64 percent increase in email-borne threats in 2020, according to the study. More than 60 percent of companies said they experienced a ransomware attack last year, and only two-thirds of those were able to recover their data.
Analysts say these attacks were designed to exploit mass numbers of remote workers who lack many of the built-in security measures they would have in an office environment. Additionally, research suggests that stress, fatigue and distractions make remote workers more susceptible to email fraud. The Vanson Bourne study seems to support that theory, finding that employees worldwide clicked on malicious email links and attachments three times more often in 2020 than they had the year before.
Human error is certainly a contributing factor in the rise of email-borne attacks, but organizations aren’t doing enough to protect employees. Nearly nine out of 10 respondents to the study say they need additional email security, and 13 percent report that they have no email security measures at all. Seventy percent said they expect their business to be harmed by an email-borne attack this year.
Email’s popularity as a business communication channel has made it a target of cybercriminals for years. Traditional reactive security measures that respond to an attack after it has occurred are no longer entirely effective. Organizations today should be thinking in terms of a more proactive “cyber resilience” model focused on anticipating and preventing attacks rather than reacting to them.
Cyber resilient organizations increasingly leverage artificial intelligence and machine learning to bolster their email security. Using advanced techniques such as deep neural networks, AI-powered solutions can process thousands or millions of emails to learn the telltale signs of malicious emails.
Many of today’s solutions also offer advanced phishing protection, utilizing machine learning to assess the threat posture of inbound email. They also use telemetry data combined with analytics and modeling to validate the reputation and authenticity of senders. This helps organizations stop phishing emails before they reach an employee inbox.
Over the past 50 years, email has become the preferred business communication channel, but it is also the preferred delivery mechanism for a variety of cyber threats. Give us a call to discuss ways to secure your email environment and boost your cyber resilience.