In the Information Age, the ever-growing reliance that enterprises have on technologies such as cloud computing comes as no surprise. Taking into account the fact that the digital world revolves around data, with some cybersecurity specialists going as far as to term data as the “currency” of the modern age- it becomes obvious why companies would want to protect their valuable data through the integration of such cloud-based services.
Unfortunately, however, as idealistic as it may sound, cloud computing is in no way perfect. Moreover, the current conditions of the ever-evolving threat landscape dictate that the possibility of an enterprise being breached is mostly a matter of ‘when’ rather than ‘if’- which shines a light on the dire need for better cybersecurity in the IT world, and the growing sophistication with which hackers launch attacks.
And to top it all off, FireEye’s recent email threat update that paints a gruesome picture and highlights the increase in the number of email attacks on cloud services over the course of the past months. Not only does this revelation bear witness to the damage a single compromised email can wreak, but it also provides an honest depiction of the more negative sides of cloud computing use.
In order to bring our readers up to scale on the prevalence of email attacks, and the new connection email-based attacks share with cloud computing- we’ve compiled an article that informs readers about the email analysis conducted by FireEye, along with giving the possible reasons for the recent spike in these attacks.
1. What Did FireEye’s Email Threat Analysis Reveal?
Right off the bat, in order to effectively determine the recent pattern of threats and vulnerabilities being propagated through emails, FireEye analyzed a whopping number of over 2.2 billion emails sent in the month of April to June 2019.
The revelations brought forth by the analysis of the emails can subsequently be divided into three subsections, that highlight the general theme behind the email threats facing enterprises, which consist of the following:
2. Cybercriminals are increasingly targeting cloud computing systems
Perhaps the most alarming discovery made by the threat analysis- it was revealed that a growing number of cybercriminals are targeting cloud computing software. It was further brought into notice that threat agents have started to rely on cloud-based services, as the vector that helps them propagate and launch phishing attacks on an organization’s network.
The analyzed emails further revealed that the most prevalent methods through which hackers were abusing cloud services, including embedding phishing URLs in file-sharing platforms, along with hosting several phishing pages that appeared to be legitimate.
3. Microsoft products become the most targeted victims in phishing attacks
As per the case with most phishing attacks, cybercriminals appear to mimic popular brands and services, in an attempt to get their potential victims to click on the malicious links. Usually, hackers pretend to be a well-known contact or a trusted organization, and the analysis done by FireEye bears witness to this.
The analysis of emails done by FireEye brought into light that the most commonly abused brand utilized in phishing attacks is none other than Microsoft. The analysis report revealed that the use of Office 365 and other Microsoft products were the most utilized conduits in phishing attacks, with their use has increased by a staggering 181%.
4. The entertainment and media industry surpasses financial services as the most targeted vertical
Another highly valuable piece of information highlighted by the analysis conducted by FireEye revealed that when compared to the previous study done- it was revealed that the entertainment, media, and vertical hospitality industries had taken the top spot for being the most target market for hackers.
It should also be mentioned that the previous spot belonged to the vertical industry of financial services, whereas other highly targeted industries include service providers, local and central governments, along with insurance and consulting companies.
5. Why Has The Phenomenon Of Email Attacks Targeted Cloud-Based Services Become So Prevalent?
Although the discoveries made by FireEye’s email threat analysis are enough to knock some sense into the most laid back individual- the revelation regarding the prevalence of email attacks on cloud computing system raises a lot of important questions, particularly as far as the “why” behind the situation is concerned.
The apparent reason that comes into mind is the popularity of cloud computing systems within modern enterprises- as more and more enterprises continue to ride the wave of digitization, accounting for the global public cloud computing market to reach a whopping $258 billion by 2019- it is quite understandable why hackers might want in on the share.
As an increasing number of enterprises store sensitive data on cloud storage systems, hackers are going to look for sophisticated methods to breach into this storage havens, since there is a monumental amount of money to be leveraged from these attacks.
Another critical, yet highly unprecedented reason that explains the rise in these email attacks targeting cloud-based services is the fact that a cloud computing system has many exploitable vulnerabilities present. Some cybersecurity specialists might even go as far as to say that the integration of cloud computing and its related products serves as an open invitation to hackers to breach into an enterprise’s network.
In addition to being pretty easy to hack into, some common vulnerabilities present within cloud-based computing systems include compliance issues, along with fraudulent authorization, hacked interfaces, and APIs, amongst many others.
6. How Do Hackers Manage To Evade Detection?
Fortunately for the cybersecurity world, however, FireEye’s analysis went on to elaborate on some of the most common tactics employed by cyber criminals that enable them to surpass network scanners, without being detected.
Some of the most common techniques through which hackers are able to evade detection, and subsequently, the consequences of the crimes they’ve committed include the following:
- Hiding a malicious URL, by adding other seemingly ordinary URLs.
- Impersonating a trusted actor, in order to gain the victim’s trust.
- Providing users access to malicious sites and stealing their login credentials.
- Relying on captcha-based methods to prevent detection.
As the threats facing enterprises continue to grow in sophistication, one of the most significant steps that enterprises can take to promote the principles of cybersecurity is to stay in the loop regarding the recent developments in the world of cybercrime. Having said that, as the integration of cloud-based services become more and more widespread within an organization’s security infrastructure, enterprises need to focus on formulating responses that cater to these threats.
1. Why is Cybersecurity Important For Enterprises?
2. 5 Website Security Tips Every Employee Should Know
3. Get VPS Hosting For Your Websites For Better Results
4. Top Ten Blockchain Applications That Are Transforming Industries
5. 6 Best Wireless Security Cameras You Can Get
6. How to Protect WebSites Against Attackers or Hackers by using “X-Security Headers”