PERSPECTIVES FROM THE FIELD SERIES

The strength of Indiana is that we bring together a variety of perspectives from the plethora of areas that touch the field of cyber, especially through the Indiana Executive Council on Cybersecurity (IECC). Hence the name "Perspectives From the Field Series" in which we invite experts to discuss the real and challenging issues we are facing in the field and the proposed solutions from the experts to better the lives and businesses of all Hoosiers.

In the latest installment of our series, we go to Kevin Mabry – founder, president and CEO of Sentree Systems Corporation, a data security consulting firm dedicated to helping small- and medium-sized businesses –  who shares his perspective about the impact cybersecurity scams – such as Business Email Compromise (BEC) – are having on organizations – of all sizes – and what companies can do to protect themselves.

By Kevin Mabry

Every day, when a business opens its doors, which, these days, can be defined as simply turning on its computers or its digital networks, it’s not unusual for a problem or two to come up.

And regardless of the type of business you’re in, there’s a good chance that the health and well-being of your cybersecurity is at (or very close to) the top of the list of your priorities. When it comes to the types of threats that are out there, Business Email Compromise (also known as Email Account Compromise) is rapidly emerging as one of THE most prevalent and sophisticated scams worldwide.

According to the FBI, the BEC/EAC scam – between July 2019 and December 2021, accounted for a 65 percent increase in terms of the amount of exposed losses (that includes both the amount of actual and attempted loss in US dollars). What’s more, this type of cybercrime – at a cost of more than $43 billion – has been reported in all 50 states and 177 countries, with more than 140 countries receiving fraudulent transactions.

Yet, for all of its complexity, a BEC/EAC begins with a bad actor who gains access (to a company’s email system) by making it appear as though they are the CEO, owner, or some other executive.

Recently, there was a company in the financial services industry, in which someone tried to log into the owner’s email (from overseas) during a time they were not in the office.

Fortunately, the company was alerted to the issue (by having their systems monitored externally, reviewing all of their logs and events coming in from any devices or emails) and they were able to confirm that the person was not using their email at the time. In doing so, they were able to stop the attack from occurring.

There are other ways to help protect your company and minimize the potential risks associated with a BEC/EAC that includes:

• Changing the password of the owner’s (or other executives) email address(es);
• Use their password vault to generate it and store it in the vault;
• Turn on 2FA (2 factor authentication) for all emails.

If this incident had been successful, they could have sent a request to one of the other staff members to release or send an ACH transfer payment to a false account.  This type of action is very difficult and, often times, is almost impossible to reverse.  The client would have simply been out of that money and on the hook for the amount. As you might expect, the company was very pleased with the action that was taken.

Therefore, it is very important to have the right security tools in place, not just more security tools.  We just can’t say that “if only” they had an EDR, XDR or just an antivirus and a firewall, they would have never gotten the insight to stop this attack.  Rather, it’s a better solution to have someone – or a team of someones – working together as a team for monitoring everything that’s occurring in your environment.

Changing our mindset away from “set it and forget it” when it comes to data security, is a better approach. Otherwise, there’s simply too much at stake.