BitDam Blog

Rotem Shemesh
Rotem Shemesh
3 minutes & 4 seconds read · July 29, 2020

BitDam Launches Free Phishing Detection Tool

BitDam has just announced the launch of its advanced online URL scanner that detects phishing and malicious links. With phishing attacks constantly increasing in both sophistication and frequency – and with COVID-19 accelerating these attacks – this innovative tool could not come at a better time.

Is This A Phishing Link?

BitDam’s free phishing detection tool allows you to enter a link, scan the URL for phishing and find out if it’s malicious or not.

The tool demonstrates BitDam’s advanced phishing detection capabilities and provides the cybersecurity community with the ability to scan suspicious links even when they’re still very new – and when reputation and threat-intelligence solutions still cannot identify them.

The phishing detection tool is built for SOC and threat hunting professionals, security analysts, and MSSPs who want to be at the forefront of phishing detection technologies.

Why Phishing Protection Is So Important Now

Phishing is the No.1 cybersecurity threat facing organizations today. A combination of factors have made this problem more urgent than ever:

Phishing is now more sophisticated

Due to the increase in the severity and consequences of phishing attacks, employees are more aware of the dangers that phishing emails pose. Attackers, therefore, have become more sophisticated, employing machine learning and automation to rapidly create and distribute convincing phishing messages.

Attackers have developed new techniques

With attackers constantly developing new techniques – including using automation to bypass existing security tools – traditional security solutions, including reputation-based products, just can’t keep up.

Attacks are targeted – and missed by traditional solutions

More attackers are ditching the “spray-and-pray” type of phishing attack for more targeted phishing campaigns. These are aimed at individuals within an organization and can be hyper-personalized, ensuring they’re not identified by reputation-based detection solutions including many O365 phishing security and Gmail phishing security solutions.

Phishing attacks are on the increase

Phishing attacks have increased because they’re relatively cheap and simple to set up. With little effort or fear of consequence on the attacker’s side, they can easily access sensitive data like company login credentials. With COVID-19 increasing the number of people working remotely, as well as stress levels, attackers have been taking advantage of this situation.

Liron Barak, CEO of BitDam observes, “We are seeing a real increase in phishing campaigns in the past year. In fact, phishing has become the top cybersecurity threat, more than ransomware or any other malware. That’s because phishing attacks are much simpler to execute, and recently are more difficult to identify.”

The launch of BitDam’s phishing detection scanner could not come at a better time. Barak notes, “In addition to including our unique phishing detection capabilities in BitDam’s Advanced Threat Protection solution, we are now launching this online scanner for use by cybersecurity professionals.”

A Unique Phishing Detection Tool

Most other phishing protection solutions are based on reputation and threat intelligence. This approach is inadequate in the face of automated attacks and previously unseen first-time threats.

  • BitDam is independent of previous knowledge and data. It uses multiple sophisticated computer vision and AI algorithms to assess: is this a phishing link?
  • It can, therefore, detect phishing threats at first encounter, unlike reputation and threat intelligence-based products that have to wait to collect enough data before classifying something as phishing

Get Advanced Phishing Protection

To get started with BitDam’s online phishing detection tool, just visit the website and scan a URL for phishing.

BitDam offers phishing detection and prevention as part of its comprehensive Advanced Threat Protection solution for business collaboration platforms which includes protection for email, cloud drives, and Instant Messaging – covering threats of any type hidden in files and links.

To see for yourself how simple and impactful BitDam is, schedule a demo.

Read more
Rotem Shemesh
Rotem Shemesh
3 minutes & 3 seconds read · June 28, 2020

BitDam Launches Its DIY Guide To Assess Email Vulnerability

Understanding your vulnerabilities when it comes to email security is critical in order to ensure that you’re protected against ransomware, phishing, and other email-borne threats. These threats are getting more sophisticated, and many are able to evade mainstream email security products. Studies show that 20-40% of the emerging threats bypass the leading email security solutions.

Testing your email security may sound like a long and complicated task that involves engagement with pentesting professionals and deployment of attack simulation tools. But it doesn’t have to be this way. BitDam now presents its DIY Guide: How to Assess Your Email Vulnerability for Free in 20 Minutes which allows anyone to test their email security and get an accurate view of what threats their current security tools block and what they miss.

This guide showcases free tools only – each focused on a slightly different goal – and uses a step-by-step approach, guiding you in how to assess your email security posture. You can also watch the video to learn how to implement these free tools.

Why It’s Needed

Some responsible for email security might think that with their “mainstream” email security solution in place, they’re protected. Unfortunately, the facts show that this is a dangerously incorrect assumption. Specifically, when it comes to threats encountered for the first time – “Unknown Threats at First Encounter” – these solutions struggle to keep up.

For example, Proofpoint’s “TAP” advanced email protection misses about 23% of new attacks emerging every day, Microsoft Office 365 Advanced Threat Protection (ATP) misses 25% of new attacks including recent phishing campaigns, and G Suite Enterprise misses almost 36% of threats. In fact, 45% of emerging threats bypass at least one of the leading email security products.

So how does your organization’s email security fare when it comes to these threats?

Free Tools To Assess Email Vulnerability

BitDam offers three free tools for evaluating your email security: Lucky Meter, Breach & Attack Simulation (BAS), and BitDam’s Malware Feed.

Lucky Meter

Lucky Meter is a highly accurate way to assess email vulnerability, using continuous, real-world attacks in real-time to give an accurate, up-to-date, and detailed picture of your risk level.

Breach and Attack Simulation (BAS)

BitDam BAS offers a quick one-time assessment of your email security posture. It makes use of simulated attacks, that are based on real-world attacks the BitDam team has observed in the wild.

Malware Feed

Mainly used for deeper investigation, the Malware Feed includes live information on real-world malware attacks.

Each of these tools is incredibly easy and quick to get started with and is offered by BitDam completely free.

More About The Guide

The DIY Guide presents each solution in more detail, highlighting each one’s typical use case and main advantages. Each tool has its introductory section explaining what it’s ideal for, its quick steps for getting started for those more proficient with these types of tools, and more in-depth step-by-step instructions including images and screenshots.

By following the Guide, you’ll be able to select any or all of the free services offered, use them to assess any vulnerabilities within your email security posture, and generate detailed, valuable reports that can help you make the right decisions for the security of your organization. And the best part about it – you’ll have to invest only about 20 minutes.

Your Guide to Continued Email Security

Using these free tools provided by BitDam, any organization can simply, quickly and easily check the current state of their email security posture – the first step in upgrading your email security to meet the latest threats.

To get started, watch the video or download the DIY Guide: How to Assess Your Email Vulnerability for Free in 20 Minutes.

Read more
Liron Barak
Liron Barak
4 minutes & 21 seconds read · June 1, 2020

BitDam is Named a Gartner Cool Vendor

We have some very exciting news to share! Global research and advisory company Gartner has named BitDam as a Gartner Cool Vendor in Cloud Office Security in their May 2020 Cool Vendors in Cloud Office Security report (Gartner subscription required). Our full press release is available here. It’s a big honor for us, and we’re really delighted to see BitDam recognized as a Cool Vendor.

The research notes that “As cloud office suite adoption becomes nearly universal, security and risk management leaders must explore ways to protect sensitive information from risks and threats”. We fully agree of course, and in our opinion this is made all the more urgent by factors such as an increasingly decentralized workforce and the work-from-home (WFH) consequences of COVID-19.

BitDam: Protection Across Multiple Platforms

In the report’s recommendations, it’s noted that “security and risk management leaders overseeing applications and data security related to cloud office security should: evaluate a threat-protection tool that can work across multiple enterprise collaboration platforms”. At BitDam, this is part of our DNA as we protect against malicious files and links delivered in any collaboration platform including enterprise email, cloud drives, and instant messaging.

Today’s Threats and BitDam’s Answer

Two of the biggest threats facing organizations today are email-borne threats, and threats relating to collaboration platforms such as Google Drive, Microsoft OneDrive, or Instant Messaging platforms.

Many popular email security products can’t detect 20-40% of unknown threats at first encounter (which can lead to successful phishing, ransomware, and data breach attacks). Add to this the fact that there has been a constant increase in the use of collaboration platforms – which has accelerated in 2020 – and the need for the protection that BitDam provies becomes apparent. BitDam effectively protects these platforms against threats, including securing IM, Zoom and Microsoft Teams.

What’s So Cool About BitDam?

Here are what we believe to be some of the factors that make BitDam so special:

Protecting multiple collaboration tools

The list of collaboration tools used to share content and work together is constantly growing. Files, links, attachments, messaging, video, cloud drives – all of these have become critical in the modern workplace. Unfortunately, these tools also provide attackers with multiple points of entry when it comes to cyberthreats.

BitDam therefore secures multiple collaboration tools – including email, cloud drives, instant messaging tools and video communication platforms – thus keeping the modern organization safe across all fronts. It uses the same security approach across all these channels and provides security personnel with unified view.

Unique attack agnostic detection approach

BitDam’s unique approach means immediate detection of advanced threats, regardless of attack techniques. BitDam learns the normal code-level executions of business applications such as MS-Word and Acrobat Reader. Based on this whitelist, it scans files and links before they reach the end-user, and determines whether they are malicious or not, regardless of the specific malware they may contain.

Detecting both known and unknown emerging attacks, BitDam guarantees the highest detection rates in the industry. It does not require feeds, reputation or intelligence services in order to detect never-seen-before attacks.

We leverage our IP to offer free SOC tools

BitDam offers free SOC tools such as its Breach & Attack Simulation (BAS) for email, BitDam Lucky Meter and its Malware Feed:

BitDam’s free BAS enables users to analyze their email protection and uncover any email security flaws. BitDam’s BAS automatically simulates cyber attacks and tests the user’s cyber defenses, providing insights into email security.
BitDam’s Lucky Meter allows users to check how exposed their mailbox is to unknown cyber threats that are emerging every day in real-time. Lucky Meter measures the Miss Rate at first encounter and Time To Detect (TTD) by the current security solutions in a user’s live environment, and provides a continuous assessment of the effectiveness current email security.
Our Malware feed provides access to the most recent cyber attacks from the wild, allowing users to further investigate these atatcks.

There’s a lot that BitDam offers that we believe are factors that led to BitDam being named a Cool Vendor by Gartner. For us, being recognized as a Cool Vendor highlights the critical role BitDam plays in keeping organizations and their users protected, no matter where they (virtually) are.

If you’re interested in learning more about what BitDam does and how we can help your business, schedule a demo with a BitDam expert or get in touch.

Gartner subscribers can view the Cool Vendors in Cloud Office Security report.

Gartner “Cool Vendors in Cloud Office Security,” Brian Reed, Ravisha Chugh, 1 May 2020

 

The GARTNER COOL VENDOR badge is a trademark and service mark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s Research & Advisory organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Read more
Maor hizkiev
Maor hizkiev
2 minutes & 6 seconds read · May 28, 2020

Which attacks bypassed O365 ATP?

In the last couple of weeks, we noticed a significant increase in the number of threats bypassing O365 ATP. We observed the same trend across multiple customers and industries, all in the US. Interestingly, most of these attacks were phishing campaigns, impersonating Microsoft.

Detecting cyberthreats that bypassed O365, along with other advanced email security solutions such as Proofpoint TAP and G Suite Enterprise, is not new to us. As BitDam’s Advanced Threat Detection is located as a last line of defense, it detects all those threats that were missed by the first line email security in place. If you’d like to learn more, you can always check out the most recent cyberattacks in the wild and which security solutions they missed in this live dashboard.

With that said, in the past two weeks, we noticed something different. Between May 13th to May 27th we have seen a drastic increase in the number of cyberattacks that were missed specifically by O365 ATP across most of our customers in the US. This includes malicious files and phishing links delivered by email. Here is some interesting statistics:

  • 67% of the malicious emails misses by O365 ATP were phishing emails, the other 33% contained malware
  • 90% of the phishing emails tried capturing credentials for Microsoft’s products, many of them by using notifications such as ‘a document is waiting for you’, or ‘a voicemail is waiting for you’.
  • 98% of the malicious files were excel files, with many of them using macros
  • 89% of the malicious excel files included ‘invoice’, ‘receipt’ in their filename

Since we have expanded our offering from malware detection only to providing also phishing protection, our researchers see constant growth in the number of phishing attacks. In the past few weeks, this trend was accelerated, and they have observed a significant spike in this type of attack. While it’s a known fact that phishing is the leading threat exploiting COVID-19, we were surprised to see the portion of phishing attacks that bypass O365 ATP, one of the leading email security solutions in the market. In one case, protecting a customer that uses O365 ATP, BitDam detected 29 malicious files in one day (!) targeting mainly the organization’s executives.

To get a real and continuous picture of how protected your email is against TODAY’s threats – which attacks are missed by your current email security and what types of attacks are putting your organization at risk – sign up for BitDam’s next generation Breach & Attack Simulation here. Spoiler: you’re going to be surprised…

Read more
Amie Schwedock
Amie Schwedock
2 minutes & 21 seconds read · April 16, 2020

Daniel Baird, Graham’s Family Dairy on BitDam Email and OneDrive Security

Daniel Baird, Head of Information Technology, Graham’s Family Dairy

We’ve interviewed Daniel Baird, Graham’s Family Dairy Head of Information Technology about his experience with BitDam’s Advanced Threat Protection (ATP). Graham’s Family Dairy is a household food and beverage name within Scotland; at the forefront of everyone’s breakfast table.

Here is the result in video and text:

Q: Daniel, what was your email security solution prior to using BitDam? Why did you decide to add another solution like BitDam’s?

A: Our security solution prior to using BitDam was Microsoft O365 ATP (Advanced Threat Protection). We were happy with O365 ATP, and still are, but understood that this is just part of the entire solution. While O365 ATP is great as the basic layer of email security, it protected us only from known threats. We were getting huge amounts of threats through Microsoft’s ATP product and these needed to be mitigated against. We’ve added BitDam on top of this as an extra tier of protection to make sure we’re protected against both known and unknown threats. The issue about these unknown threats is that they keep coming and they are not as rare as you’d think.

Q: Why did you decide to try BitDam?

A: I really liked BitDam’s fresh approach to security. While all other vendors are focused on data-driven technologies (that depend on heuristic definitions) and work well protecting threats that were seen in the wild in the past, BitDam uses a very different, model-driven approach, that detects unknown threats from the very first moment they’re out there. Furthermore, they protect OneDrive in addition to O365 email, which means that our end-users are protected on every front.

Q: What have the results been so far? What does BitDam enable?

A: BitDam has successfully identified several threats that have made it through the Microsoft security piece, and has given us advanced warning.  Users don’t even notice it which is another advantage.

Q: Can you share some insight about the setup process and trial?

A: It took literally 10 minutes, probably five minutes, and it was very, very seamless. We actually started the trail when I was in the coffee shop at a conference talking to their rep. It was super-easy. Within a few weeks, we were able to realize the ROI of this solution and decided to go for it. Once you see with your own eyes the significant amount of attacks that bypass your current security and being caught by it, you don’t hesitate anymore.

Q: How would you describe, in a sentence or two, what BitDam does?

A: BitDam provides an extra tier of protection to our Office 365 email and our One Drive files. This gives us advanced intelligence against the unknown threats.

 

Read more
Unknown Threats are The Achilles Heel of Email Security
Liron Barak
Liron Barak
2 minutes & 55 seconds read · April 7, 2020

Unknown Threats are The Achilles Heel of Email Security

How secure is your organization’s email? Unfortunately, a lot less secure than many people think. For example, did you know that up to 45% of emerging threats bypass at least one of the leading email security products?

In a must-read study entitled “Unknown Threats: The Achilles Heel of Email Security”, BitDam researchers follow up on a previous study to provide even more updated, in-depth and actionable information around the email security threat.

 

A Quick Primer

It’s no secret that most cyber attacks start with an email bearing a malicious file or link. While organizations rely on email security products to protect their email, malicious files and links regularly bypass the leading email security products – leaving them vulnerable to attacks including Ransomware, Phishing and malware leading to Data Breaches.

Two factors compound this threat:

        • Many “mainstream” email security products struggle to detect threats they encounter for the first time (“Unknown Threats at First Encounter”)
        • Attackers are leveraging automation to mutate common threat variants, resulting in a massive increase in Unknown Threats

     

  • This creates the perfect storm for attackers and can potentially inundate security products. All this, and more, is in the latest study.
  • The Study – What’s New

    The study now covers five months of empirical data, and includes a strengthened conclusion from the original study thanks to more data from Office 365 ATP and G Suite Enterprise.

    In a major step forward, the study now includes data from Proofpoint TAP, one of the market leaders in the U.S. (Spoiler alert: it too has a Miss Rate over the study period of over 20%).

    The study showcases updated metrics such as Miss Rate at First Encounter and Time To Detect (TTD) for the leading email security solutions.

     

    Key Findings

    What’s distressing is that the email security systems in the study – Microsoft’s Office 365 ATP, G-Suite Enterprise and ProofPoint TAP – have high miss rates of 20% to 40% for Unknown Threats at First Encounter.

    45% of threats bypass at least one of these leading products and it takes them between 10 and 53 hours (yes, that’s over 2 days) to start protecting against the threats they first missed.

    Study Graph

    Who Stopped It Best?

    We’ll let you go over the data in-depth in the study, but a quick summary shows how these solutions compare over the period analyzed:

    • Office 365 ATP: Miss Rate of 25%. Average TTD is 53 hours.
    • G Suite Enterprise: Miss rate of 35%. Average TTD is 32 hours.
    • Proofpoint TAP: Miss rate of 23%. Average TTD is 10 hours.

     

    Does Having A Combination of These Protect Me?

    Unfortunately, the answer is no.

    In an example where a combination of Proofpoint TAP and Microsoft Office 365 ATP are used, the data shows that Office ATP only picks up around a third of what Proofpoint misses. Even if your security stack includes more than one of these solutions – such as this particular common combination – you are still exposed to 15% of threats.

    Proofpoint data

     

    Staying Protected

    As the study shows in detail, the security products many organizations rely on to protect their email fail to provide protection against unknown threats – much like a vaccine that protects against the previous mutation of a virus, and not the next one.

    In case you were wondering, BitDam was able to correctly identify all the unknown threats missed by the email security products covered in the study. Making BitDam ATP the natural choice for augmenting current email security products, and effectively addressing the risk customers face today from their incoming email.

    Download the updated study and see the real-time data here.

Read more
Rotem Shemesh
Rotem Shemesh
3 minutes & 1 second read · April 2, 2020

BitDam Secures Zoom and Microsoft Teams

Most people today use some kind of instant messaging channel as part of their workday routine. We use these applications to share files, attachments, connect and work with colleagues, customers, vendors and partners across the globe. In this global world, the use of screen-sharing and video conferencing has also become significant. With most businesses operating online, the security for these applications are imperative.

This is always true! However, in the past weeks, in light of the COVID-19 pandemic and WFH phenomena, we are seeing an unprecedented growth in the usage of these platforms by existing users as we well as a huge spike in demand from new users. This is going to leave an indelible impact on technology adoption and growth in years to come, according to analysts at Frost & Sullivan.

To put things in context, Microsoft Teams user base grew to 44M from 13M users in July 2019.

Zoom on the other hand, experienced a 67% growth in their daily active user base in the first three months of 2020. The company added 2.22M monthly active users so far in 2020, while in 2019 it added 1.99M in total, according to estimates from Bernstein Research analysts.

 

A New Challenge Emerging: Cyber Attacks Via Enterprise Communication

The enormous growth in usage of enterprise collaborations tools in general, and Zoom and MS Teams in particular, is a fertile ground for cyber attackers. Hackers take advantage of the fact that people use these different platforms more often. According to the World Economic Forum,  cybercriminals exploit the fact that many employees who are working from home have not applied the same security on their networks that would be in place in a corporate environment, or that enterprises haven’t deployed the right technologies or corporate security policies to ensure that all corporate-owned or corporate-managed devices have the exact same security protections, regardless of whether they’re connected to an enterprise network or an open home WiFi network.

Considering this new situation – the fact that most employees are working from home and the rising risk in the usage of Zoom, MS Teams and other collaboration channels – organizations must take proactive actions to ensure that these tools are not used by bad actors to penetrate their networks, which usually leads to phishing, ransomware and data breaches, causing enormous damage.

Why is this important? Files and links sent via these platforms are an easy access point for hackers. Zoom and MS Teams allow you to work with other users outside of your organization. They might have different levels and practices of security, putting your organization vulnerable to threats from the outside when sharing files and URLs.

 

Securing your Zoom and MS Teams Accounts

What’s clear is the use of instant messaging, screen-sharing and video conferencing platforms like Zoom, MS Teams and others will continue. This is where BitDam Advanced Threat Protection (ATP) comes in. You can deploy BitDam ATP for Zoom and Microsoft Teams with a matter of two clicks and with no interference to end users. BitDam will scan all files and URLs sent within your Zoom and Microsoft Teams accounts before they reach the end users, and would block and quarantine the malicious ones. Since BitDam’s technology is attack agnostic, it will protect your business from phishing, ransomware and any other type of malware, even when working from home.

 

BitDam stepped up to support businesses in these vulnerable times and is now offering a free trial for BitDam ATP for MS Teams as well as for Zoom. You’re welcome to try it!

 

 

 

 

 

 

 

 

Read more
Maor hizkiev
Maor hizkiev
2 minutes & 33 seconds read · March 19, 2020

5 Free Cybersecurity Tools That Will Help Protect Your Organization Through The Coronavirus Chaos

Facebook, Google, Twitter and many other companies both large and small have implemented remote working policies for many – or all – of their employees around the world. Millions are now working from home, and many organizations are scrambling to provide the collaboration tools and infrastructure to support this change.

The good news is that some companies have special offers in place to help companies through this chaotic period. For example, Google is offering its premium version of Hangouts Meet for free, to assist businesses and schools operating remotely. Microsoft meanwhile has made its Teams platform available for free.

 

Free Cyber Security Tools

When it comes to cyber security, the attackers and threats haven’t stopped because of the coronavirus. If anything, they’ve increased dramatically. Below you can find 5 free cyber security tools to help keep your business protected during this challenging time.

1. Odo 

Odo enables the management of least privilege access to internal resources with real-time, intelligent trust decisions based on defined policies and contextual data. During this time, Odo is offering free subscriptions to OdoAccess, its secure remote access solution. This free offer is available to companies for use by employees based in countries impacted by the Coronavirus health crisis, as defined by Odo. 

2. Cyberark

Cyberark specializes in secure privileged access. The company is offering its CyberArk Alero feature – which provides secure remote access to critical systems managed by CyberArk – at no cost through the end of May. The offer is for qualified customers as determined by Cyberark. 

3.  Duo Security from Cisco

Cisco is providing extended free licenses and expanded usage counts for three of its security products at no charge until July 1st 2020. The free products included are: 

    • Cisco Umbrella, which protects users from malicious websites
    • Duo Security, which allows organizations to verify users’ identities and establish device trust – before granting access to applications
    • Cisco AnyConnect Secure Mobility Client, which provides mobile device security

 

4. PC Matic

PC Matic is offering its PC Pro suite of security tools at no charge until June 30th 2020. The software utilizes PC Matic’s real-time whitelist technology to block unwanted and unsafe programs from executing on workstations. In order to qualify, companies must have ten or more remote workstations, and includes all onboarding and support services. 

5. BitDam ATP for Teams

BitDam, who is mainly known for its Advanced Threat Protection solution for O365 email and OneDrive, is now offering its powerful ATP for Teams at no charge for three months. As remote workers use more collaboration tools – such as instant messaging and video conferencing – users are increasingly exposed to further threats as many of these collaboration tools are not fully secure. There are very few security tools solutions for these collaboration platforms, which is why BitDam resolved to offer BitDam ATP for Teams for free.

Navigate This Chaotic Period Safely

With more employees working remotely, and an environment of increasing cyber security risks, it’s more critical than ever to ensure your entire workforce – remote or otherwise – is protected. 

These 5 free cyber security tools are an excellent start to strengthen your security posture. 

Read more
Rotem Shemesh
Rotem Shemesh
4 minutes & 50 seconds read · March 13, 2020

How To Educate Your Employees So They Won’t Be Fooled By Coronavirus Hacks

With Coronavirus, or COVID-19 all over the news, it was only a matter of time before malicious actors exploited the pandemic for their own gain.

Numerous organizations have reported coronavirus-related phishing scams. Various parties have been blamed for spreading everything from disinformation to Emotet malware. Malicious email campaigns have been sent on a huge scale purporting to be from experts such as the World Health Organization, which cynically trick users into clicking links, downloading files or sharing credentials – all of which can have disastrous consequences.

Employees, who are already receiving legitimate coronavirus-related emails from their HR departments, are at higher risk than ever. Working remotely from home compounds the problem even more.

Employees Are Human

Employees are not machines that can be programmed to react consistently. Since they are now more stressed than usual thanks to doomsday headlines, they are more vulnerable to phishing and malware scams that target their pain points and take advantage of their fears.

For example, an email doing the rounds scares users with fake AIDS results, not to mention coronavirus-themed shocks. This climate of uncertainty is exactly what the attackers want to exploit: humans make less-informed – that is to say, worse – decisions when under stress. That’s how otherwise smart, well-educated employees can suddenly find themselves clicking on a coronavirus phishing email – and compromising your network in the process.

Working From Home – Increased Risk

Another factor increasing the impact of coronavirus hacks is the disruption to routine. Flights have been canceled en masse. Thousands have been told not to come into the office, but rather to work from home – including all Google employees in North America.

Not only does this disruption to routine affect decision-making, but it also means that users don’t have access to the security measures they have come to rely on at their offices. For example:

  • Not all companies have Virtual Private Networks (VPNs), and even if they use a VPN, it’s not 100% effective
  • Employees might be using their home computer, with no end-point security and no dedicated email security
  • Employees might have standard security measures in place – such as O365 E3 or Dropbox Enterprise Security – without realizing that this does not protect them from all threats
  • The use of communication platforms such as instant messengers and shared drives is likely to dramatically increase
  • Other conferencing and productivity apps’ usage will spike, such as screen sharing tools, video conferencing platforms and other corporate collaboration tools
  • So much so that Microsoft has offered its premium Teams platform for free over the next six months while Google is making the premium version of its Hangouts Meet workplace video chat tool free until July

The increased reliance on these productivity tools coupled with the lack of security offered by a traditional office setting poses a massive security risk to organizations.

How To Protect Employees

Keeping your employees protected – and by extension your entire network – is no easy task. The best possible protection will leverage a combination of technology, including the latest cyber defense tools, together with awareness and education around coronavirus scams.

Education and Awareness

Educating employees can go a long way towards increasing your organizational security. Now more than ever, it’s critical that you as an employer emphasize the importance of these instructions. While only part of an effective overall solution, the following should be addressed when educating employees:

  • Educate your employees about the coronavirus related scams that are out there, so they’ll be aware and therefore more cautious around any type of corona-related communication
  • If possible, show them real-world examples
  • Educate specifically around how to prevent ransomware attacks
  • Try these templates to help spread your important message without creating confusion (note the Ransomware attack and Phishing templates specifically)
  • Ask them to read coronavirus-related instructions from official websites only
  • Of course, remind employees not to open or download files from an email address they don’t know
  • Have employees be aware of what constitutes a suspicious request, such as any request for account credentials or strange downloads
  • Remind employees the alert procedures so that employees know how to alert their administrator to any suspicious emails or unusual activity

Technology and Cyber Security

Education is important, but without an effective cyber security practice behind you, your organization is highly vulnerable to coronavirus – and other – cyber attacks. When choosing a solution, you should ensure that:

  • Protection is effective independent of employee location and office facilities, and that all collaboration channels are covered
  • Remember these channels are going to be used significantly more due to the decentralization of the workplace thanks to coronavirus, and therefore extra care is required here
  • Since 92% of malware is delivered via email, protecting users’ email is critical. Use an attack-agnostic email security solution, ensuring it detects malware pre-delivery
  • Do this for all collaboration channels that are used when working remotely, as an attack is highly likely to come via Google Drive, for example
  • Even if you are working from home, you can check your current corporate email security posture with BitDam Lucky Meter
  • All the tools employees communicate with are protected, including:
  • Email (covering attachments and URLs)
  • Cloud drives (Google Drive, Microsoft OneDrive, Dropbox etc.)
  • Enterprise Messaging applications (Teams, Skype, Slack etc.)
  • Additional digital communication tools

Many tools protect certain aspects of employees’ day-to-day computer usage, each with varying degrees of success. This makes implementing a comprehensive security solution covering all malware detection and prevention scenarios an essential priority for organizations of any size.

Your Comprehensive Cyber Security Partner

To ensure your organization is secure, you have to continuously test its security posture. This can be done, even from home, using BitDam Lucky Meter which continuously tests your email security against the latest malware samples from the wild.

Deploy it for free and get a sense of your security posture – especially in these crazy times of coronavirus hysteria.

Read more
study 2020
Liron Barak
Liron Barak
3 minutes & 9 seconds read · February 7, 2020

Shocking Study: Our Email Is A Whole Lot Less Secure Than Most People Think

If you were offered a bulletproof vest that protects you from only the second bullet – would you take it? The answer, most likely, is “Absolutely not”!

Yet when it comes to emails, that’s exactly what the vast majority of people sign up for when they trust common email security solutions. Malware, Phishing, Ransomware and by extension Data Breaches are able to breeze through these security solutions – essentially meaning that the vast majority of organizations are leaving their security to chance, hoping they won’t be attacked next.

Finally, and for the first time, it’s confirmed by empirical research. In this groundbreaking study, our latest published findings demonstrate that it’s worse than most people thought: up to 40% of malicious emails get through common security solutions.

Why is this? It’s primarily due to how these common security solutions work.

Why Security Solutions Miss So Much

Dealing with known threats is relatively easy. Most products are built and maintained to handle them. It’s threats that are encountered for the first time, or Unknown Threats, that pose the greatest challenge.

Traditional email security solutions have to first encounter these threats, then analyze them, validate that they are indeed a threat, then classify them and only then can they recognize and stop the threat.

In the meantime, these malicious emails are hitting your inbox and those of coworkers and employees. In fact, we found that the length of time it takes until these threats are actually detected – the Time To Detect, or TTD – is 24-48 hours on average, and often a lot longer. Not very helpful, in fact completely useless when it comes to this vital area of your security.

It gets worse: these threats are now being automated to constantly mutate in order to evade security systems. As soon as the system has learned to defend against one threat, it’s cousin has already evolved to evade those same checks.

What To Expect In The Study

In the study, you’ll find how common email security systems, such as Microsoft’s Office 365 ATP, G-Suite Enterprise and others, have a high miss rate of between 20% and 40% for unknown threats at first encounter.

What’s more, we show how these systems take between 24 to 28 hours to start protecting against the threats they first missed. This Detection Gap means that enterprises are continually unprotected against unknown threats.

Most importantly, we’ll show what you can do to protect yourself.

Key Findings

Some of the key findings over the period of the study include:

Microsoft Office 365

    • Microsoft Office miss rate is around 23%
    • Average TTD is 48 hours
    • Around 20% of unknown threats take 4 days or more to be detected

 

Google G Suite Enterprise

  • Google G Suite Enterprise’s miss rate is around 35%
  • Average TTD is around 26 hours
  • Around 10% of unknown threats take 3 days or more to be detected

Following The Study and Staying Protected

Since data-driven threat detection technologies fail to provide protection against unknown threats due to their inherent dependency on data, they must be augmented by a different technological approach in order to provide better email security.

The BitDam solution is built on top of a unique threat-agnostic detection engine. BitDam’s model-driven threat detection technology at the heart of BitDam ATP allows it to reach extremely high detection rates for unknown threats at first encounter.

Its TTD is zero, so full protection power is available at all times.

BitDam is able to correctly identify all the unknown threats missed by the email security products in this study, making BitDam a natural choice for augmenting current email security products and considerably reducing the risk customers face today from their incoming email.

For more data and insights, and to learn about staying protected against Unknown Threats, visit this page and download the full study.

Read more
Pages:

Schedule a Demo

Enter your email to get a free trial invitation