How SafeGuard Cyber defends against social engineering
Founded in 2014, SafeGuard Cyber is a cloud-native solution that detects and responds to social engineering, ransomware, insider threats, and compliance violations across the modern cloud workplace.
Its award-winning and patented Natural Language Understanding technology analyses and correlates conversations across 30 communication channels and 52 languages. Covering both inbound and outbound communications, its patented Human Communications Understanding enables the ability to understand the context and intent of communications.
SafeGuard Cyber has been recognised by several industry groups and publications and was named one of Cybercrime Magazine's ‘10 Hot Cybersecurity Channels to Watch in 2021’. The company also received eight Cybersecurity Excellence awards for 2022 and the ‘SaaS Security Solution of the Year’ award in 2021.
An increasing number of data breaches is leading to a need for better defences
After a string of recent data breaches at major technology companies like Microsoft, Nvidia, and Samsung by the Lapsus$ hacking group, SafeGuard Cyber has issued safety advice on what steps companies can take to better defend against these evolving social engineering threats.
According to the company, it is particularly important for organisations to protect their digital communications platforms, as attackers may use these channels to escalate privileges inside the company once they have gained access through an employee's account.
Gartner insight projected that businesses would spend more than US$123bn on security in 2020 and projects that figure to grow to US$170.4bn by 2022. The use of malware increased by 358% through 2020, and ransomware usage increased by 435% compared to the previous year, according to a study by Deep Instinct. July 2020 alone saw a 653% increase in malicious activity compared to the same month in 2019.
Taking new precautions to prevent cyber attacks
Monitoring and defence solutions are needed to protect corporate assets against a range of diverse tactics, from insider recruitment to the targeting of help desks and support teams, phone-based social engineering attacks, personal email compromises, SIM jacking, pass-the-cookie session hijacking and more.
SafeGuard Cyber suggests that companies should restrict employees from sharing sensitive information, like email addresses, passwords and unencrypted data/files in communications platforms. It also suggests the need to establish security awareness training for employees. Educate them on the potential risks of using messaging applications, what social engineering methods attackers use, etc.
"Social engineering tactics are constantly evolving, and businesses need to be prepared for a wide range of attacks that can exploit a large, and often far-flung, employee and contractor base, with tactics that are increasingly aiming for below-the-radar targets such as personal email accounts, cell phones and digital communications platforms like Slack," said Chris Lehman, CEO of SafeGuard Cyber. "The recent attacks by the Lapsus$ hacking group demonstrate that even the biggest companies in the world can fall victim to social engineering efforts, especially when they target employees and platforms that are of a lower priority for large corporate security programmes."
