28 01732 759725 CYBER SECURITY Integrated Cloud Email Security solution shows that 47% of phishing emails that use obfuscation contain two layers to increase the chances of bypassing email security defences and reaching the target recipient. HTML smuggling is the most popular obfuscation technique, accounting for 34% of instances. In addition, there has been an 11% increase in phishing attacks sent from compromised accounts. Because compromised accounts are trusted domains, these attacks usually get through traditional perimeter detection, including secure email gateways. Egress data shows that the percentage of emails getting through Microsoft defences was 25% higher this year, with 47.7% of missed phishing attacks sent from compromised accounts. The percentage of attacks getting through secure email gateways (SEGs) was 29% higher. Chapman said: “If you’re relying on traditional perimeter detection that uses signature-based and reputation-based detection, then you urgently need to evaluate integrated cloud email security solutions that don’t rely on definition libraries and domain checks to determine whether an email is legitimate or not.” He added: “Legacy approaches to email security rely heavily on quarantine, barring end users from seeing phishing emails. But as our report highlights, phishing emails will inevitably get through. This is one of the reasons why we’ve flipped the quarantine model on its head, adding dynamic banners to neutralise threats within the inbox. These banners are designed to clearly explain the risk in a way that’s easy to understand, timely and relevant, acting as teachable moments that educate the user. Ultimately, teaching someone to catch a phish is a more sustainable approach for long-term resilience.” www.egress.com How to catch a phish Egress, provider of an Intelligent Cloud Email Security suite that uses patented self-learning technology to detect inbound and outbound threats, is warning businesses to be on their guard against the growing security threat posed by large language models (LLMs) and social engineering campaigns. Jack Chapman, VP of Threat Intelligence at Egress, said: “Without a doubt chatbots or large language models (LLMs) lower the barrier for entry to cybercrime, making it possible to create wellwritten phishing campaigns and generate malware that less capable coders could not produce alone. “However, one of the most concerning, but least talked about applications of LLMs is reconnaissance for highly targeted attacks. Within seconds, a chatbot can scrape the internet for opensource information about a chosen target that can be leveraged as a pretext for social engineering campaigns, which are growing increasingly common.” While there is potential for cybercriminals to use LLMs and chatbots to create phishing email campaigns, the second Egress Phishing Threat Trends Report suggests that AI detector tools are currently not that good at identifying chatbot-written emails. Egress says that because they utilise LLMs, the accuracy of most detector tools increases with sample size, adding that they often need a minimum of 250 characters to work properly. With 44.9% of phishing emails under 250 characters and a further 26.5% under 500 characters, AI detectors won’t work reliably or at all on 71.4% of attacks. The report also warns that the proportion of phishing emails employing obfuscation techniques to hide attacks from detection mechanisms has risen by 24.4% to 55.2%. Data from the Egress Defend LLMs boosting success of phishing campaigns, warns Egress Jack Chapman Egress data shows that the percentage of emails getting through Microsoft defences was 25% higher this year, with 47.7% of missed phishing attacks sent from compromised accounts Cyber insurance a spur to better security Half of organisations with cyber insurance have implemented additional security measures to qualify for cover or to reduce its cost, claims cybersecurity vendor Netwrix. In a worldwide survey of 1,600 IT and security professionals for its 2023 Hybrid Security Trends Report, 44% of respondents said they already have cyber insurance, with a further 15% planning to purchase a policy within the next 12 months. Of those that already have cyber insurance, 22% had to improve their security posture to qualify for the policy, while 28% made changes to reduce their premium. Dirk Schrader, VP of Security Research at Netwrix, said: “The insurer’s audit will highlight security gaps and provide recommendations on how to overcome them. In some cases, implementing additional security controls is mandatory to even qualify for a policy. In addition, some organisations choose to invest in more security measures because it reduces the cost of the insurance policy.” Measures needed to qualify for a policy include multifactor authentication (cited by 63%); patch management (55%); security training for business users (47%); identity and access management (38%); and privileged access management (36%). www.netwrix.com Hybrid Security Trends 2023
RkJQdWJsaXNoZXIy NDUxNDM=