Lineal at Barracuda Discover24

Lineal staff recently attended Barracuda Networks’ Discover24 event in Vilamoura, Portugal, to take part in the security provider’s annual conference.

In front of a capacity crowd of cyber security partners from more than thirty countries across Europe, the Middle East and Africa, the award-winning US security giant revealed its latest platform developments and insights into anti-cybercrime efforts around the globe.

Barracuda email security solutions protect more than eight million email inboxes worldwide, and screen a staggering 280m malicious email threats per week. For countless organisations, email remains the single-biggest attack vector for everything from credential phishing to impersonation scams, and Lineal has used Barracuda solutions to protect our clients for more than ten years.

Barracuda Discover24 Main Stage

However, in the past decade the provider’s unrivalled platform has expanded its solutions across the technology space dramatically – and now has an impressive array of specialised security solutions for everything from backup and firewalls to application security and highly-advanced security operations centres offering Extended Detection & Response (XDR).

Among the new technology demonstrated was cutting-edge AI assistance that uses machine learning to help detect malicious emails containing little actual text, and impressive statistics for catching emerging threats, ransomware incidents, attacks on APIs and even SaaS applications.

Barracuda also announced a range of planned upgrades and standardisations to their own platforms to help end-customer organisations deploy solutions faster and more effectively.

 

For Cyber Security support and expertise, please contact our team today.


AI saves the day

AI lent a helping hand to one of our technical support teams last week to help Lineal save a local business from an email hack.

At 07:40 GMT on a seemingly normal week day, Barracuda Sentinel issued an alert to Lineal to say an account had been accessed from a suspicious location.  It seemed a malicious actor, appearing to be from Nigeria, compromised one of a client’s finance department email accounts, and created a forwarding/delete rule in the inbox.

Barracuda Sentinel’s AI email protection caught the account takeover attempt, and as a result, we were able to mitigate and resolve a significant threat to one of our customers. Barracuda Sentinel detects both account takeover attempts and attacks launched from compromised accounts.

Corporate account takeover presents a significant new threat to business. Hackers gain access to email accounts and use them as tools to launch subsequent targeted attacks, internally and against external targets – who themselves fall victim.

Account takeover or attacks that originate from these accounts are almost impossible to detect as they don’t use the usual impersonation techniques—they come from a legitimate account and appear to be from a trusted source, allowing the attacker to initiate sophisticated financial scams.

Lineal automatically picked up the alert & create an incident in Barracuda Sentinel.  Sentinel remediated the issue with an immediate password reset, disconnecting all active logon sessions for the user and deletion of any rules created during the incident time.  Within 40 minutes this potentially disastrous event was avoided.

Barracuda’s worldwide threat protection network automatically gathers intelligence from inboxes around the world to deliver award-winning security, checking both inbound and outbound email to stop the spread of cyber-threats and malicious communications.  To find out more visit our Barracuda Email Security page on our website.

This risk could have easily been mitigated by using any of Lineal’s services, such as:

  1. Using Multi-Factor Authentication (MFA) on the account,
  2. Barracuda Sentinel-type tools to alert/remediate on compromise,
  3. Having Azure P1/P2 licensing to allow the use of conditional access to prevent sign-ins from risky locations, untrusted countries, etc.

If you would like to find out more about Cybersecurity and how Lineal can help protect your business please contact us.


Number of Covid-19 Scams Explodes

The volume of Covid-19 scams and phishing emails has increased dramatically in recent weeks according to cybersecurity authorities.

Email security software and cybersecurity provider Barracuda Networks has reported a 667% increase in phishing emails throughout the pandemic.

Common scams include pretending to represent Government, law enforcement or medical authorities to obtain information or financial payment, blackmailing users with threat of infection, donation requests for fake organisations, and malware distribution – including one new ransomware even dubbed ‘Coronavirus.’

Barracuda Covid-19 email scams graph

Via Barracuda: Source 

In a joint statement published in April, the UK National Crime Cyber Security Centre and US CISA (Dept. of Homeland Security) notes the sudden rise in Covid-19 scams, and even highlight instances of SMS text-messaging phishing attempts mimicking UK Government text alerts.

In the example cited, a fake compensation payment is offered to entice the user to hand over details via an imitation UK Government website.

covid-19 scam sms phishing example

There has also been a growth in online hackers and trolls targeting Zoom and other video conferencing platforms. Users unfamiliar with this kind of software in particular may prove an easy target for cyber criminals.

Phishing scams are part of a larger trend of online Covid-19 themed fraud. In March, the NCSC removed around 500 fake online shops claiming to be selling fraudulent virus-related items over the internet.

Google currently estimate that Gmail filtering is blocking over 100 million phishing emails each day, and that almost 20% of online email scams now refer to Coronavirus (around 18 million) – likely to be the largest phishing ‘theme’ in history.

 

For cybersecurity expertise and assistance, please contact Lineal today.


4 Ways Email Filtering Rescues Your Inbox

Email remains a, if not the, key threat vector for protecting organisations from cyber crime – with around 90% of cyber attacks beginning by compromising an unsuspecting user via email.

Today we take a closer look at some of the clever tricks of Barracuda’s email filtering & security service, and why the small investment to protect your inbox  is worth it:

 

Attachment Scanning

In addition to profiling every email which passes through its live email filtering service in seconds, Barracuda scans each email attachment for signs that the contents might be malicious.

As cyber criminals begin to use more sophisticated means, it’s worth implementing this to prevent macro-enabled office documents, infected PDFs and similar file download tricks from catching out users who might be curious to open a dangerous attachment.

 

Outbound

Barracuda email filtering scans not just incoming, but outgoing emails from your hosted mail service or mail server, ensuring not only that your clients are protected from suspect emails, but that staff cannot circulate threats further within your organisation.

Anybody familiar with being caught in a reply-all ’email storm’ knows how quickly bad email can spread internally – be part of the solution yourself, not the problem.

Email Spooling

In the event that your email service falters, clients quickly begin receiving bounce-backs, which leave a poor impression of customer service.

This is avoidable – routing via Barracuda’s email servers, emails will temporarily ‘spool’ like planes stacking over an airport, ensuring onward delivery later when the service comes back online. This ensures any unfortunate interruption to communications is not immediately visible to your clients.

 

Long Term Recovery

Hosting your email in the cloud with Microsoft Office 365? Everything is backed up in the cloud, correct? Not quite – even Office 365 has a 30-day recovery period on deleted email, and emails can ultimately only be restored individually.

This retention period can be longer, or even unlimited, with Barracuda email backups, making sure that emails can be recovered long after staff have deleted them, accidentally or otherwise.

This extra silo of automated email backup protects not just against employee negligence or malpractice, but also common digital breaches such as compromised accounts.

 

For cyber-security and IT expertise – please contact our team today.