Three out of four organisations experienced at least one successful email attack last year.
Such a revelation does not come as a surprise to the informed, though. Most companies in Australia and Singapore expect an email-borne cyberattack to harm their business this year.
Of late, email has become the number-one attack vector for cybercriminals, and phishing attacks are the top threat to email users. Cybercriminals use email-based attacks to launch deadly attacks, such as ransomware and spyware. Email is also the most popular attack vector for stealing data and hijacking the system for crypto mining.
Victims of email-based attacks suffer from financial losses, disruption, and data loss. The damage to brand reputation will be greater. The average cost of such an attack to an organisation is US$1 million. Eight out of ten companies that suffered from email-based attacks were ransomware victims, and 75% of such victims paid the ransom.
Email is the most important means of communication in the business world, but email security is notoriously weak. Most emails have only basic security measures, making them a happy hunting ground for cybercriminals. Attackers now use machine learning to bypass security measures and wreak havoc.
The spread of remote work post-COVID has led to a surge in phishing and other attacks. Most organisations have no recourse but to permit remote workers access to their servers from personal devices. Remote workers could not access applications or data to get work done without such an option. This widens the attack surface for cybercriminals. Worse, the spread-out network footprint causes delays in detecting and responding to attacks. The spread of generative AI has worsened the scenario for email security. GenAI eliminates grammatical and spelling errors that were tell-tale signs of malicious emails.
The state of email security in APAC
Email-based attacks have been plaguing organisations across the world. But of late, such attacks have become a major concern in the APAC region. The Singapore Police Force reported email phishing as the number one type of attack in 2023. Drilled down country-wise, Vietnam recorded the highest number of spam emails at 3.09 million. Malaysia came next with 2.36 million spam emails. Japan had 1.86 million, Indonesia had 1.8 million, and Taiwan had 1.45 million spams. These five countries identified more than 50% of the malicious emails in the region.
The nature of threats continues to evolve and become sophisticated with each passing day. A new trend is attacks through collaboration platforms. Remote work and cloud computing have made collaboration tools popular and even essential for day-to-day work. But cybercriminals have started to replicate phishing attacks through these collaboration platforms. Attackers also exploit weaknesses when integrating these platforms with other programs.
The volume of email attack attempts has also been rising every year. In 2022, almost eight in 10 (78%) of enterprises had to fend off a growing volume of email attacks.
The APAC region has also suffered from multiple large-scale attacks recently.
In 2022, Dark Pink, a hacker group, breached several government and military organisations. The attackers used spear-phishing tactics with legitimate-looking and relevant emails. When unsuspecting users click on the shortened URL leading to a file-sharing site, they download a malicious image.
In another high-profile attack in 2022, cybercriminals hacked into the Consumer Association of Singapore’s (CASE) mail server. The attackers posed as CASE officers and sent phishing emails to 5,000+ consumers. The emails targeted customers who had filed complaints regarding their purchases and directed them to perform payment transactions to receive monetary compensation.
Going forward, email security will worsen. Cyber experts predict unanimously that email-based attacks will become more sophisticated. Cybercriminals already leverage AI and advanced social engineering in their phishing emails, and such approaches will become even more commonplace.
Overcoming the human risk
Human risk and errors are the biggest cybersecurity gaps today.
Human factors, such as errors, stolen credentials, and social engineering, cause three out of four (74%) cyber breaches. In 2024, 90% of data breaches will have a human element.
Such human risks remain unaddressed. Only 15% of organisations provide security awareness training to their employees on an ongoing basis. Even then, 64% of employees do not pay attention to security training programs, and 36% find them boring.
The only effective remedy is to spark behavioural change among the rank-and-file employees. Enterprises need to
- Inspire a culture of risk awareness.
- Test employees’ attack-readiness with real, de-weaponised phishing attacks.
- Make security training interesting with engaging and humorous content.
- Use AI-powered resources to get training right. For instance, Proofpoint’s targeted program educates the most vulnerable and attacked users. The program leverages threat intelligence to guide education and turn end users into active defenders.
Using the right tools
The best of proactive approaches and human oversight cannot preempt all attacks. It is not enough to understand the nature of the attack. Thwarting the attacks requires deploying powerful tools that anticipate and foil attacks.
One platform that serves this purpose is ProofPoint. The platform’s advanced email filtering identifies malware and credential phishing. It sandboxes suspicious URLs and attachments and authorises legitimate senders. But Proofpoint goes beyond basic filtering. The AI-powered Targeted Attack Protection (TAP) stops the most sophisticated attacks before the threat reaches the targeted user’s inbox. TAP identifies targeted employees through reputation checks and content analysis. Insider email scanning identifies compromised accounts and protects against insider threats. User awareness features such as warning tags offer an additional layer of protection. Data analytics and detailed reports pinpoint weak areas. Proofpoint Threat Response Auto-Pull (TRAP) automates incident response to remediate threats quickly. It quarantines malicious, time-delayed messages post-delivery and even retracts forwarded messages. The Cloud App Security Broker (CASB) protects from account takeovers. Advanced threat intelligence and automated remediation take a load off enterprise IT security.