Despite the continued improvement of security, a pair of new studies from Barracuda indicate continued end user problems, with spear phishing being a particular issue.
LAS VEGAS – Email security may be a heavily commoditized market. But it’s a market where core demand continues to grow. Barracuda has released a pair of new studies, on the state of email security, and on spear phishing specifically. While much of the data is discouraging, in the sense that awareness and education seem to have had little impact on core problems, it certainly provides ample ammunition for MSPs offering protection to clients. Neal Bradbury, VP MSP Strategic Partnerships at Barracuda, talked about the state of email security and MSP opportunities within it at the CompTIA ChannelCon event here.
“This 2019 Email Security Trends survey brings to light things that happen in the industry,” Bradbury said. “There are no real surprises. Ransomware is still a problem. Phishing is still a problem. Businesses still need to respond. There are things MSPs can do to provide greater protection for clients, whether from training or otherwise.”
The email survey was a global one, based on a range of businesses from small business to the enterprise and across the Americas, EMEA, and APAC. Companies surveyed include small, mid-sized, and enterprise businesses.
A key data point is that 43 per cent of the organizations surveyed say they have been the victim of a spear phishing attack in the past 12 months. Bradbury noted that a major problem here is that these attacks are less obvious than they used to be – which makes them harder to defend against.
“The difference is that two years ago, this kind of attack would be a link in an email, and you could train a user not to click a link or download an attachment,” Bradbury said. “Now the tactics have changed. Now it is more common to see targeted attacks with people’s titles and other information that is obtained from LinkedIn or other social media without a link. The phishers commonly provide these personal details and ask the office to forward them money. Stopping this kind of attack is something that Barracuda Sentinel was built to do.” Sentinel is an AI-based spear phishing detection tool that Barracuda developed in 2017.
The second report focuses on defending against lateral phishing, in which cybercriminals use a compromised account within an organization to send phishing emails both to others within that domain, and to their contacts.
This study found that the majority of lateral phishing attacks rely on two deceptive narratives, both of which do use links. One is messages that falsely alert the user of a problem with their email account, while the other is messages that provide a link to a fake “shared” document. 63 per cent of incidents used commonplace variants of the “shared document” and “account problem” messages, 30 per cent of the incidents used more refined messages, modifying the language to target enterprise organizations, and 7 per cent were highly targeted content that was specific to the hijacked account’s organization.
One in seven 7 businesses saw lateral phishing attacks in a seven-month period, with 60 per cent seeing multiple incidents. About 11 per cent of these attacks successfully compromised additional employee accounts, while 42 per cent weren’t reported to the organization’s IT or security team.
“It’s a constant game of cat and mouse, and is one of the reasons that we purchased PhishLine,” Bradbury stated. “We saw a need in the market to do training.” The data gathered by the Barracuda PhishLine application shows that 1 in 3 will fall victim to a phishing set by clicking on a fake “internal” email.
The Security Trends survey reported that 66 of respondents said that attacks have had a direct monetary cost on their organization in the past year, with almost a quarter saying it was $100,000 or more. Nearly three quarters said that email attacks had other significant impacts on their businesses, including loss of employee productivity, downtime, business disruption, and damage to the reputation and morale of the IT team, with higher stress levels being a problem.
None of this is good news for customers, but it is for MSPs.
“There is real momentum in the email security MSP business,” Bradbury said. “Barracuda email business has grown 122 per cent. In particular, small businesses are more likely to believe themselves endangered, which is a clear opportunity for MSPs. Our value proposition has always been about security in layers, and some vendors don’t focus on the MSP channel as much as we do.”
The continued growth of Office 365 is a major contributing factor to vendor churn, where customers are more likely to reconsider their security provider, Bradbury added.
“With Office 365 adoption growing at a steady clip, changes in security often accompany it because when people swap out a server, they are more likely to rethink security as well,” he noted.
Barracuda also enhanced the augmentation of their security portfolio with the acquisition of advanced bot detection technology from InfiSecure Technologies. InfiSecure specializes in low-latency detection and mitigation of advanced bots, and adds advanced capabilities to Barracuda’s recently announced Advanced Bot Protection which will be available for both the Barracuda WAF-as-a-Service and Web Application Firewall platforms.