SAN FRANCISCO—January 13, 2016—Cloudmark Inc., a trusted leader in intelligent threat protection, today announced Cloudmark Trident™, the industry’s first comprehensive security solution for real-time protection against highly targeted spear phishing attacks. Cloudmark Trident enables enterprises to detect and block spear phishing attacks as they happen - before attacks result in lost revenue or data, damage to consumers and employees, and negative impacts on a brand’s reputation. The new solution draws upon Cloudmark’s extensive experience in detecting and blocking messaging threats and Cloudmark’s Global Threat Network, the world’s most extensive commercial threat intelligence database.
Cloudmark also announced today the results of a survey conducted by Vanson Bourne that provides new insight into IT professionals’ views and experiences with spear phishing attacks, as well as the security and financial impact of these attacks on their organizations. The results show that email remains a prime attack vector for cyber criminals – 90 percent of survey respondents whose organization experienced a spear phishing attack within the past year said that the attacks targeted employees’ email. IT professionals are also increasingly concerned about spear phishing attacks. Nearly three-quarters (73 percent) of IT decision makers reported that spear phishing currently poses a significant threat to their organization.
Targeted spear phishing attacks are a growing threat both to governments and businesses. For example, spear phishing attacks have been associated with multiple recent high-profile data breaches, including those experienced by Target, Sony and the Pentagon. Spear phishing attacks can quickly yield valuable information such as user credentials to corporate or personal accounts, which attackers can leverage to gain additional insight into the target organization or individual, and to launch additional attacks that seek access to additional systems and services. According to Verizon’s 2015 Data Breach Investigations Report, nearly 50 percent of victims open phishing emails and click on the link within the first hour of receiving them.
Cloudmark Trident: A Comprehensive Technology Approach to Spear Phishing Protection
Cloudmark Trident combines threat intelligence, anomaly detection, context analysis and behavioral learning to intercept spear phishing attacks that evade current solutions. The solution provides enterprises with dynamic, real-time protection against spear phishing attacks, including the theft of authentication credentials, malware and business email compromise (BEC) messages that can lead to multi-million dollar losses, data theft and negative impact to brand and reputation.
Cloudmark Trident identifies suspicious messages that may appear to be legitimate, including those with dangerous attachments and links, before they reach employees. The new solution uniquely excels at detecting spear phishing attacks often missed by Secure Email Gateway (SEG) solutions, including text-only attacks that have no URL or malicious attachment payloads. This includes impersonation attacks that often lead to wire fraud and the loss of millions of dollars, as well as the termination of executives who were deceived by attackers.
Cloudmark Trident is a supplementary security solution that easily and seamlessly integrates with existing enterprise email infrastructure, including Microsoft Office 365, to provide a new layer of robust intelligent threat protection. It scans the inbound messaging stream after it has left the SEG, but before the messages are delivered to the enterprise’s mail store system. By evaluating all inbound email traffic, Cloudmark is able to create a virtual map of email paths and behaviors. The map then identifies messages that masquerade as legitimate, but which deviate from known behavior patterns. The solution also features in-depth attack reporting that highlights individuals within an organization who phishers are targeting. Identifying those most likely to receive spear phishing messages helps enterprises focus their educational efforts and training on those who may be the susceptible to these kinds of cyber attacks.
Cloudmark Trident also draws upon Cloudmark’s vast global intelligence network, providing data-driven insights into emerging and evolving threats. Cloudmark’s Global Threat Network is the world’s largest commercial threat intelligence database, informed by the largest service providers and hundreds of millions of inboxes.
“With the wealth of information about individuals and organizations now available online, cybercriminals can easily craft targeted attacks to gain access to valuable personal and financial information. Spear phishing has emerged as one of the largest threats facing enterprises today,” said George Riedel, CEO of Cloudmark. “Based on our conversations with customers, partners and enterprise IT decision makers, it is glaringly apparent that organizations across industries are struggling to combat spear phishing threats with existing solutions – creating a real need for a new technology-based approach. We are committed to helping these organizations identify and detect threats before they compromise their networks, and we have already begun working with several enterprises around the world to deploy Cloudmark Trident to address this growing threat.”
Additional information on Cloudmark Trident is available at: https://www.cloudmark.com/en/s/products/cloudmark-trident.
Survey Reveals Education and Traditional Security Measures Are Not Enough
Vanson Bourne surveyed 300 IT decision makers at organizations with more than 1,000 employees in the U.S. and the U.K. to assess the impact of spear phishing attacks, as well as what measures enterprises were taking to combat them.
Key highlights from the survey include:
• Despite Adoption of Email Solutions, Spear Phishing Attacks Are Still Getting Through. Roughly 70 percent of respondents reported that their organization has implemented a specific solution to prevent spear phishing, investing an average of $319,327 over the past 12 months, focused primarily on anti-spam and anti-virus software as well as employee education. However, 84 percent estimated that a spear phishing attack had penetrated their organization’s security solution and, on average, respondents estimated that 28 percent of attacks are getting through.
• Spear Phishing Attacks Cause Significant Damage. More than 80 percent of companies that experienced a spear phishing attack reported negative impacts to their businesses as a result. The biggest impacts were loss of employee productivity (41 percent), financial loss (32 percent), loss of company reputation (29 percent), damage to brand reputation (27 percent) and the loss of customers (25 percent) and intellectual property (25 percent). In addition, 15 percent reported a decrease in stock price as a direct result of spear phishing attacks.
• Attackers Are Targeting Specific Departments and C-Suite Executives. According to respondents, the employees that were the most targeted during spear phishing attacks are the IT staff (44 percent), the financial staff (43 percent) and the CEO (27 percent). Respondents reported that their organization had suffered an average of 10 attacks involving the spoofing of a CEO for financial gain within the last 12 months.
• Spear Phishing Overwhelmingly Targets Email. Among organizations that experienced a spear phishing attack, 90 percent reported that the attack targeted email. Also in the top three attack vectors were mobile devices (48 percent) and social networks (40 percent). The most common forms of attack were malware deployment schemes (34 percent), authentication credentials discovery (30 percent) and corporate information requests (25 percent).
• Employees Are Organizations’ Biggest Vulnerability. Of respondents whose organizations utilize staff training to prevent spear phishing, 61 percent reported that their organization provides ongoing training. Yet, 44 percent indicated that employees are their biggest spear phishing vulnerability. On average, respondents’ organizations are testing their employees’ response to spear phishing attacks every four months. Despite routine testing, almost no respondents (3 percent) reported that all employees passed the most recent spear phishing test.
For additional information about the survey, as well as an infographic summary of the key findings, please visit: https://blog.cloudmark.com/2016/01/13/survey-spear-phishing-a-top-security-concern-to-enterprises.
Additionally, a video roundtable of leading security professionals, including Kevin Mitnick, computer security expert and hacker; Ken Baylor, former Symantec CISO; and Darin Andersen, Cyber United president and CEO; discussing spear phishing attacks and trends can be viewed at: https://www.cloudmark.com/en/s/resources/videos/the-insiders-view-spear-phishing-and-the-enterprise.
Cloudmark is a trusted leader in intelligent threat protection against known and future attacks, safeguarding 12 percent of the world’s inboxes from wide-scale and targeted email threats. With more than a decade of experience protecting the world’s largest messaging environments, only Cloudmark combines global threat intelligence from a billion subscribers with local behavioral context tracking to deliver instant and predictive defense against data theft and security breaches that result in financial loss and damage to brand and reputation. Cloudmark protects more than 120 tier-one service providers, including Verizon, Swisscom, Comcast, Cox and NTT, as well as tens of thousands of enterprises.