Unfortunately, BEC continues to evolve with attackers using account takeovers (ATOs) as a crucial element of supply chain attacks. Compromised credentials and emails lend authenticity to sophisticated Type 3 and 4 supply chain-based BEC attacks and allow attackers to evade detection for longer periods. For example, there are indications that attackers in the SolarWinds supply chain attack compromised the company’s Microsoft Office 365 email as part of the drawn-out campaign.
Based on what we’ve seen in customer environments and in the wild, here’s our annual guide to understanding the ongoing evolution of BEC.
Format: |
|
Topics: | |
Website: | Visit Publisher Website |
Publisher: | Cloudfare |
Published: | January 28, 2021 |
License: | Copyrighted |
Copyright: | © 2021 Area 1 Security |