Counter Phishing Attacks with These Five Tricks
Forgot to lock your office, never mind you have a much bigger security concern to worry about, for example, phishing attacks.
In 2017 nearly 76 percent of the business across the world suffered phishing attack. This happens because an average employee gets around 17 malicious emails every month, and the number is only going up.
According to Verizon data, nearly 30 percent of the phishing email gets opened by the employees, and some 12 percent click on the link or attachment causing the breach to happen. So any mid-sized business will end up losing $1.6 million per successful phishing attack.
Jack Danahy, co-founder, and CTO for AI-based endpoint security platform, Barkly said “Credential and data stealers are silent killers. Unlike ransomware that trumpets its presence by disabling systems and flashing ransom demands, more sophisticated attacks can live for weeks or months, exfiltration of private information and credentials from systems where the unaware users continue to do their jobs.”
Phishing is a big problem and one that organizations can’t undoubtedly surmount with innovation since it targets workers and depends on human instinct. Be that as it may, there are strategies and best practices you can use to limit the danger of a security breach from a phishing email.
1. Monitor External Traffic
Phishing only benefits cyber criminals if the data they steal comes back to them. That means there are clues in your outbound traffic that can signal a security breach.
“Data or credentials aren’t stolen until they leave the building, and if you are watching for unusual volumes or destination of traffic, particularly encrypted traffic, you may be able to stop it before it goes too far,” says Danahy.
Monitor all network traffic, looking both for unusual activity and connections to IP addresses with bad reputations. Bad addresses change rapidly, but security services can provide updated lists of sketchy IP addresses globally.
2. Make Reporting Security Concerns Easy
Only 17 percent of phishing campaigns get reported by employees, according to Verizon research. Work on increasing this number by setting up an easy and clear system that employees can use for notifying IT and getting the word out.
“Make it really easy for employees to escalate potential phishing emails for review and reward diligence,” advises Joe Sullivan, the chief security officer for a cloud security firm, Cloudflare, and former head of security for Uber and Facebook.
“Integrate your users as part of your protection, don’t treat them as vulnerabilities,” adds Danahy at Barkly. “Users who feel that they are sensors and guardians take that role seriously, and if you train them to help you identify campaigns in the process, they will pay more attention than if you are simply telling them activities to avoid.”
3. Verify Sender Identities
Spear phishing, where malicious email masquerades as a legitimate communication from a trusted contact, is one of the bigger phishing threats. But you can cut down on spear-phishing by installing technologies that verify sender identity and raise a red flag if something looks amiss.
“Implementing email authentication mechanisms such as DMARC/DKIM/SPF can significantly reduce a malicious actor’s ability to impersonate people in your organization,” notes, Leonardo Varela, director of engineering, Metasploit and offensive security at the vulnerability management firm, Rapid7.
Especially make sure that they identify by email from senior executives and your financial department are clearly marked as legitimate, as these are common vectors for spear phishing.
4. Ban User-Generated Passwords
Easy passwords are part of the phishing problem. Once a phishing attack has succeeded in infiltrating a business, malicious software that has been installed can sniff out weak passwords and exploit the employee habit of using the same password for multiple systems.
When defending against phishing attacks, Sullivan at Cloudflare recommends that businesses should tackle the password problem head-on and keep employees away from password creation altogether.
“Give out subscriptions to a password manager to your employees, and require all company passwords to be generated by the app,” suggests Sullivan. “Have a 100 percent ban on passwords created by humans.”
5. Automate Containment
Most of the damage from phishing attacks come after a successful breach. Crucial in the defense against phishing is a rapid containment and remediation response. This containment and remediation should not be a manual process, however. Remember, human error is how the phishing attack succeeded in the first place.
“Automating the whole process for containment is perhaps the most important investment that a security team can make to evolve their phishing security posture and defend against current and future phishing attempts,” stresses Varela at Rapid7.
Ensure you don’t just have an arrangement for containing phishing attacks, yet in addition to software and system for naturally dealing with things like removing phishing email from all worker accounts once a danger has been found.
Since phishing depends on a human mistake, totally shielding against it with specialized arrangements is tragically unrealistic. The human component is characteristically uncertain, so phishing security likely will be a worry until the point when the robots totally assume control over the business.
That doesn’t mean your organization must surrender to the phishing attack, in any case. It just implies that the fight is developing and continually evolving. Innovation and great counteractive action can help.