Over the next few months, we are going to be inundated with new sophisticated cyberthreats. To combat these threats, we are also going to see an influx of new solutions and technology designed to better protect businesses and data, writes Steven Harris, Cyber Threat Intelligence Analyst at Protection Group International.
The level of threat from cybercriminals is increasing all the time with Artificial Intelligence playing an ever more important role in attack and defence. However, with all the ‘noise’ surrounding these new threats and solutions over the coming months it is crucial that companies do not get caught up in the hype and forget the basics of cyber defence. Every year, data and systems are compromised through, what are considered to be, ‘basic’ tactics. Phishing attacks, ransomware and malware remain the most common and successful forms of attack, despite having been around for decades.
The National Cyber Security Centre (NCSC) 2024 report highlighted that phishing was the most common form of attack with 84 per cent of British businesses impacted), impersonation (35 percent of businesses) and malware (17 percent of businesses). Most of these attacks take advantage of weaknesses within a business’ security system. In most cases the weakest of the weak links are humans. As such, specific tactics targeting the people within businesses have become common place in the armoury of cybercriminals.
Business Email Compromise (BEC)
BEC is a type of phishing attack that is used by cybercriminals to target employees. The nature of the attack means that a majority of those targeted are more senior members of staff or those with the authority to approve financial transactions. Cybercriminals gain access to a work email account to impersonate a colleague and to persuade someone in the business to transfer money or steal valuable data. As the original email appears to have come from within the business itself, it is a convincing way for criminals quickly gain the trust of the person they are targeting and access to data and systems or to individuals who can authorise the transferring of funds.
The threat from BEC has become so prevalent that the National Cyber Security Centre issued new guidance in 2024 giving businesses advice on how to identify BEC attacks. The core advice included the following:
Reducing digital footprint: Information on senior staff and other employees is available to cybercriminals in much greater volume than most realise. This information can be used by the cybercriminal to pull together a convincing initial phishing email. Managing this online information, or ‘digital footprint’, will be critical for businesses to help stop BEC attempts at the first hurdle. This information is not just on the business’ own website but on personal social media sites too. All employees should ensure that privacy settings on their social media profiles are reviewed and managed.
Identifying phishing emails: If a criminal has found enough information to pull together a phishing email, the next layer of defence must be the employee being able to identify and deal with the malicious email. Just having the basic knowledge to identify a scam will enable employees to act upon suspicion and flag the email as spam/junk, inform the IT department and wait for them to view and act.
Applying the principle of ‘least privilege’: Checking who within an organisation can authorise payments or has direct access to valuable data is a key step in securing against BEC. Ensuring that only a ‘privileged’ few—those who need access to maintain their role—have it. These should be regularly reviewed and, if necessary, revoked. Ensuring that accounts that are no longer being used, either because of a change of role or that they have left the company, are removed immediately. By implementing these few key points, companies can quickly reduce the risk of being impacted by a BEC.
Bringing in the experts
BEC, like many of the common forms of cyber-attacks, affects businesses of all sizes. This means for those without large in-house IT team, even implementing some of the above can seem like a daunting, if not impossible task. Many are turning to consultancies to help with the identification of these threats, educating employees in how to recognise such threats and how to deal with them as well as ensuring that security protocols and systems are adequate for dealing with common threats.
Companies are going to be inundated over the coming months with news of sophisticated new threats attacking them as well as a resulting influx of new solutions to help keep data and systems safe.
The key is not to get distracted by the noise but focus on getting the basics right. Much of the advice around more common threats can equally help to negate some of the danger coming from so-called ‘new’ threats. By ensuring employees are educated and understand what threats look like and utilising the support of consultancies, businesses of all sizes can remain more secure.
Visit https://www.pgitl.com/.
