decrypting myths
to understand the
human behind the
email address. Rather
than inspecting incoming
traffic at the surface-level
and asking binary questions,
this paradigm shift away from
this insufficient legacy approach
asks the right questions: not simply
‘are you malicious?’, but crucially:
‘do you belong?’
Informed by a nuanced
understanding of the recipient, their
peers and the organisation at large,
every inbound, outbound and internal
email is analysed in context, and
is then re-analysed over and over
again in light of evolving evidence.
Asking the right questions and
understanding the human invariably
thousands or even millions of emails
could have been successfully delivered.
As soon as the attack infrastructure is
worn out, the attackers will abandon it
and very easily just purchase and deploy
a new set of domains.
And so, the vicious cycle continues. Like
a game of ‘whack-a-mole’, these legacy
‘solutions’ will continue to hammer down
on recognised ‘bad’ emails – all the while
more malicious domains are being created
Cybercriminals play
into fear, uncertainty
and doubt (FUD)
through a number of
mechanisms and we
have since seen a
variety of imaginative
attempts to engage
recipients.
in the thousands in preparation for the
next campaign. This is the ‘Domain Game’
and it’s a hard game for defenders to win.
Asking the right questions
Thankfully, the solution to this problem
is as simple as the problem itself. It
requires a movement away from the
legacy approach and towards deploying
technology that is up to par with the
speed and scale of today’s attackers.
In the last two years, new technologies
have emerged that leverage AI, seeking
sets a far higher standard for acceptable
catch rates with unknown threats on first
encounter. This approach far outpaces
traditional email defences which have
proven to fail and leave companies and
their employees vulnerable to malicious
emails sitting in their inboxes.
Rather than desperately bashing away at
blacklisted domains and IP addresses in
an ill-fated attempt to beat the attackers,
we can change the game altogether,
tilting the scales in favour of the
defenders – securing our inboxes and
our organisations at large. u
www.intelligentciso.com | Issue 26
69