A manufacturing organization became the target of a business email compromise (BEC) attack. The threat actor utilized stolen credentials and then hoped a prompt-bomb attack will work — it did, and the threat actor was able to take over the user’s inbox.
While, thankfully, this incident was detected and responded to by Arctic Wolf before more damage was done, BEC attacks are becoming more common and more successful by the month.
The Growing Impact of BEC Attacks
As of 2022, BEC complaints reported to the FBI’s Internet Crime Complaint Center (IC3), outpaced those of ransomware 10:1, and the losses incurred by BEC are 80x greater than those incurred by ransomware. According to new data from Verizon, BEC attacks account for 50% of all social engineering attacks. The vector is an increasingly lucrative business for cybercriminals and a deeply pressing challenge for cybersecurity teams across industries.
According to IC3, BEC generated losses for businesses of $2.7 billion in 2022, up from $1.8 billion in 2020. The FBI, however, is a U.S.-based organization, and many organizations may not report BEC attacks to the FBI, so it’s safe to assume that $2.7 billion is just the tip of the iceberg when it comes to the impact of BEC attacks.
In 2022, Arctic Wolf saw a significant uptick in the number of attacks, and saw every industry affected. However, it was the healthcare industry that saw the biggest increase in attacks, highlighting how threat actors are not picky when it comes to searching for a payday.
No organization wants to find themselves in the headlines or explaining to customers that there was a breach, especially one that took over their own business accounts to steal thousands or even millions of dollars. While this threat is certain to grow, organizations can take concrete measures to stop it through security posture management and security posture hardening.
How Arctic Wolf Security Posture Assessments Help Thwart BEC Attacks
At Arctic Wolf, we help organizations take another step in their BEC mitigation strategy, taking them a step beyond the implementation of additional tools by providing a Security Posture Assessment for BEC.
These assessments, and subsequent action items, are part of each customer’s security journey, and we design them to provide a strategic, unique analysis of the security environment, allowing us to uncover insights above and beyond those identified by the triage and alerting (or reactive) process.
For the BEC-specific security posture hardening, we focus on further securing the primary attack vectors and implementing mitigation strategies in our customers’ environments to reduce the likelihood and limit the impact of BEC attacks.
For example, you can enhance the security of your email gateways, improve the implementation of your conditional access policies to prevent account compromise, impose outbound message limits to prevent compromised accounts from phishing your clients or business partners, and tune the managed detection and response (MDR) monitoring of these various tools or solutions.
How Security Posture Management Prevents BEC Attacks
While a strong cybersecurity strategy should be both proactive and reactive, it’s the proactive half that can stop an incident before it becomes a full-blown breach. While seeking out a partner like Arctic Wolf is the best way to improve your security posture in terms of both effectiveness and efficiency, there are small steps any organization can take on their own.
- Assess your identity management and implement multi-factor authentication (MFA). 58% of BEC cases investigated by Arctic Wolf in 2022 lacked multi-factor authentication. It’s a simple, off-the-shelf tool that can make a huge difference in an organization’s defenses.
- Assess and evaluate email security. Because BEC attacks work through email, implementing strong email security helps safeguard accounts and can notify users of suspicious activity.
- Invest in security training for your employees. Users are both the first line of defense and first targets in a BEC attack. Arm them with the information and training they need to spot and stop incidents.
As mentioned above, these steps can be difficult for an organization to achieve, and while they feel like boxes to check, the truth is proactive security is part of the security journey — an ongoing process that’s better completed with a partner. That’s where Arctic Wolf, and Arctic Wolf Security Posture Assessments can make a major impact.
Better understand the Arctic Wolf security journey and the Concierge Security® Team.
Learn more about BEC and other attack trends.
