In recent years, advances in technology have made it easier to carry out successful cyber attacks, as organizations worldwide scramble to mitigate their exposure. In 2016, these organizations invested over $80 billion in security solutions such as secure email gateways, firewalls, secure browsing, antivirus software, sandboxes, and even promoting cyber awareness. And the real question is: how secure can these organizations feel about being well-protected against cyber attacks?
Current events confirm that email is the most common and fastest growing attack vector in recent years. The ‘convenience’ of email protocols makes it the chosen weapon for attackers, including hand-crafted, targeted attacks on specific victims, and large-scale campaigns, involving hundreds of thousands of users. Current statistical studies and reports present a disturbing yet anticipated reality: around 75% of cyber attacks originate through malicious emails, and more than 90% of these emails contain malicious attachments or URLs. Opening messages that may contain attachments infected with worms, malware, ransomware etc., can cause immense damage to an organization: disruption of operation, reputational damage, massive financial losses, and even its destruction. CIOs, CTOs, and CSOs are justifiably concerned about the risks, and must constantly assess their organization’s exposure to them.
Around 75% of cyber attacks originate through malicious emails, and more than 90% of these emails contain malicious attachments or URLs.
How Does It Work?
Social engineering methods for deception are applied to lure targeted victims to open emails, without suspecting that they may contain malicious content. Malicious emails can contain different types of infected files disguised as something else, such as a CV, a PO, a meeting invitation or a request to review a presentation. They may also include a URL linking to a compromised website, pretending to show relevant information to targeted recipients. Accessing an infected attachment or malicious website through a URL can cause it to release its malicious activity locally, or open a direct connection to command and control software (C&C) used by the attacker. Once this action has taken place, the hacker could steal, modify or encrypt data, having severe consequences on the affected victim.
According to cyber security experts, ransomware took in $1 billion in 2016!
Organizations are very much aware of cyber risks including latest campaigns, such as WannaCry and Petya. As a result, organizations implemented a variety of security solutions to protect themselves against ransomware and spear phishing attacks. However, after performing email assessments through Cymulate’s technology, they found that these solutions were inefficient against semi-sophisticated cyber attacks. Comprehensive tests carried out by Cymulate’s customers showed that emails that contain hidden malicious files can easily penetrate and bypass security barriers of every tested organization.
As a proof of concept (POC), several businesses used Cymulate’s platform to check how vulnerable they were to cyber attacks that penetrate emails. When each of these organizations initiated an assessment, dozens of emails containing various types of hazardous attachments were sent. Analyzing the report, only 40% of emails containing malicious files were stopped. Moreover, out of the four categories of malware used in the POCs, the ransomware category had a 54% penetration success rate. Within this assessment, seventy different file extensions were applied and more than half (57%) of the penetrated malicious files included the most commonly used extensions such as: html, ics, vcs, msg, doc or pdf… SO WHAT TO DO?
It’s time to test your organization’s email security with Cymulate’s advanced automated breach-and-attack simulations. Cymulate constantly tests the corporate email security flow using vast and diverse email attacks which contain real malicious files such as ransomware. The detailed test results might shock you, or assure your security. It’s safe to say that after the assessment, there won’t be any false assumptions about your security.