Strategy

;

The Rise of Cybercrime-as-a-Service

by Orlando Scott-Cowley - Cyber Security Specialist

Posted

It’s long been said that when botnets first appeared, they were the first usable forms of cloud computing. Now with hindsight they fit the NIST definition of cloud computing very well and have become rapidly scalable and on-demand.

More recently criminal malware has taken a turn towards being more akin to enterprise-grade software through its entire lifecycle. It’s not unusual to find your rental of a botnet now comes with 24x7 support and channel reseller margins. Buying exploit kits, renting botnets, and using enterprise-grade cloud technology, Crime-as-a-Service (CaaS) has become part of the latest breed of XaaS, offering the same benefits of cost and complexity reduction as well as lower barriers to entry. Using CaaS gives anyone an instant criminal business model in the cloud.

What we know today, is that CaaS is starting to have its own marketplace, run by well organized criminal mega-gangs; support contracts for purchasers are not uncommon.
What we know today, is that CaaS is starting to have its own marketplace, run by well organized criminal mega-gangs; support contracts for purchasers are not uncommon.

CaaS has been given much publicity since the 2014 Internet Organized Crime Threat Assessment (iOCTA) report from Europol described the commercialization and availability of the technology and how it’s impacting legitimate enterprises in real time.

The rise of CaaS is another step on the roadmap of the crimeware that has been instrumental in many of the most recent attacks, where Zeus and its variants like Citadel and Gameover have led to significant loss of data. What we know today is that CaaS is starting to have its own marketplace, run by well-organized criminal mega-gangs; support contracts for purchasers are not uncommon, nor are healthcare and pension plans for employees.

This threat takes how we think about our own protection to a new level. The high-profile breaches of the last twelve months all managed to evade well known or best of breed corporate defenses, so it’s no surprise that enterprise IT managers and CIOs are starting to lose sleep about their next big breach. In many cases, this fear is born out of a realization that platforms like CaaS have become rapidly more advanced than the protections they have within their own environments.

Targeted Threat Protection is once again at the top of the agenda, for C-level managers, as well as those who deploy and run the technology. The sophistication of the attacks means we can no longer sit back and wait for our protection to do its job. We all need to become much more actively defensive – not offensive, but active in our defenses.

FILED IN

If you want to succeed in Australia you can’t just commit to a sales and support presence. Putting down technology roots is vital, especially if you aspire to grow government and financial services sectors.

Since opening in Melbourne in July 2013, Mimecast has experienced strong growth in the region and now it’s time for us to put down deeper roots.

So we’re pleased to confirm we’re in the final stages of preparing local data centers in Australia. This investment is designed to help Australian organizations protect email with security, continuity and archiving cloud services while meeting increased customer demand for local data residency.

The two new identical data centers in separate locations in New South Wales will join a global network of ten data centers in five countries around the world currently serving the email security and data needs of over 13,000 customers and millions of their employees.

Like in the rest of the world, email continues to be the most prevalent business communication tool in Australia, used to collaborate and share information around the world. It’s also used as key record of business activities, subject to increasing compliance, legal and e-discovery requirements, including the Australian Privacy Principles. Meanwhile, tolerance for email downtime is almost zero, yet it’s increasingly under constant attack from a wide range of adversaries.

In short, we believe a very high concentration of Australian businesses most valuable corporate data is held within email. Data loss, leakage or security breaches from email have been shown to have devastating effects. These new data centers will support our mission to support customers in reducing the risk, cost and complexity surrounding email and give employees a better experience too.

Cloud services are growing in their popularity with Australian businesses and Microsoft Office 365 is becoming a popular primary email service. We intend to take advantage of this trend with our suite of complementary cloud services for Office 365. Mimecast helps its customers put in place cloud-on-cloud protection that complements their security and archiving capabilities under Office 365, as well as mitigating a potential single vendor exposure they have in the event of service downtime.

If you’d like to learn more about our plans in Australia, why not come and visit us at AusCERT 1st-5th June. Mimecast is exhibiting at booth S36 and I’ll be presenting ‘Email: The New Frontier in the Defence of Corporate Data’ on Thursday, 4th June 15.25-16.05.

FILED IN

Mimecast Wins Two Midmarket Technology Awards

by Bekim Protopapa - General Manager, Mimecast North America

Posted

Cyber-criminals don’t discriminate by size when it comes to selecting an organization as a target of attack. In fact, recent high-profile data breaches have taught us that mid- or smaller-sized businesses are often a target of those trying to attack larger organizations, as they are seen as a soft way to infiltrate a supply chain.

This is why midmarket businesses must pay attention to their data security and deal with the same email-related risks as larger enterprises – they need to improve email security, protect data and prevent the threat of new attacks, like spear-phishing. The difference, though, is that many in the midmarket are doing so with limited budget and IT resources.

But midmarket businesses don’t have to sacrifice email and data security because of these restraints. Mimecast helps midmarket organizations get out of the business of running email on multiple point solutions, which is costly, complex and eats up IT resources. We provide best-of-breed security, archiving and continuity services for email in the cloud that allows businesses of all sizes to get the protection they need without prohibitive cost.

This is why we believe Mimecast was recognized by two leading midmarket IT organizations for providing email services in the cloud that meet the specific needs of medium-sized businesses.

Mimecast was named "Best Vendor, Service" at the spring 2015 Midmarket CIO Forum. The awards recognize powerful partnerships between technology vendors and enterprise IT teams that deliver measurable value to the IT organizations. Selected by a panel of CIOs, Mimecast was recognized as a leader in the IT Vendor Excellence category for providing an “established service that has been exemplary in specifically meeting the needs of the midmarket.” In addition, Mimecast was named “Best Midsize Enterprise Summit Newcomer” at Enterprise Summit East 2015 for a “strong market need” for its services.

Sometimes, mainstream media does not recognize fully the contribution the mid and smaller companies make to the economy. In truth, it’s often the most exciting frontier in terms of new business practice and technology adoption. However, it’s also a security battleground that needs a fundamental rethink to keep up with increasingly sophisticated threats. It’s the responsibility of technology providers like Mimecast to meet this threat in partnership with the smaller businesses and organization.

Moreover, I can honestly say, it’s a challenge we’re excited about.

If you'd like to learn more about our email archiving service, which is popular amongst our mid-sized customers, please click here.

FILED IN

In tennis, you never want to commit an unforced error. These are the worst kind of point-costing blunders a player can commit – the completely avoidable, self-inflicted ones that have nothing to do with the skill of the opponent or the excellence of their shot.

Losing to an exceptional opponent is not (really) something a tennis player can control, but losing because of an untimely, unforced error, or a series of them, is a different story.

If you've ever worked in information security, you can probably see the parallel.

Every day, you fight talented opponents of your own – sophisticated cyber-criminals who constantly evolve their methods to exploit any and all vulnerabilities you may have. And every day, you and your peers are losing battles to these criminals, who can exploit both your unforced errors – self-inflicted failures of your cybersecurity technology – and create clever schemes that trick your users.

These attackers have a strong track record – more than half of U.S. small businesses now say they have been victims of a cyber attack, according to the National Small Business Association (NSBA). And an overwhelming majority of these attacks – 91 percent – begin with email-based phishing and elaborate, highly targeted spear-phishing schemes.

These attacks are so effective because of the simple fact an IT department can't completely control all of its users, all the time – they're too unpredictable, and it only takes a mistake by one user for a breach to be successful. However, what an IT department can control is the technology it uses to protect its email systems from spear-phishing attacks. Failure to do so is an unforced error that could cost you.

You certainly wouldn't be alone. Secure Mentem President Ira Winkler, speaking at RSA Conference 2015 in San Francisco, said that even though users get the blame following a successful spear-phishing attack, it's usually a failure of technology that allows the socially engineered email bait to arrive in their inboxes in the first place.

Technology should be your first – and second, third and beyond – line of defense. If a malicious email is neutralized by your spear-phishing defenses long before it even reaches your employees' inboxes, they won't even have a chance to facilitate the attack unknowingly – users can't click on links or download attachments that they never see.

That's where Target Threat Protection (TTP) comes into play. With this technology in place, CIOs, CISOs and IT department heads gain the peace of mind that their users are protected against targeted spear-phishing attacks. Even if – or perhaps, when – a user clicks on the wrong link or downloads the wrong attachment, IT departments will know they have a fail-safe in place to end the attack before it spreads.

As Winkler said during his RSA session, "there is no such thing as a perfect countermeasure," and he's right. But TTP will reassure you that you have the technology you need to create a first line of defense.

To learn more, please see our new whitepaper, "The Spear-Phishing Attack Timeline" which walks through the stages before, during and after a spear-phishing attack and provides a minute-by-minute look at how these attacks can be prevented.

FILED IN