For many businesses, the majority of cyber attacks come in the form of malicious emails, which makes email protection a priority in order to avoid any data losses.
It is not easy, though, to choose the right email protection tools and procedures if you don’t fully understand how different types of email threats work.
We asked Mike Flouton, VP of email security at Barracuda Networks, recent winner of the Global SC Magazine award, to describe the different types of email attacks, and the best email security practices you should follow proactively to protect your emails and sensitive information.
Please describe the story behind Barracuda: How did it all start, and how has it evolved so far?
In 2002, Barracuda Networks was founded on an idea to provide email security solutions that every business could afford. Barracuda’s roots are in email security, and that’s something we wear as a badge of honor, but the business has grown significantly since inception. Today, we offer more than just email security solutions with the addition of application and cloud security, network security, and data protection. One of our most recent product updates was for Barracuda’s cloud-native Secure Access Service Edge (SASE) platform in May of this year. The SASE platform can now support hybrid cloud environments, enabling deployments in Microsoft Azure and at the private service edge.
However, our roots in email security are strong, and we continue to expand our email protection portfolio on an ongoing basis. Barracuda began providing email security solutions in 2003 and has been offering enhanced solutions to meet every organizations’ needs for almost 20 years. Barracuda Email Protection is 100% cloud-based, eliminates the need for hardware or software, and offers a centralized cloud-based management console, an email security gateway to protect against inbound malware, spam, phishing, and DoS attacks, agentless email encryption, Advanced Threat Protection (ATP) using full-system emulation sandbox, and so much more.
What products and solutions do you offer?
Barracuda offers a variety of solutions in email security, application and cloud security, network security, and data protection for various verticals: healthcare, retail, financial services, education, and state and local government.
Our email security portfolio is a complete security solution that stops all 13 email threat types and protects Microsoft 365 data. Barracuda Email Protection is a one-stop shop for email security and backup. It features Advanced Threat Protection (ATP), combining behavioral, heuristic, and sandboxing technologies to protect against zero-hour and targeted attacks. AI-powered Impersonation Protection learns customers’ unique communication patterns to detect even more sophisticated threats such as account takeover attempts. Additionally, there is encryption and data loss prevention, a DNS Filtering service, Security Awareness Training, and Cloud-to-Cloud Backup. People who are curious about Barracuda’s email protection solutions can use the complimentary Barracuda Email Threat Scanner to see what serious threats may be hiding in their Microsoft 365 inboxes.
Barracuda Cloud Application Protection is a complete Web Application and API protection (WAAP) platform that secures organization’s and individual’s workloads in the cloud. We also offer WAF-as-a-service, Web Application Firewall, Advanced Bot Protection, API Security, and Cloud Security Guardian to automate security policy compliance in the cloud. Some assets that are free and available on our website include the Application Vulnerability Scanner along with a Cloud Assessment Scanner.
The Network Protection that Barracuda offers includes CloudGen Firewall, Secure Access Service Edge (SASE), Secure SD-WAN, Zero Trust Access, and Industrial Security (IoT/OT). Additionally, Barracuda’s Data Protection portfolio is complete with Barracuda Backup, Cloud-to-Cloud Backup, and Data Inspector.
What are the different types of email threats businesses and individuals are exposed to in 2022?
91% of cyberattacks begin with an email, and there are 13 email threat types — with some being more or less common, costly, complex, and effective in the case of an attack. Therefore, email protection should be a number one priority for both organizations and individuals alike.
One of the most common types of email threats is phishing, whether that be URL, lateral, or spear phishing.
- About 32% of breaches involve some type of phishing, and many include malicious links to fake websites (URL).
- However, only 57% of organizations have URL protection in place and 74% of organizations have fallen victim to a phishing attack.
One type of spear-phishing attempt, less common but increasingly costly, is business email compromise (BEC) — also known as CEO fraud or wire-transfer fraud. These types of attacks are used by hackers to impersonate an employee or leader in an effort to defraud the company. Even though business email compromise makes up only 9% of all spear-phishing attacks, it caused more than $2.4B in losses in 2021 alone.
How can you tell if an email is secure?
While there are many tools and solutions individuals and organizations can use to protect their emails, it’s important to remember the basics in case these tools fail or miss a questionable email.
You can tell if an email is secure by, first, examining the sender. Some questions to consider are:
- Do you know this person?
- Do you know the organization they’re contacting you from?
- Is their email address consistent with emails they’ve shared with you in the past?
- Is the email spelled correctly?
- Do you have a history of collaborating with this person on projects or responsibilities?
- Did you solicit business with this person or organization?
If you answered no to the questions above, it could be possible that an email is not secure.
Another way to tell if an email is secure is by, second, examining the content. Some questions to consider are:
- Does this email call for unprecedented urgency?
- Does this email provide an unfamiliar link?
- Does this email ask you to confirm personal or organizational information including log in credentials, social security numbers, phone numbers, etc?
If you answered yes to the questions above, it could be possible that an email is not secure. If you’re unsure if an email is secure, always check in with the security or IT team at your organization to confirm before taking any action.
Can you share your best practices to protect emails from these threats?
There are many steps organizations can take to provide the best defenses against attackers, however, getting back to the basics is key. Security leaders at every organization across all verticals should be asking themselves if the technology they have will suffice against an advanced threat and if their employees understand what to do in the case of an attack.
- Audit Current Security Infrastructure: To understand and identify the deficiencies that likely exist in security infrastructure and to prioritize spending to fix the issues, leaders should conduct frequent audits of their security infrastructure — including but not limited to their training programs, existing security solutions, and the processes implemented to remediate security incidents.
- Multi-Layer Approach for Email Security: Because hackers have become increasingly sophisticated in their attacks, it’s important that leaders implement advanced threat protection features like attachment sandboxing, time-of-click URL analysis, AI-powered Impersonation Protection, automated incident response, and more to protect against them.
- Best Practices Across Organizations: Organizations should work to help employees understand best cybersecurity practices not only for the organizations’ sake, but for employees’ own protection. Whether it be providing security awareness training or teaching employees the importance of keeping their systems up-to-date, it’s imperative that organizations provide understanding of security on an individual level.
- Updating and Implementing Procedures: In the unfortunate case of an attack, organizations should provide clear and updated procedures to employees, which detail how to report an incident, how to respond to an incident, and how security teams should remediate to avoid critical areas of business being compromised. Additionally, implementing automated incident response to your systems will allow you more time to act on this plan and identify the issue before your information is corrupted or stolen.
And what are in your opinion the other cybersecurity trends to keep an eye on right now?
Keeping an eye on the threats resulting from geopolitical tensions and conflicts throughout the world are extremely important, not only for security professionals, but especially for those operating in industries such as critical infrastructure. Barracuda’s recent report, The State of Industrial Security in 2022, found that 88% of respondents are very or fairly concerned about the impact that the current threat landscape and geopolitical situation will have on their organization. State actors have turned their attention to cyberwarfare in some instances to replace or operate in tandem with typical warfare tactics. This trend and changes in the threat landscape tend to impact those within critical infrastructure the most as those organizations are responsible for the most important needs of a state’s population and conduct the most vital work a society relies upon. By understanding how state actors have targeted their adversaries in the past, we can anticipate these attacks and better protect against them in the future.
Note: This article originally appeared on Safety Detectives.