Posts

Social Engineering: 2020s Top Cybersecurity Threat

Social Engineering attacks are the most potent cybersecurity threats plaguing enterprises. They owe their power to their innovative undetectability. Forbes puts social engineering as a top cybersecurity threat for 2020. 98% of cyber attacks rely on social engineering. How can an organization protect itself from an insider threat? We explore the what, why and how of this damaging cybersecurity menace.

This article contains:

What is Social Engineering?

Social engineering refers to crafty ways hackers trick unsuspecting victims into downloading malware, and/or leaking credentials via social platforms. The types of social engineering include:

  • Phishing/vishing/smishing: Fraudulent emails or voice messages or text messages are used to extract personal information or download malware.
  • Spear-phishing: Phishing that is custom-tailored to target key employees, particularly C-level ones, via social media or email.
  • Baiting: Using a lure such as a planting an infected device or the promise of the latest movie to get victims to bite the bait.
  • Pre-texting: Using false impersonation to gain the victim’s confidence – a call from your bank’s customer support team asking for your credentials to prevent an “unauthorized withdrawal”.

Why are Social Engineering attacks so damaging to cybersecurity?

social engineering attacks What makes social engineering so potent is its ability to escape detection as it craftily preys on employees themselves to execute the attacks. Insider threats escape typical methods of prevention and detection. Additionally, attacks are getting increasingly sophisticated and personalized; even using AI and machine learning (ML) to target their victims.

If you’re about to say, “They definitely can’t fool our employees!”, consider a video or voice message in exactly the same appearance or voice of your manager asking you to urgently send some critical business documents. You’ve been “Deepfaked” – an advanced form of social engineering that can dupe even the most discerning.

The FBI estimates that Business Email Compromise, a form of fine-tuned phishing has caused $26 billion in losses in just the past three years. Facebook, Sony, Target, RSA, Associated Press, political parties and top governmental organizations – no sector no matter how secure and well-guarded – have been spared from the ingenuity of social engineering attacks.

How can organizations protect themselves?

  • Inform and Train: Social engineering cannot work without the complicity, unwilling as it may be, of the employee. Conduct regular security training in good email and cybersecurity hygiene, keep employees informed about the latest flavors of malware vectors, and encourage employees to forward suspicious emails to the security team. Champion, gamify and incentivize good cybersecurity practices. It is well worth it!
  • Use in-built mechanisms: Platforms such as Office 365 come with anti-phishing policies that can secure your organization. Explore and harness them, particularly for sensitive data and high-profile groups.
  • Secure Authentication: A majority of security breaches are attributed to compromised credentials. Multi-factor Authentication/Two-factor Authentication (MFA/2FA) is proven to block 99.9% of account hacks. Ensure that your applications, particularly third-party ones, support it.
  • Basic safeguards: Don’t forget the basics such as up-to-date anti-virus software, spam filters, and network monitors. Consider methods such as sandboxing emails to validate links.

How CloudAlly can help

While organizations work hard to prevent and detect social engineering attacks, a strong offense in the form of rapid disaster recovery may be the best defense. Seamless data recovery is central to quickly recovering from data loss and minimizing its damage.

SaaS Data Needs Protection, Start Free Trial Now!

CloudAlly’s SaaS backup and restore solutions automatically back up business-critical cloud data with support to easily recover it from any-point-in-time. All major SaaS platforms such as Office 365, SharePoint/OneDrive, G Suite, Salesforce, Box and DropBox are supported. More critically, our solutions are stringently secure with Amazon S3 storage, OAuth/MFA/2FA capability, global data centers, and GDPR/HIPAA compliant. With provisions to restore to the database of your choice, flexible licensing, and 24×7 real-person, responsive support – we fit right into your setup.

Try our full-featured trial now and protect your SaaS data from the dangers of social engineering. 

Blunt social engineering attacks

Backup your SaaS today!

Nodersok: How Can You Protect Your Enterprise From Malware Threats?

By Slava Gorelik – Founder and VP R&D


Malware threats to data

Hackers are getting more ingenious by the day with fileless invisible malware types that escape detection. Nodersok is the latest in the line, but it is only one amongst many. Top 10 malware infections in 2019 included Emotet, Wannacry, ZeuS, Dridex, and Kovter. How can an organization secure itself against such: malware threats to data?

What is Nodersok?

In September 2019,  researchers from Microsoft’s Advanced Threat Protection (ATP) team discovered a fileless multi-stage infection, node.js based malware. They dubbed it Nodersok. Fileless threats pose a different level of  Malware threats to datachallenge compared to file-based ones and need advanced techniques to manage prevention. Nodersok uses valid tools and ensures nothing malicious is written to the disk. The malice resides in-memory. The entire Nodersok campaign runs in four stages, finally disabling the Windows Defender Antivirus and turning the machine into a proxy. Nodersok has affected a range of industry sectors with a particular fondness for the education sector.

How prevalent are malware attacks?

Different though they are, these forms of malware show certain common aspects:

  • Microsoft Office is a favorite
  • Email is the primary attack vector
  • Over 60% of the attacks target the small business category. 

How do you protect your organization and data from them?

Malware protection in Office 365

New call-to-action

If your enterprise has moved to Office 365, you have taken a step in the right direction. Office 365 comes with built-in protection that prevents the introduction of malware into Office 365 via a client or from an Office 365 server.  Exchange online ensures that all emails travel through the Exchange Online Protector (EOP) which scans and quarantines in real-time.

Microsoft also offers Advanced Threat Protection (ATP) with an email filtering service that provides additional protection against phishing. Similar protection exists for Sharepoint Online and OneDrive for Business as well.  With all the defense in place, malware threats to data still do materialize and while there is no consistent globally agreed way to track and report a cost per infection, in 2018, in the US alone the average cost per breach was $7.9 million.

Data loss from threats like malware are an established reality and enterprises both big and small cannot afford to take the risk. For malware to infest your organization, all it takes is one wrong click, one crafty phishing attack, one infected flash drive. Office 365 cannot protect you from data loss/corruption due to such attacks at your end. This is why third-party SaaS backup is so critical to protecting your organization’s data.

How can SaaS backup protect against Malware threats to data?

The damages of malware threats to an organization include data corruption, data loss, identity theft, and security/network breaches. The repercussions of such an attack go far beyond financial loss; they can decimate a company’s reputation and customer base, which has taken years to build, in a few hours. When struck with a malware attack, the best way to minimize its damage is to ensure business continuity with quick disaster recovery.

Central to that is having a reliable backup and recovery solution. SaaS backup of Office 365 can enable you to easily and quickly recover an accurate copy of your data and can completely blunt the malware attack. Office 365 does come with native solutions like Recycle Bin, however, they offer limited-timespan restores and recovery can be cumbersome. 

How can CloudAlly help?

CloudAlly pioneered cloud backup way back in 2011. Resultantly we have nurtured a mature suite of robust SaaS backup solutions for Office 365 Backup, Sharepoint and OneDrive.  We were also ranked #1 by Newsweek by over 10,000 IT Pros.

We offer a full-featured 15-day free trial which you can activate and start backing up your data in minutes and are very highly rated and recommended by our users. We also offer considerable discounts for educational institutions, non-profit organizations, and as a part of our partner program. Contact us and we will be happy to have an expert guide you.

Malware Restore

Malware Watch – Restoring from a Malware Incident

Malware Restore – IT managers are often faced with information technology incidents which alter their work environment, and affect their on-going operations, causing them to take measures which restore daily business activity.

Such incidents (where malware restore is necessary) are often ex-organisational and pose a serious concern for business continuity.

Malware activity is such an incident, but what is Malware?  The classic Wikipedia description of Malware is: ” Malware is any software intentionally designed to cause damage to a computer, server, client, or computer network. Malware does the damage after it is implanted or introduced in some way into a target’s computer and can take the form of executable code, scripts, active content, and other software. ”

Malware Restore

In a recent real incident a US Florida town decided to pay malicious hackers $600,000 (£475,000) to get its computers working again.  Malicious hackers managed to break into this US town’s computers, and insert a Malware code, which enabled them to disable IT operations until the ransom was paid.

In this case payment was made by Bitcoin, 65 Bitcons, in return for a return to normal IT operations.  This story was recently reported by the BBC Florida town pays $600,000 virus ransom.

It might seem so but this is not an isolated event, news & media organisations such as Associated Press have reported that in 2018, 1,493 such ransomware attacks occurred, resulting in an estimated payout of $3.6m for hackers.

Cyber security firms are a proven resource for trying to stop such incidents before they happen, but more and more its become recognized that 3rd party cloud to cloud backup is an effective recourse to restore data in main business solutions such as Office 365 email exchange, G Suite, Salesforce.com, etc.  Companies which backup their cloud business solutions, are able to restore their data, and setup IT operations again (on a new IT environment), avoiding ransom payments to hackers who wish to disrupt their business and gain from such activity.

Data Protection – Malware Restore

In order to enable a point-in-time restore, its obviously necessary to start by activating a backup for the selected business solution.  Click Here to download our why backup eGuide.

If you’ve experienced such a Malware incidents, and want to learn more about backup, email us.