Cyber-attacks on businesses can be devastating on many fronts, from the loss of productivity when systems are brought down and resulting financial losses to brand and reputational damage.
But cyber-attacks can have far greater impacts than that…
Case in point is the ransomware attack on Travelex last year, which perfectly illustrates the importance for businesses to ensure they have the right defence measures in place across web, email, and the cloud.
The foreign exchange was struck by a ransomware attack on New Year’s Eve 2019, forcing its website offline, and severely affecting its high street and banking operations.
Its customer-facing systems weren’t restored for more than two weeks after the incident, which would have cost the company far more than the $2.3m ransom paid to the attackers.
Because you can’t predict when or what the next crisis will be – or when the impact of Covid-19 will finally end – a cyber incident shouldn’t be the last straw for your company. This is, unfortunately, what happened with Travelex, which entered administration in August to result in the immediate loss of over 1,000 jobs.
However, ransomware is just one of a large number of threats facing businesses today. And in the current climate, with many companies turning to the cloud to enable their employees to work remotely, the threat landscape has broadened considerably.
It is vital that businesses ensure they are protected against cyber-attacks from every angle.
Email as an attack vector
It’s believed the ransomware used in the Travelex attack was remotely executed through the exploitation of a critical unpatched vulnerability in a VPN. Typically, though, ransomware is carried out using a Trojan, shared as an apparently legitimate attachment to an email.
With the number of email users expected to reach over 4.1 billion globally by next year, email should be considered a very serious attack vector – especially given the growing adoption of cloud platforms such as Microsoft 365 (m365) and the blind spots that exist in the native security offerings.
Email attacks can cause significant damage to your organisation and open you up to additional targeted and sophisticated attacks.
- Organisations falling victim to Business Email Compromise (BEC) or CEO Fraud attacks could see losses ranging from an average of $1,213 for a gift card based scam, all the way up to $80,000 for a more significant wire-transfer focused scam.
- A shocking 6% of organisations have even had to make employees redundant because of the financial impact.
- Finance departments increasingly bear the brunt of the attacks, with BEC attacks at this department increasing by 54% on average per week from Q2 to Q3 2020.
Businesses also need to consider the widespread use of Cloud applications, alongside protecting email. Account Takeover (ATO) attacks are also especially popular right now, opening the door to inboxes, cloud storage and more. Microsoft itself has reported an average of 300 million fraudulent sign-in attempts on its cloud platform every day – and that was pre-COVID.
The potential impact of these cyber-attacks is huge, as criminals use stolen credentials to carry out further – more damaging – impersonation campaigns.
While Microsoft does provide security for Microsoft 365, it is simply not enough on its own.
Only by adding multi-layered email protection and multi-factor authentication can businesses hope to secure their communications.
Layers of algorithmic analysis, threat intelligence and executive namechecking will help mitigate social engineering attacks like BEC, while multi-factor authentication is required to prevent ATO attempts from succeeding.
Cloud malware
The growing popularity of the cloud has broadened the attack surface for malware, including ransomware, too. One of the cloud’s key benefits – its interconnectedness – is being exploited by cyber-criminals for the propagation of malicious code.
As well as being transported via cloud-based storage and document-sharing apps, cloud malware can travel from one app to another, disguised as legitimate traffic.
When you consider just how much traffic flows through a company’s cloud applications and platforms, the scope for transporting malware – and the potential damage this could cause – is significant.
But, as with email security, taking a multi-layered approach to protecting those applications and platforms will help companies prevent malicious code from entering their cloud environments and propagating throughout their business infrastructure.
A web filtering service will detect and block calls from malware to its command and control server, preventing it from receiving instructions and effectively rendering it useless.
In addition, a cloud access security broker (CASB) will monitor user activity within an organisation’s cloud applications, alerting the security team of any suspicious activity.
Of course, this is only a brief overview of some of the cyber-threats faced by businesses today. Travelex’s experience may have been especially severe, but it should serve as a warning of the possible ramifications of a cyber-attack.
With the right protective measures in place, however, those consequences can be minimised significantly – even avoided entirely.
Having individual security measures can help to protect across each attack vector, but when the management of these measures are consolidated and security products integrated, blind spots can be eradicated and your business can have protection applied across the board.
Discover Censornet’s consolidated cloud security platform here.