Gold Application Development
Gold Data Analytics
Gold Cloud Platform
Gold Cloud Productivity
Gold Enterprise Mobility Management
Silver Messaging
Silver Collaboration and Content
Silver Small and Midmarket Cloud Solutions
Certified Gold Partner for over 20 years
Malicious Activity Detector
According to the FBI’s Internet Crime Report, the largest financial losses occur as a result of Email Account Compromise. Hackers use a series of effective techniques to get access to an email account and use it for ACH fraud, information theft, and malware (ransomware) distribution.
Breach attack methods include:
- Email Malware Attachments (zero day)
- Credential Reuse
- Dictionary/Brute Force Attacks
- Social Engineering (malicious insider)
- Unsafe Email Links
- Obfuscation
- Shared Credentials
- Cloned login commonly called… “Man in the Middle” Attack
Multi-factor Authentication (MFA) is one technique to prevent attacks.
Unfortunately, MFA fails against “Man in the Middle” and “Spear Phishing.”
B2B’s Malicious Activity Detector (MAD365) was co-written with Microsoft and sets and correlates activity against the following policies:
- Impossible Travel (login from two distant locations)
- Infrequent Country
- Anonymous IP address
- Multiple failed login attempts
- Creation of forwarding/redirect rule
- Suspicious email sending pattern
- Unusual multiple file download
- Unusual file deletion activities
- Unusual administrative activities
MAD365 uses a series of indicators to determine breach risk.
This risk information can be used to:
- Pro-actively suspend breached accounts
- Display a ranked report for manual remediation
John Chambers, CEO of Cisco is famously quoted as saying, “There are two types of companies: those who have been hacked , and those who don’t yet know they have been hacked.”
We would add a corollary that says, “Put barriers in place to prevent breaches. But more importantly, put processes in place to detect and stop breaches before they do harm.”