Attacks on cloud-based email programs continue to rise: Beazley data

Attacks targeting business email accounts continued to climb in the second quarter of 2018, according to data from specialist insurer Beazley.

Hardest hit were organizations using Office 365, the popular cloud-based productivity solution.

Read: Marsh appoints Global Head of Cyber Risk Consulting

Email compromises accounted for 23% of incidents reported to the Beazley Breach Response (BBR) Services team during the second quarter of 2018. The attacks were broadly distributed across industry sectors.

According to the company, business email compromises are efficient for the hacker because the compromise of a single account gives the hacker a platform from which to spear phish within and outside the organization. They have soared in popularity since the beginning of last year, says Beazley.

Read: Cyber risks “much more than just privacy risks”: CIP Society Symposium

The company points out that although potentially very damaging, with costs that can exceed $2 million, attacks of this kind are also relatively easily preventable. Two-factor authentication can help, as can employee training. Disabling the ability for third-party applications to access Office 365 can also reduce the likelihood of an attacker using PowerShell, a task automation and configuration management system, for reconnaissance.

“Business email compromise attacks are among the more expensive data breaches we see,” says Katherine Keefe, head of BBR Services. “Years of emails often need to be combed through to identify personally identifiable information or protected health information that has been compromised. In the majority of cases, multiple inboxes are compromised.”

Canadian Insurance Top Broker is now on Facebook (facebook.com/TopBrokerMag) as well as LinkedIn (linkedin.com/company/citopbroker) and Twitter (twitter.com/CITopBroker). Follow us for easy access to the top P&C news you need to know. 

from Canadian Insurance Top Broker https://ift.tt/2AuUdy6