New Area 1 Security Research Uncovers One Million Ways Attackers Breach Office 365 Email
Friday, October 30, 2020
A decade after Office 365's launch, attackers find new ways to exploit and bypass cloud suite defenses
REDWOOD CITY, Calif., Oct. 22, 2020 /PRNewswire/ -- Area 1 Security, the first and only preemptive cloud email security provider, published the results of "1 Million Ways Attackers Breach Office 365 Email," a new study analyzing nearly 1.5 billion messages sent to customers that use Microsoft as their email provider. Over the six-month period from March to August 2020, Area 1 found that over 925,000 malicious emails bypassed Office 365 and well-known secure email gateways (SEGs).
As detailed in the report, attackers increasingly use highly sophisticated, targeted campaigns like Business Email Compromise to evade traditional email defenses, which are based on already-known threats. Attackers also often use Microsoft's own tools and branding to bypass legacy defenses and email authentication (DMARC, SPF, DKIM).
Other key findings include:
-- In one example where a customer layered Office 365 with an SEG, more
than 300,000 malicious messages were still missed;
-- There was a steady increase in targeted Business Email Compromise (BEC)
attacks -- including Type 3 (account takeover-based) BECs and Type 4 BEC
(supply chain phishing), which would have amounted to several billion
dollars in potential losses; and
-- Spoofed senders and newly registered domains (NRDs) accounted for 71.7
percent of the missed email threats;
-- The summer months saw a sharp increase in phishing, as attackers took
advantage of coronavirus-related misinformation and remote workforce
transitions.
Since Microsoft unveiled its cloud-based Office 365 platform in October 2010, its user base has continued to grow, now surpassing 258 million paid Office 365 business seats. While Microsoft continues to make Office 365 security improvements and can even exceed the best anti-spam and antivirus providers, cyber threat actors have evolved accordingly. For example, Area 1 has intercepted a number of credential harvesting phish exploiting cloud tools like Microsoft SharePoint and Microsoft Planner.
As noted in the Gartner 2020 Market Guide for Email Security(1) (ID: G00722358), "As organizations move to cloud email, it's easier for attackers to target users with phishing attacks posing as log-in screens in order to harvest credentials. They then use those credentials to launch further account-takeover-based attacks that can include other collaboration tools. Organizations need to ensure that both internal and external email is secured as well as collaboration tools that are being used."
"Millions of organizations have achieved immeasurable productivity and efficiency thanks to the cloud. However, it's evident that attackers have also adopted cloud suites to launch productive, efficient phishing campaigns," said Patrick Sweeney, CEO and president of Area 1 Security. "It's critical to proactively stay ahead of evolving cyberattacks with techniques that identify phishing threats as they're being built -- before they've been launched."
Area 1 Security, a Representative Vendor for Integrated Email Security Solutions, is a leader in migrating customers from traditional SEGs to cloud-native email security -- an estimated $10B total addressable market. On average, its solution prevents 30 percent more phishing attacks than traditional email defenses, and its customers typically spend 90 percent less time on phishing incident response and remediation. Area 1 is on pace to stop nearly $1B in active BEC fraud in 2020 alone.
Area 1 Security's recommendations for effectively defending against cloud email threats include:
-- Zero-Trust Email: Adhere to a Zero-Trust-Email approach, which should
serve as a baseline for an email security strategy. All email,
especially ongoing interactions with external partners and suppliers,
should be considered areas of compromise.
-- Comprehensive email security techniques: These should include AI and
Machine Learning (ML) models, computer vision, Natural Language
Understanding (NLU) and intent analysis, among other advances.
-- Creating an automated social/partner graph for your organization:
Identify your partner organizations and perform universal message
classification to understand the natural interactions the organization
has with the rest of the world.
-- Combining preemptive threat data, message sentiment analysis and
conversational context analysis: This provides a high level of accuracy
into the malicious detections, especially in cases where a partner has
been compromised and becomes the source of targeted phishing attacks.
To learn more, download the "Phishing with the Cloud: 1 Million Ways Attackers Breach Office 365" report here.
(1)Gartner, "Market Guide for Email Security," Mark Harris, Peter Firstbrook, Ravisha Chugh, 8 September 2020.
Gartner Disclaimer:
Gartner does not endorse any vendor, product or service depicted in our research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
About Area 1 Security
Area 1 Security is the only company that preemptively stops Business Email Compromise, malware, ransomware and targeted phishing attacks. By focusing on the earliest stages of an attack, Area 1 stops phish -- the root cause of 95 percent of breaches -- 24 days (on average) before they launch. Area 1 also offers the cybersecurity industry's first and only performance-based pricing model, Pay-per-Phish.
Area 1 is trusted by Fortune 500 enterprises across financial services, healthcare, critical infrastructure and other industries, to preempt targeted phishing attacks, improve their cybersecurity posture, and change outcomes.
Area 1 is cloud-native, a Certified Microsoft Partner, and Google Cloud Technology Partner of the Year for Security. To learn more, visit www.area1security.com, follow us on LinkedIn, or subscribe to the Phish of the Week newsletter.
Media Contact:
Elaine Dzuba
pr@area1security.com
View original content to download multimedia:http://www.prnewswire.com/news-releases/new-area-1-security-research-uncovers-one-million-ways-attackers-breach-office-365-email-301157025.html
SOURCE Area 1 Security
|
|
|
|
VSaaS Market worth $10.7 billion by 2029 - Exclusive Report by MarketsandMarkets(TM) | Apr 25, 2024
|
|
Stop Deepfake and Social Engineering Calls with iVALT | Apr 25, 2024
|
|
Connectbase Welcomes Vorboss, Leading UK Fiber Provider, to Its Ecosystem | Apr 25, 2024
|
|
Latest ezCheckprinting Allows Businesses To Process Unlimited Draft Checks And Blank Checks | Apr 25, 2024
|
|
Qualys Launches Free Service to Help Organizations De-Risk their Business to Align with UK NCSC Guidelines | Apr 25, 2024
|
|
Akamai's API Security Product Achieves PCI Compliance and Sees Tremendous Customer Growth | Apr 25, 2024
|
|
EnigmaSoft's SpyHunter Scores 100% with AV-TEST in 2024 | Apr 25, 2024
|
|
Arelion Awarded a Gold-Tier Google Verified Peering Provider Badge | Apr 25, 2024
|
|
SlashNext Cloud Email Security Demonstrates Highest Detection Rate for BEC and Advanced Phishing Threats in New Tolly Evaluation | Apr 24, 2024
|
|
Increase in ransomware attacks to healthcare's vulnerable remote access systems threatens patients | Apr 20, 2024
|
|
|