Don’t be the weakest link: protecting your supply chain from targeted malware attacks

By Chris Dye, VP Marketing & Communications Glasswall Solutions.

  • 8 years ago Posted in
Every senior manager knows that falling prey to a malware attack could yield catastrophic results. But what if that malware spread beyond your own systems, taking your partners, customers and supply chain down with you?

Cybercriminals have been busy over the past year, carrying out an alarming number of malware attacks varying the payload from types that enable access to confidential client or personnel data to a recent wave of ransomware attacks. Yet despite a growing awareness, these attacks continue to be successful. With file-based attacks accounting for 94 per cent of successful data breaches, a growing number of organisations have admitted that they are helpless to prevent future attacks. The answer, so far, has been to focus instead on detecting and responding to malware after it has already made its way onto the organisation’s system. At the same time, an equally important concern is beginning to gain the attention of those managing the security of their organisation’s reputation.

Security surrounding outbound emails is becoming a higher priority for IT professionals, as the fear of infecting a business partner, supplier or customer via corrupted attachments is becoming a reality, especially in organisations like law firms, who employ Lawyers and Partners that send and receive hundreds of emails and file attachments to and from their clients each day. Needless to say, any organisation implicated in the unwitting spread of harmful malware could face irreparable damage to its reputation, inevitably losing the trust of important clients and partners and feeling the consequential damage to profits.

The amount of goodwill that can be lost shouldn’t come as a shock, considering the potential cost of suffering a data breach:

High-profile incidences in recent years have led to a shake up of Regulation which will introduce steeper fines and even publicly name companies who suffer data breaches.  Growing concern from increasingly cyber aware consumers have all created a heightened sense of caution for companies in all sectors. As a result, any organisation suspected to be unknowingly sending malware to its partners and clients will have difficulty in maintaining any sort of relationship, or at best be in a weaker position commercially.

Finding a clear answer

In response to these concerns, many organisations are turning to digital signatures to authenticate document origins, and encryption as a means of securing their email communications. While these security methods offer some solace, by protecting the contents of a message from being intercepted and accessed by an unknown third-party, relying too heavily on encryption and digital signatures provides less than perceived protection should the endpoint generating the document become compromised at any point.

In this case, all that encryption will accomplish is securely delivering an infected file - which could potentially have even greater ramifications from the recipient if their system were to become infected. With hackers becoming increasingly adept at operating unseen, through a combination of advanced, timed embedded malicious code and highly-targeted social engineering, an increasing number of organisations are becoming unwitting accomplices in the spread of malware, regardless of how confident they are in their inbound and outbound security solutions.

With this in mind, the validation and integrity of outbound files should be a main objective for ensuring trust and security of any organisation. Any business process that requires encryption or digital signatures applied to files, must ensure they are validated, their integrity guaranteed, and then signed in order to ensure any risk of spreading malware is nullified.

In order to be seen as trustworthy by clients, organisations must be able to ensure their clients that only clean versions of original files to leave – and enter – their systems.

The uncompromised solution

Available to the market are innovative technologies take a brand new approach to ensuring the validity of outbound files – whether they be PDFs, Word, PowerPoint or Excel files.

Typically, these solutions makes no assumption about the integrity of outbound files. Instead of simply encrypting files before they are sent, they either create an image based replica or regenerate a brand new version of the original that is guaranteed to be free of any malicious code in real time.  Being email security platforms, these solutions need to be as near wire speed as possible, whilst breaking each file down to byte-level, so it can be fully analysed and rebuilt with only code that is known to be safe.  This is cutting edge technology, that organisations are actually finding works, allaying their general mistrust of cyber security solutions being effective.

This new and innovative approach runs contrary to legacy cybersecurity solutions, which instead look only for elements that are known to be malicious, or have a signature to block anything bad. The benefit of the “known good” approach is that it doesn’t need to rely on constant updates, which would typically need to be released each time a new macro or other exploit is discovered.

By implementing a different solution as part of a layered security approach to supplement conventional encryption and digital signatures, organisations can be assured any file they are sending to a client or partner is not just protected, but more importantly, uncompromised.

By Barry O'Donnelll, Chief Operating Officer at TSG.
By Dr. Sven Krasser, Senior Vice President and Chief Scientist, CrowdStrike.
By Gareth Beanland, Infinidat.
By Nick Heudecker, Senior Director at Cribl.
By Stuart Green, Cloud Security Architect at Check Point Software Technologies.
The cloud is the backbone of digital cybersecurity. By Walter Heck, CTO HeleCloud
By Damien Brophy, Vice President EMEA at ThoughtSpot.