Info-tech

Barracuda researchers uncover a ‘specialised’ economy that is exploiting email accounts

Prashasti Awasthi Mumbai | Updated on July 28, 2020 Published on July 28, 2020

The research found fresh insights into these widespread and dangerous attacks; the behaviour of cyber criminals in compromised accounts, and how the organisation can make defence strategies accordingly   -  istock.com/ipopba

Barracuda, a leading provider of cloud-enabled security solutions, released key findings about the ways cyber criminals are attacking and exploiting email accounts.

Its latest report, titled Spear Phishing: Top Threats and Trends Vol. 4 - Insights into attacker activity in compromised email accounts, reveals a specialised economy emerging around email account takeover. It also takes an in-depth look at the threats organisations face and the types of defense strategies you need to have in place.

Over the past year, Barracuda researchers had teamed up with researchers at UC Berkeley to study the end-to-end lifecycle of a compromised account.

After examining 159 compromised accounts that span 111 organisations, they identified the ways account takeover happens, how long attackers have access to the compromised account, and how attackers use and extract information from these accounts.

Some insights into attacks

The research found fresh insights into these widespread and dangerous attacks; the behaviour of cyber criminals in compromised accounts, and how the organisation can make defence strategies accordingly.

The report highlighted that more than one-third of the hijacked accounts analysed by Barracuda researchers had attackers dwelling in the account for more than one week.

The report noted that 20 per cent of compromised accounts appear in at least one online password data breach, which suggests that cyber criminals are exploiting credential reuse across employees’ personal and organisation accounts.

In 31 per cent of these compromises, one set of attackers focusses on compromising accounts and then sells account access to another set of cybercriminals who focus on monetising the hijacked accounts. About 78 per cent of attackers did not access any applications outside of email.

Commenting on the report Don MacLennan, SVP Engineering, Email Protection at Barracuda said in an official statement: “Cybercriminals are getting stealthier and finding new ways to remain undetected in compromised accounts for long periods of time so they can maximise the ways they can exploit the account, whether that means selling the credentials or using the access themselves.

He added: “Staying informed about the attackers’ behavior will help organisations remain vigilant and put the proper protection in place so they can defend themselves against these types of attacks and respond quickly if an account is compromised.”

Follow us on Telegram, Facebook, Twitter Instagram, YouTube and Linkedin. You can also download our Android App or IOS App.

Published on July 28, 2020
  1. Comments will be moderated by The Hindu Business Line editorial team.
  2. Comments that are abusive, personal, incendiary or irrelevant cannot be published.
  3. Please write complete sentences. Do not type comments in all capital letters, or in all lower case letters, or using abbreviated text. (example: u cannot substitute for you, d is not 'the', n is not 'and').
  4. We may remove hyperlinks within comments.
  5. Please use a genuine email ID and provide your name, to avoid rejection.