One Article Review
| Source |  ProofPoint |
|---|---|
| Identifiant | 8449329 |
| Date de publication | 2024-02-12 08:02:39 (vue: 2024-02-12 18:10:02) |
| Titre | 4 étapes pour empêcher le compromis des e-mails des fournisseurs dans votre chaîne d'approvisionnement 4 Steps to Prevent Vendor Email Compromise in Your Supply Chain |
| Texte | Supply chains have become a focal point for cyberattacks in a world where business ecosystems are increasingly connected. Email threats are a significant risk factor, as threat actors are keen to use compromised email accounts to their advantage. Every month, a staggering 80% of Proofpoint customers face attacks that originate from compromised vendor, third-party or supplier email accounts. Known as supplier account compromise, or vendor email compromise, these attacks involve threat actors infiltrating business communications between trusted partners so that they can launch internal and external attacks. Their ultimate goal might be to steal money, steal data, distribute malware or simply cause havoc. In this blog post, we\'ll explain how vendor emails are compromised and how you can stop these attacks. Finally, we\'ll tell you how Proofpoint can help. What\'s at stake Supply chain compromise attacks can be costly for businesses. IBM, in its latest Cost of a Data Breach Report, says that the average total cost of a cyberattack that involves supply chain compromise is $4.76 million. That is almost 12% higher than the cost of an incident that doesn\'t involve the supply chain. In addition to the financial implications, compromised accounts can lead to: Phishing scams that result in even more compromised accounts Reputational and brand damage Complex legal liabilities between business partners How does vendor email compromise occur? Supply chain compromise attacks are highly targeted. They can stretch out over several months. And typically, they are structured as a multistep process. The bad actor initiates the assault by gaining access to the email account of a vendor or supplier through various means. Phishing attacks are one example. Once the attacker gains access, they will lay low for an extended period to observe the vendor\'s email communications. During this time, the adversary will study the language and context of messages so that they can blend in well and avoid detection. Attackers might also use this observation period to establish persistence. They will create mail rules and infrastructure so that they can continue to receive and send messages even after the vendor has regained control of the account. Once they establish access and persistence, the attackers will begin to insert themselves into conversations within the supplier\'s company as well as with external partners and customers. By posing as the sender, the attacker takes advantage of established trust between parties to increase their chances of success. Overview of a vendor email compromise attack. Proofpoint has observed a growing trend of attackers targeting accounts within smaller businesses and using them to gain entry into larger companies. Threat actors often assume that small businesses have less protection than large companies. They see them as targets that can help them achieve a bigger payday. How to stop vendor email compromise If you want to defend against these attacks, it\'s critical to understand the methods behind them. Such a formidable problem requires a strategic and multilayered solution. The four broad steps below can help. Step 1: Know your suppliers Your first line of defense against these email attacks sounds simple, but it\'s challenging. It is the ability to intimately “know your supplier” and understand their security strategy. This requires more than a one-time vendor assessment. Your security teams will need to prioritize continuous monitoring of your company\'s business partnerships. On top of that knowledge, you need a thorough understanding of the access and privileges that your business grants to each vendor. Compromised accounts that have uncontrolled access may be able to exfiltrate sensitive data or upload malware like ransomware. So, when you know what your suppliers can (and can\'t) access, you can identify a data breach faster. Other steps, like requiring multifactor authentication (MFA) for vendor accounts, can |
| Envoyé | Oui |
| Condensat | 233 ability able about above access account accounts accounts achieve activity actor actors adaptive addition address advanced advantage adversary after against alerts all almost already also altogether among analysis analysts any apps are artificial assault assessment associated assume attack attacked attacker attackers attacks authentication automate automated automatically average avoid aware awareness bad balance become been before begin behavior behavioral behind below best between bigger blend blocked blocking blog both brand breach breaches broad broadly bullet business businesses but can cause chain chains challenges challenging chances check chosen cloud code communication communications companies company complex compromise compromised compromised compromise compromise connected consolidate consuming contains context continually continue continuous control controls conventional conversations cost costly could create credentials critical crucial culture customers cyberattack cyberattacks cybersecurity damage data days deceive defend defense defenses demand designed detect detected detection detection develop difficult direction distribute dmarc does doesn don download driven due during dynamic each ecosystems effectively efficient email emails employee employing entire entry error establish established evade even every examination example exfiltrate expedite explain extended external extremely face factor faster feature finally financial find first focal focus formidable fortify fostering four fraudulent from future gain gaining gains goal grants growing half happened harbor has have haven havoc help high higher highly how however hundreds ibm identifies identify implications incident incidents include increase increasing increasingly individual infiltrating infrastructure inherent initiates insert insights integration intelligence internal intimately investigation investigations investigative investing involve involves isolating isolation issue its just keen keep know knowing knowledge known language large larger latest launch lay layers lead learn least leaves legal legitimate less level levels level” liabilities like like: likelihood limiting line linger links long look loss low mail making malicious malware malware manipulating manual many may means measures mechanisms message messages method methods meticulous mfa might million mind mitigate money monitoring monitors month months more most multifactor multilayered multistep must necessary need network non not notifications now observation observe observed occur offer often once one ongoing only operate originate other otherwise out over overview parties partners partnerships partners party patterns payday people period persistence phishing point pose posing possible post potential potentially practices prepared prevent preventing prevention prior prioritize prioritizing privileges proactive problem process process prone proofpoint protect protection protection provide quickly ransomware rather react reaction reactive realize receive recent refine regained rely report reports reputational require requires requiring respond result retrospective review right risk riskiest rules sadly safety says scammers scams scope secure security see send sender senders sensitive sensitivity seven several sheet shift should significant silver simple simply sites small smaller solely solution sounds spent spoofing staggering stake stance starting status steal stem step steps stop stopping strategic strategy streamline streamlined stretch structured struggle study subtle success such supplier suppliers suppliers supplier” supply sure susceptible suspicious t: tackle tactics takeover takes targeted targeting targets task team teams tell tend than thanks that them themselves then these they third thorough though thousands threat threats through time timely to: too tools top total toward traditional trend trust trusted typically ultimate uncontrolled understand understanding undertakings unfortunately until upload urgent use us |
| Tags | Ransomware Data Breach Malware Tool Threat Studies Prediction Cloud |
| Stories | |
| Notes | ★★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.