Gartner recently released an important report, “How to Respond to the 2023 Cyberthreat Landscape.” (You can get your complimentary copy here.)
This report on the cyberthreat landscape couldn't be more timely or relevant. In an era of digital transformations, threats are not only proliferating but also evolving, posing a serious challenge to organizations worldwide.
One observation from Gartner that resonated with us at SafeGuard Cyber was the “Evolving Phishing Tactics”Phishing is no longer confined to emails – it has become multichannel, exploiting collaboration platforms, social media, text messaging (smishing), voice messaging (vishing), and even quick response (QR) codes to extract valuable information.
Here are our key takeaways from the Gartner report and why it resonated so much with the SafeGuard Cyber team.
Persistent Threats in a Changing Landscape
As Gartner points out, for the last decade or so, the same threats have remained top trends: malware, phishing and credential abuse. We feel Even with ever-advancing cybersecurity programs, these threats continue to persist.
Particularly notable is the transformation of phishing. The evolution of phishing has been rapid. Once predominantly email-based, phishing has grown more sophisticated and diverse, expanding across various digital channels.
At SafeGuard Cyber, we've witnessed this evolution first-hand. The recognition that "what's old is new" is no mere slogan for us. It's a real-time acknowledgment of how we're addressing these continually morphing threats. Our team is always developing more advanced defenses in response to this new multichannel phishing approach.
Gartner shares that the financial consequences of security failure have become more tangible with the first large fines.As businesses grapple with increasingly hefty fines resulting from security breaches, the demand for rapid security implementations is rising.
Gartner shares, “Curating lists of attacks and statistics can provide a useful fact base for security teams, but is not sufficient to justify long-term initiatives when talking to the board. Attack listings and statistics are a look into the past.”
We believe their recommendations align well with our philosophy at SafeGuard Cyber. We believe in planning future security investments and continually updating our threat modeling to include potential non-technical threats. This proactive approach ensures we're ready for what's coming, not just reacting to what has already happened.
Phishing Evolution: Multichannel Approaches
At SafeGuard Cyber, we've seen firsthand the evolution of phishing. We’ve observed a profound shift in the modus operandi of attackers, who are increasingly diversifying their phishing tactics beyond traditional email. This evolution reflects the growing sophistication of attackers and their adaptability to the changing digital landscape. Here's a closer look at how these multichannel approaches are being utilized:
- Collaboration Platforms: As remote work continues to rise, collaboration platforms such as Slack, Microsoft Teams, and Zoom have become ubiquitous. Recognizing this trend, attackers have started leveraging these platforms to launch phishing attacks. They send seemingly harmless messages or files that, once clicked, can lead to malware infections or data theft.
- Social Media: Attackers are also exploiting popular social media platforms to launch phishing attacks. From fake friend requests to scam messages, these attacks aim to trick users into revealing sensitive information. Given the vast user base of these platforms and the inherent trust users place in their networks, this approach has proved highly effective for attackers.
- Text and Voice Messaging (Smishing and Vishing): Phishing has also expanded to mobile channels. Attackers send scam text messages (smishing) or make fraudulent voice calls (vishing) to trick individuals into sharing sensitive information. These tactics take advantage of the trust people often place in phone-based communications.
- QR Codes: QR codes have become increasingly popular due to their ease of use, but they've also become a new avenue for phishing attacks. Cybercriminals create malicious QR codes that, when scanned, can download malware onto a user's device or redirect them to phishing websites.
These evolving tactics underscore the need for comprehensive, multichannel cybersecurity measures. At SafeGuard Cyber, we continuously adapt our strategies and technologies to match these changing tactics and protect our clients effectively.
SafeGuard Cyber's Phishing Countermeasures: NLU and More
Our approach to mitigating the dangers created by the evolution of phishing is nuanced, and includes:
- Cross-Channel Correlation: We identify sophisticated phishing campaigns across over 30 communication channels.
- Inbound and Outbound Inspections: We inspect both inbound and outbound messages for malicious content and track all account activity.
- Early Detection and Response: By detecting interactions that indicate early stages of phishing, we disrupt the attack chain at an early stage to minimize damage.
Throughout, we harness the power of Natural Language Understanding (NLU) and AI machine learning to comprehend the human elements of context and intent in cloud communications. Our NLU processes communications in three stages: pre-processing and text preparation, feature extraction, and final risk assessment.
Our NLU operates effectively in various environments, processing thousands of messages in near real-time. We build a digital profile to identify risk in communication channels, and our detection engine is highly flexible, ready to adapt to ever-changing attack methods.
Navigating the Future of Cybersecurity
Adapting the evolution of phishing is more than theoretical – it's fundamental to maintaining resilient cybersecurity in a digitally transforming world.
Remember, not all threats stem from technological advancements. Non-technical factors, such as human error or lack of cybersecurity awareness, significantly contribute to an organization's vulnerability. Comprehensive security approaches should address all these elements.
As digital communication diversifies, so does the potential for attacks. We need to ensure our security measures extend to new platforms and communication forms, including collaboration tools, social media, mobile communications, and QR codes.
The key takeaway from the evolution of phishing is this: cybersecurity is a dynamic, constantly changing field that demands perpetual vigilance and proactive responses. Let's embrace this change, stay vigilant, stay informed, and stay safe as we continue to navigate this ever-evolving digital landscape.
Gartner, How to Respond to the 2023 Cyberthreat Landscape, Jeremy D'Hoinne, John Watts, Paul Furtado, Evgeny Mirolyubov, Ravisha Chugh, Akif Khan, Dionisio Zumerle, Katell Thielemann, Wam Voster, Andrew Walls, Deepti Gopal, Avivah Litan, Charlie Winckless, James Hoover, Nahim Fazal, Ant Allan, Pete Shoard, 11 April 2023
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved.
If you are interested in learning more about the SafeGuard Cyber solution, you can take a quick 5-minute tour.