Comments
Barracuda, a leading provider of cloud-enabled security solutions, released key findings about the ways cyber criminals are attacking and exploiting email accounts.
Its latest report, titled Spear Phishing: Top Threats and Trends Vol. 4 - Insights into attacker activity in compromised email accounts, reveals a specialised economy emerging around email account takeover. It also takes an in-depth look at the threats organisations face and the types of defense strategies you need to have in place.
Over the past year, Barracuda researchers had teamed up with researchers at UC Berkeley to study the end-to-end lifecycle of a compromised account.
After examining 159 compromised accounts that span 111 organisations, they identified the ways account takeover happens, how long attackers have access to the compromised account, and how attackers use and extract information from these accounts.
Some insights into attacks
The research found fresh insights into these widespread and dangerous attacks; the behaviour of cyber criminals in compromised accounts, and how the organisation can make defence strategies accordingly.
The report highlighted that more than one-third of the hijacked accounts analysed by Barracuda researchers had attackers dwelling in the account for more than one week.
The report noted that 20 per cent of compromised accounts appear in at least one online password data breach, which suggests that cyber criminals are exploiting credential reuse across employees’ personal and organisation accounts.
In 31 per cent of these compromises, one set of attackers focusses on compromising accounts and then sells account access to another set of cybercriminals who focus on monetising the hijacked accounts. About 78 per cent of attackers did not access any applications outside of email.
Commenting on the report Don MacLennan, SVP Engineering, Email Protection at Barracuda said in an official statement: “Cybercriminals are getting stealthier and finding new ways to remain undetected in compromised accounts for long periods of time so they can maximise the ways they can exploit the account, whether that means selling the credentials or using the access themselves.
He added: “Staying informed about the attackers’ behavior will help organisations remain vigilant and put the proper protection in place so they can defend themselves against these types of attacks and respond quickly if an account is compromised.”
Comments
COMMENT NOW
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.