In a cyber-attack that will be remembered as one of the most significant phishing email attacks in decades to come, a Russian hacking group attacked more than 3,000 email accounts belonging to individuals from more than 150 organizations across 24 countries. Nobelium, also known as APT29 to the cybersecurity community, has targeted government agencies, research institutions, consultants, think tanks, and non-governmental organizations this time.
The cyber adversaries leveraged ‘Constant Contact,’ a mass-mailing service, to carry out a large-scale phishing campaign by masquerading as the US Agency for International Development (USAID.) The latest wave of phishing attacks has further emphasized the need for innovation in email phishing protection by employing advanced anti-phishing solutions to keep phishing emails out of inboxes, accompanied by anti-malware and anti-ransomware solutions.
How Did The Perpetrators Do It?
According to Microsoft, the attackers deployed a mass-email service used by USAID and sent phishing emails that contained malicious links. The campaign was initiated in January and was being conducted in stages, escalating in late May. Constant Contact, the mass-mailing service, clarified that the attackers compromised their customers’ credentials before further escalating the attack. These authentic-looking emails claimed to disclose new information on the 2020 election fraud and had a malware link that allowed attackers to access compromised information systems.
The SolarWinds campaign, which went on for most of 2020 before being finally detected in December, also infiltrated private and public organizations apart from more than nine government agencies in the United States. Earlier, it was a software update that the malicious actors exploited, and this time, it is the mass-email service.
In both these cyberattacks, it is clear that organizations need to be educated and aware of tools such as anti-ransomware solutions and email protection services to keep their critical information from falling into the hands of threat actors.
What Does That Mean For An Organization?
Both of the recent SolarWinds attacks are a solid reminder for organizations, public and private, large and small, that cyberattacks are not only a direct risk to an organization but also an indirect one through vendor networks. The former SolarWinds hack was through a software update from a reliable software provider trusted by thousands of private and government organizations.
A recent survey revealed that 37% of organizations surveyed were attacked by ransomware over the last year. Furthermore, organizations with more than 1000 employees were more likely to be hit than smaller organizations.
Organizations are now learning that merely building firewalls and hoping for the best is inadequate to counter the threats. They need to deploy a solid cybersecurity infrastructure. An ideal infrastructure would actively locate vulnerabilities in the system to detect and prevent cybersecurity threats at multiple levels.
Who Is At The Most Risk From Phishing Attacks?
The following industries are at the highest risk from phishing attacks:
- Consumer Services
- Energy & Utilities
- Healthcare & Pharmaceuticals
- Not For Profit
- Retail & Wholesale
What Are The Impacts Of Phishing Attacks?
The motivations of malicious actors can be varied, including financial gains and data. And the impacts of phishing email attacks on a business can also be many and long-lasting in some cases.
The consequences of phishing attacks on businesses are listed below.
- Damage To Reputation: As soon as there is news about an organization being attacked and falling prey to a phishing attack, its reputation takes a blow. Reports of a cyber-attack on an organization do not fade away soon from public memory, no matter how hard the organization tries to hide the facts.
- Loss Of Customers: Reputational damage leads to loss of business. Once an organization falls prey to a phishing attack, customers are 42% less likely to visit the organization in the future. The loss of customers can also continue over several years, making survival difficult for an organization.
- Loss Of Value: As much as cyberattacks affect customer confidence, they also affect investor confidence, resulting in a downtrend in the share prices of organizations. It is common to see share prices sliding after data breaches or cyberattacks.
- Regulatory Penalties: Regulatory authorities have set huge penalties for organizations that fail to comply with security guidelines. These fines are meant to encourage robust security protocols as potentially compromised data may also include the personal data of other people or entities associated with the organization.
How Can An Organization Protect Itself From Such Attacks?
Cybersecurity does not advocate a single solution that provides 100% protection from all cybersecurity issues. Such an infrastructure is not viable. The best solution to keep an organization safe from cybersecurity attacks of different magnitudes and types is to build a multi-dimensional, multi-layered protection infrastructure. Each one of such solutions is treated as a distinct subject in cybersecurity. Anti-phishing, email security systems, and employee awareness are among the primary protection strategies that could protect an organization from many threats and are briefly described below.
- Deploy Email Security System: Robust email security is one of the best phishing protection mechanisms for any organization. An efficient email security system provides email phishing protection by offering spam filters to separate marketing and phishing emails and data encryption to encrypt outgoing emails.
- Deploy Anti-Phishing Solutions: Cybersecurity or IT experts of an organization can protect employees and the organization from falling prey to phishing attacks in either two ways: only allowing access to a select number of pages or ensuring that malicious pages are detected and blocked. Some anti-phishing solutions involve scanning URLs for unsafe websites, while others warn users when they attempt to visit malicious pages. Organizations can protect their information assets by adopting such security solutions.
- Educate People: The value of consistent employee training and awareness is often undermined in the modern world. Despite the robust security system to protect from external attacks, organizations should also strive to protect themselves from internal negligence that can leave them vulnerable to external attacks.
Defending an organization against cybersecurity attacks might sound like much of a technological concern for most readers. However, it is the human aspect that organizations neglect more often that leads to the perils. A robust cybersecurity infrastructure that includes anti-phishing solutions, anti-ransomware solutions, anti-malware, and email phishing protection, along with human awareness and education, will create a culture of safety and confidence in a vulnerable cyber world.