For most companies, a significant percentage of office productivity occurs in email or through the web browser. So, it is no surprise that estimates suggest that email and web browsers are responsible for 90% of cyber-attacks today.
More and more, scammers are now using text messages to impersonate valid businesses and business users. Just check out this shockingly convincing copy of Verizon’s website and see the extent of how scammers are trying to trick users into divulging their user credentials. Scammers are also sending messages with fake FedEx package tracking numbers and warnings about suspending Netflix accounts (just the thought of my Netflix account being suspended is such a cruel and savage stunt ;-).
Ben-Efraim, CEO of Menlo Security, points out that preventing attacks relies on the assumption that you can outsmart the bad guys and stay one step ahead, while detect assumes that an organization will be able to recognize and respond to an attack quickly enough to avoid any damage. But the reality is that cybersecurity attacks happen very quickly and leave little time for both detection and prevention. And this is why ASG has been recommending organizations adopt a zero-trust security model.
Zero-trust network security operates under the principle “never trust, always verify.” Users and network traffic are treated as if they are operating in the open Internet, where a bad actor could be listening in or impersonating a user to gain access. Attempts to access a sensitive area of the network from another area are always screened as if the person (or application) trying to access the network is untrusted.
The problem with most implementations of zero trust is that they are not zero—they are granular trust. It is admittedly an improvement over the previous model, but the reality is that users and devices are still connecting to resources and data based on authentication and trust. Access may be more granular and verified more frequently, but there is still trust granted on some level for some time. The difference between granular trust and true zero-trust still leaves organizations exposed to exploits.
So how can organizations prevent these phishing attacks? How can cloud shares such as OneDrive, SharePoint, Dropbox be protected from these malicious drive-by attempts? How Salesforce, CRM, or any other business application be monitored to prevent sensitive or critical data from being sent outside the corporate network?
The quick answer is to use Check Point CloudGuard SaaS or Check Point SandBlast Mobile. Check Point prevents users from clicking malicious links through its 300+ machine learning algorithms that inspect emails and websites for:
- Domain Age
- Website Traffic Ranking
- Subject Language
- Body Language
- Insufficient Sender Reputation
- Nickname Impersonation
- URL Reputation
For malware and zero-day exploits, Check Point uses threat emulation technology that opens files on virtual machines in the cloud (aka. sandbox) and monitors them for abnormal behavior. If Threat Emulation determines the file is malicious, the Check Point Threat Intelligence databases are updated with this file’s signature, and Check Point Threat Extraction sanitizes the document. ProofPoint and other endpoint security solutions are unable to perform these preemptive actions.
If your organization would like more help implementing a zero-trust security model, please reach out to ASG.