Securing the Future: Insights from Infosecurity Europe 2023

by Vinaya Sheshadri

Infosecurity Europe is one of the leading cyber security events for the information security community and this year’s theme was all around “Securing the Future”.

With the event as content-packed as ever, our Practice lead Vinaya Sheshadri has pulled together his highlights on the latest trends, technologies, best practices, and strategies for securing against cyber threats.

BEC (Business Email Compromised)

Business email compromise (BEC) attacks are on the rise, with an 81% increase in 2022. This type of cybercrime is financially damaging, as scammers exploit the fact that people rely heavily on emails for personal and professional business. BEC scams can occur through various methods like spoofing an email account or website, spearphishing emails, or using malware.

To protect themselves, people should be careful with their online information, examine the email address and URL of correspondence, and avoid clicking on unsolicited emails or messages.

Additionally, setting up two-factor authentication and verifying payment and purchase requests in person or by calling the person to make sure it is legitimate will help protect against BEC scams.

Some of the key BEC topics in 2023 include:

Change of payroll banking information: scammers manipulate email communications to deceive individuals or organisations into changing their payroll banking information, redirecting funds to the attacker’s account.

Gift Card Purchase: In this type of BEC scam, scammers trick victims into purchasing gift cards and sharing the card details, which the attackers can then exploit for financial gain.

Help with a task: Scammers impersonate someone in a position of authority or a trusted individual, seeking assistance with a task that eventually leads to financial loss or compromise.

Techniques used include:

Apply Pressure: Scammers may employ tactics that exert pressure on the victim, such as posing as a superior or implying dire consequences for non-compliance, to manipulate them into complying with fraudulent requests.

Impersonation: Scammers impersonate legitimate individuals or entities, such as a company executive or a vendor, to gain the victim’s trust and deceive them into performing actions that benefit the attacker.

Communication channel switch: Attackers may attempt to change the communication channel used in the ongoing conversation, moving from email to phone calls or other platforms. This technique adds an extra layer of deception and can make it more challenging for the victim to detect the fraudulent nature of the communication.

Everybody was talking about ransomware, phishing and AI  

Ransomware attacks and phishing scams are some of the most common cyber threats that individuals and businesses face today. While AI technology is being developed to help prevent such attacks, cyber criminals are also using AI to perpetrate these crimes.

Google is using machine learning to secure Gmail against phishing attacks. This AI can identify unusual email patterns, flag suspicious messages, track the people responsible for phishing attacks and check the legitimacy of login attempts.

However, AI also poses risks, with cyber criminals potentially using AI-generated text to create convincing phishing attempts that are difficult to detect. AI chatbots, including ChatGPT, are being used to create phishing emails with better grammar and spelling, reducing a key defence against this form of cybercrime.

Supply Chain Risk

Another notable topic that received significant attention at Infosec 2023 was supply chain risk. The increasing complexity of global supply chains has rendered them vulnerable to cyber threats, and a single breach could have far-reaching consequences. One example of this is the exploitation of vulnerabilities in the open-source Apache Log4 logging library used in millions of Java-based applications.

To safeguard against supply chain attacks, some regulatory frameworks provide for third-party risk testing or have vendor compliance standards. The conference offered a session on MITRE’s prototype System of Trust (SoT) framework for evaluating supply chain risk. The tool is now available for organizations to use in assessing supply chain security and it can be customized to fit businesses’ unique needs.

Phishing as a service (PhaaS)?

Phishing-as-a-Service (PhaaS) uses a software-as-a-service business model providing access to a phishing kit in exchange for a fee (as little as $15 USD a day). These kits include the capabilities and tools required to launch a phishing attack, often including email templates, spoof website templates, contact lists of potential targets, detailed instructions on how to execute an attack, as well as access to “customer support.”

New technology like ChatGPT makes phishing more accessible. The AI chatbot has already proven its ability to write emails indistinguishable from a human, with perfect spelling and grammar as well as a faster turnaround to news being shared publicly. Also, its built-in translation capabilities enable attackers with limited English skills to “write” convincing, high-quality phishing emails.

Cyber threats are becoming increasingly sophisticated, and due to new technologies, we can expect to see this continue at an unprecedented pace. It is crucial for businesses to stay informed, adapt their security measures, and foster a culture of awareness and preparedness. to navigate the intricate cyber landscape with confidence, ensuring the protection of valuable assets and securing a resilient future.

By Vinaya Sheshadri