Attacks targeting business email accounts continued to climb in the second quarter, with the hardest hit organisations using Office 365, the popular cloud- and subscription-based work software, according to a recent Beazley report.
Email compromises accounted for 23% of incidents reported to Beazley in 2Q2018. The attacks were broadly distributed across industry sectors.
“Business email compromises are efficient for the hacker because the compromise of a single account gives the hacker a platform from which to spear phish within and outside the organisation,” said Beazley in its latest breach insights report. Such compromises have soared since the start of 2017.
In addition to securing a base for spear phishing attacks, attackers can also leverage compromised accounts to request fraudulent wire transfers, redirect an employee’s paycheck, and steal sensitive information within the inbox.
Although potentially very damaging, with costs that can exceed $2 million, email compromises are also relatively easily preventable, said Beazley.
It recommended two-factor authentication, employee training and noted that disabling the ability for third-party applications to access Office 365 can also reduce the likelihood of an attacker using PowerShell, a task automation and configuration management system, for reconnaissance.
“Business email compromise attacks are among the more expensive data breaches we see,” said Beazley Breach Response Services head Katherine Keefe. “Years of emails often need to be combed through to identify personally identifiable information or protected health information that has been compromised. In the majority of cases, multiple inboxes are compromised.”
The July edition of Beazley Breach Insights, Beazley’s quarterly publication showing data breach trends, provides detailed industry-level data on the evolution of cyber threats and can be found here.