Via recent customer conversations and surveys, we found that many organizations are continuing to prioritize cyberattack prevention over detection as they allocate cybersecurity resources. Of course, a robust cybersecurity posture includes effective technology, processes, and employee training to prevent as many attacks as possible. However, cyberattacks continue to grow in complexity and volume. As difficult as it is to come to terms with, the reality is that you are going to be attacked and it is vital to include detection and response to your cybersecurity strategy.
Wednesday, July 15, 2020, was a reminder to us all. Twitter, one of the most sophisticated technology players in the industry, was forced to disable large blocks of service for about two hours. Starting at approximately 4:00 pm EST, dozens of prominent Americans, Joseph R. Biden Jr., Barack Obama, Kanye West, Bill Gates, Elon Musk, and many others posted messages on their Twitter feed asking readers to send Bitcoin and promising double the money would be sent in return.
Of course, these scam messages were delivered by hackers after a successful breach. While the attack is under investigation, Twitter stated that they currently believe that the accounts of several employees, who had access to internal systems, were compromised in a coordinated social engineering attack.
While statements from Twitter’s leadership relayed that they believe the attack was an external one, Vice describes a more concerning scenario. A Vice reporter claims to have spoken off the record with some of the hackers involved in this Twitter attack. According to the article, the hackers “paid off a Twitter employee to gain access to a tool that provides deep control over high-profile Twitter accounts.”
Whether it was a coordinated social engineering attack or insider compromise, it is important to note that Twitter is defending itself against countless attacks and threats every day. Even with its ample resources and large IT security team, attacks still succeed and cause tremendous damage—both revenue reduction and reputational damage. Given the enormity of Twitter’s platform, a two-hour reduction in service likely cost the company hundreds of thousands of dollars in advertising revenue on top of reputational damage. Even though these attacks were very costly, it’s mind-boggling to think about how much additional damage could have been inflicted if not for the talent and expertise of their security team.
Most companies, particularly the small- and medium-sized organizations, do not have the large and multi-disciplined cybersecurity teams needed to defend against and recover from sophisticated and relentless cyberattacks and in many cases are not well-positioned to quickly identify internal misdeeds. However, leveraging managed detection and response and advanced e-mail security services with social engineering protection and data loss prevention allows smaller players to utilize the technologies and expertise that large companies are using to detect external attacks and internal threats.
If you need help strengthening your detection and response capabilities, or if you need to further strengthen your organization’s e-mail security, don’t hesitate to reach out—firstname.lastname@example.org or 800-234-2175. We’re happy to help.