CYBERSECURITY
UNDERMINING HACKERS’ NEW TRICKS
Agencies must keep their strategies fluid as threat actors target users via e-mail
and mobile devices.
CYBERSECURITY PROFESSIONALS have made it more difficult to
penetrate networks, so threat actors have turned to e-mail as an attack vector. They are using spoofing,
phishing, malware, malicious URLs, and other techniques to trick users into facilitating their crimes. As a result, more than 90 percent of attacks now come through e-mail.
Hackers are typically after money, information and intellectual property. In a spoofing scenario, for example, an attacker pretends to be an engineering manager
and asks a subordinate to e-mail the design documents pertaining to a new military aircraft. The employee then unwittingly sends the sensitive document to the attacker.
Stop Unknown Threats
E-mail protection starts with a strong gateway. Spam blockers and antivirus protection only stop known threats, but there are solutions that can sift through massive amounts of data to identify potential threats before they get into a network or e-mail system.
For example, e-mail security solutions could recognize a malicious URL in a message purporting to be from the IT department,
and if the e-mail was delivered, remove that malicious e-mail from the users’ inbox. Using DMARC-based technology, e-mail gateways can help verify the e-mail sender is indeed legitimate. There are also tools to prohibit distributing intellectual property outside the network, whether the sender is intentionally (i.e., the insider threat) or accidentally sending the document (fooled by a spoofed e-mail).
Mobile apps are another threat vector most people not only don’t consider, but are not prepared to manage. Mobile devices can be breached in many ways, and apps make them particularly vulnerable. Many government agencies are using vendor tools to vet those
SPONSORED CONTENT
TONY D’ANGELO
VICE PRESIDENT OF FEDERAL, PROOFPOINT
apps before they install, looking for malicious intent, weaknesses and gaps.
Some solutions can conduct keyword searches of licensing agreements. Proofpoint recently reviewed an app that lets users
snap a picture of a business card which then automatically creates a contact record in their e-mail system. Buried in the end-user license agreement, though, was a notification that the company planned to sell captured data.
Find the Right Partners
Instead of continuing to buy different solutions from different vendors, agencies should start with a blank slate, even if it means replacing aging technology. Then they can layer on security policies and automated tools to protect users, the data they create and the devices
they use.
Agencies should look for companies with
advanced solutions, deep roots in cybersecurity and strong research organizations. The
best companies have teams that monitor cyberthreats worldwide and incorporate that threat intelligence into their products. Agencies should also evaluate multiple cybersecurity vendors and integrator partners. Security vendors would welcome the opportunity to share their approach to cybersecurity and
often let agencies test their products in a live environment.
In terms of budget, agencies should look beyond the acquisition cost of the solution and also consider the cost of manpower and lost productivity for the cybersecurity team to perform remediation after a breach. An automated, holistic approach to a fluid threat environment can provide agencies with the protection they need and help IT focus on bigger-picture responsibilities.
Tony D’Angelo is vice president of federal at Proofpoint.
S-16