CNME Editor Mark Forker moderated a virtual webinar that examined the measures and policies enterprises can implement to prevent their brand from becoming the victim of an impersonation cyberattack.
The virtual webinar was held by CPI Media Group and global IT security leader Mimecast – and was entitled ‘Stop Brand Impersonation Attacks – Beyond Your Perimeter Protection’.
Online brand exploitation has become a huge problem and has been exacerbated by the COVID-19 pandemic. Customers at many major banks and other large enterprises have been the victim of cybercrime via phishing e-mails, duped into thinking they were legitimately dealing with that brand, which only serves to indicate the sophistication of these types of attacks.
The primary objective of the session was to determine the best practices for finding, blocking and ultimately taking down domains that are ripping off legitimate and reputable brands, which can cause lasting damage to their reputation.
Werno Gevers, Regional Manager, Middle East, Mimecast kickstarted the webinar by delivering a short keynote, which laid the foundations for the discussion.
He highlighted how cyberhackers have become privy to the methods used by major enterprises to deter their attacks, and as a result have switched their focus to customers via domains and brand impersonations.
“Hackers have become wise and privy to the defences of the industry and have turned their attention to human error, or domain and brand attacks specifically. Technology has permeated every nook and cranny of our personal and professional lives, and whilst it creates many opportunities and greater efficiencies, it also increases risk”, said Gevers.
He added that technology was at the heart of what he describes as today’s business disruption triangle, and that this triangle typically consists of a dependency on old technology and systems, and interdependency on other organisations technology and systems.
“From a dependency point of view the vast majority of businesses and operations are dependent on digital technologies, and when one goes down it can result in a loss of productivity and revenue. When you think of interdependency, each organisation has invested to connect its internal systems, but in order to streamline processes, transactions and efficiencies, organisations also have to be able to connect to each other. Domain hijacks and brand impersonation attacks are a very real threat, and organisations are struggling with this because you don’t know what you don’t know, so it’s crucial to have visibility to know what is happening with your brand and be able to protect your brand”, said Gevers.
The first presentation of the webinar was conducted by Ronald Dubbeldam, Senior Specialist, Emerging Products, Mimecast, and he focused on practices businesses can take to protect their customers and their domains – and highlighted the unique capabilities of their DMARC Analyser.
Dubbeldam outlined that one of the biggest and most persistent issues that has always faced e-mail since its inception is the fact that it has never had any protection against identity theft.
He cited the damage a successful attack can have on an enterprise and pointed to research which indicated that 30% of customers will stop dealing with an organisation that has been subjected to an attack, even if they do not suffer any material loss.
Dubbeldam said that prior to the introduction of Mimecast’s DMARC solution, businesses were simply ill equipped to deal with this threat and prevent attacks, but now DMARC enables them to mitigate the impact of attacks.
“Organisations need to implement DMARC. It really is that simple. Implementing DMARC gives you insight in the outbound e-mail environment and can allow you to determine which sources can send e-mails on the behalf of your domains. Traditional security focused only on securing your inbound gateway, DMARC is used by Mimecast for inbound protection, which means if someone is sending a message to your gateway, Mimecast will do a DMARC check and based on that will determine what to do with that message”, said Dubbeldam.
Dubbeldam explained that DMARC is not an authentication technique, but it does rely on two existing authentication techniques SPF (Sender Policy Framework) and DKIM (Domain Keys Identified Mail).
“Because the domain owner and the source both need to work together the malicious source can never reach the alignment on SPF and DKIM and the alignment is really the most important part of DMARC in order to get control over your own domains, and this means you can control all the domains you own and block unauthenticated messages from being sent on your behalf”, said Dubbeldam.
Roy Ram, Product Manager, Brand Exploit Protect, at Mimecast was the next expert to deliver his presentation.
He stressed that it was very likely that your brand is already being targeted by bad actors that are trying to manipulate your brand. He pointed to research which found an increase of 30% in phishing sites, and a 58% increase in phishing attacks over the last 12 months.
“We are all very familiar with the various methods that are available to protect end-users, but the problem is that the bad actors also know and can easily bypass them with a simple man in the middle. You may have two-factor authentication, biometrics and device recognition which are all great, but the truth is that they can be very easily bypassed as well. The key message for our customers is that your customers are not security experts, so please don’t rely on them to be able to identify suspicious and malicious websites”, said Ram.
Ram also highlighted how cyberhackers have transformed their methods from manual attacks to automated ones.
“Older tools are simply not able to cope with new attack methods, as more and more sophisticated and elusive techniques are being built to evade older defenses, which means you need to become more agile to better defend yourself. We have three core pillars to help us handle these attacks and they are early detection, proactive approach and a swift response”, said Ram.
You can watch the entire session on tahawultech.com