Email security is a primary threat vector for businesses of all sizes, and that won’t be changing anytime soon. The nature of those email-borne threats is evolving, though, and MSPs need to keep up. You can’t have an email offering that stands still — and neither can your vendors. The threat landscape is simply too dynamic.
Recently, Barracuda released a special report on email security trends, and it reveals several important insights MSPs need to pay attention to in order to protect their customers and their data.
Trends in email security
1. Email-borne threats are pervasive
A full 87 percent of the 634 IT security professionals surveyed worldwide said their company had faced an attempted email-based threat in the past year. And email threats are getting worse. More than four-fifths (81 percent) of respondents said the frequency of email-based attacks has increased in the past 12 months, and the same percentage said the cost of a breach has increased as well.
2. Cybercriminals are shifting to attacks with quicker payouts
When asked what type of email security attack would be most expensive for their company, IT professionals responded differently depending on the size of their company. Respondents from organizations with more than 5,000 employees were most concerned about stolen information (52 percent). IT pros at small to medium-sized companies thought ransomware (44 percent) or business email compromise (30 percent) would be more expensive.
Large enterprises are often the first to be targeted by new types of attacks, with the threat spreading to the SMB market as it becomes more pervasive. That’s why SMBs are seeing a lot of ransomware right now, but based on what’s happening at the enterprise level, small businesses need to get ready for spear phishing and account takeover, two emerging threats. And MSPs need to be prepared to help their customers get ready to defend against these types of attacks.
3. Anyone can be a target
Respondents were fairly evenly split about who would be most likely to fall for an email attack— 46 percent thought individual contributors would be most vulnerable, and 39 percent said executives would be most likely to be tricked. Executives will have more access to sensitive data, though, which could lead to higher payouts. It’s a factor that helps explain the increasing popularity of spear phishing and whaling.
How email attacks are evolving
Even though ransomware and business email compromise are comparatively new threats, they have quickly become popular with cybercriminals because they cut out the middleman. With ransomware and spear phishing, the criminals get paid directly instead of waiting to find a buyer on the dark web for the stolen information.
Spear phishing is more targeted and personalized than other phishing attacks, and it isn’t stopped by legacy email security solutions because there aren’t any malicious links or attachments. Instead they usually feature seemingly legitimate requests to wire money.
These attacks can also evolve into account takeovers. Savvy cybercriminals are using spear phishing to get Office 365 login credentials for targeted individuals and then using the compromised account to send more convincing spear phishing emails to other individuals in the organization.
That’s why the Barracuda team developed Barracuda Sentinel, which uses machine learning to analyze communications patterns to identify and prevent spear phishing attacks. And, because it is API-based, not gateway-based, it can detect attacks the gateway can’t, such as a compromised account sending out bad emails internally. The AI platform also helps identify individuals that are most likely to be at risk for spear phishing so MSPs can provide them with anti-fraud training.
The solution also includes an intuitive wizard for setting up DMARC (domain-based authentication reporting & conformance). This helps ensure deliverability of legitimate emails and prevents unauthorized emails from being sent from customer domains.
How MSPs need to adapt
In light of these trends, managed service providers need to update their email offering in order to help customers strengthen their security poster. For example, as Office 365 and other cloud applications gain popularity, many companies are relying on the native security included in those platforms. Unfortunately, that native security doesn’t offer the same level of protection as third-party solutions.
As an MSP, you should help customers establish a multi-layered approach to security to keep their businesses more secure. This approach starts with standard email security, but then you need to add backup and archiving. Now, you need to add the next layer of protection to address spear phishing and account takeover. You also need to demonstrate the value you’re providing to your customers with these layers of security so that they will continue to invest in your services.
That’s why we provide our MSP partners with easy-to-deploy, easy-to-manage, multi-layered security solutions here at Barracuda MSP.
This layered approach includes:
- Email Security with Advanced Threat Protection to stop advanced threats before they reach your customers’ inboxes
- Cloud-to-Cloud Backup for Office 365 to protect Exchange Online mailboxes
- Cloud Email Archiving Service to ensure compliance
- Barracuda Sentinel to provide AI-based fraud detection and protection against domain spoofing and brand hijacking
Spear phishing and account takeover aren’t the end, though. The threat landscape will continue to evolve, so it’s time to educate your customers and their end users about email security best practices. To help you do that, Barracuda has announced PhishLine, a security awareness training solution that includes advanced phishing simulation. We’re getting this ready so MSPs can deliver it as a straightforward service to their customers. We’ll have more updates for you on this soon.