Barracuda Networks on June 28 announced the release of Barracuda Sentinel, an artificial intelligence-based solution to the increasingly targeted spear phishing campaigns experienced by all sizes of government and industry.
“Spear phishing is rampant. It’s no longer just the large enterprises or C-suite that need to be on high alert—everyone is a target,” said Asaf Cidon, vice president of content security services at Barracuda Networks. “We see novel combinations of highly personalized tactics—spoofing your domain, impersonating your CEO, engaging in convincing conversations with your employees. In today’s dynamic threat environment, the best defense includes a combination of people and technology. Barracuda Sentinel leverages artificial intelligence to give customers—people—a comprehensive way to stop spear phishing and cyber fraud attacks in real time.”
Barracuda’s solution works by monitoring the tone, context, word use, and other aspects of emails to determine whether a received email is from a legitimate sender versus a hacked or spoofed email account. If an email is determined to be spear phishing, the service quarantines it and notifies network administrators.
“As our research shows, CEO fraud/[business email compromise] attacks are on the rise. Attackers are constantly evolving their tactics to evade defenses, and are more frequently targeting lower-level employees who might have access to sensitive information or who might have authority to authorize or send payments,” said Michael Osterman, president of Osterman Research. “Barracuda Sentinel’s ability to learn an organization’s unique communication patterns is important for any organization looking to identify high-risk employees and have comprehensive protection from these types of attacks.”
According to Cidon, this is an important improvement over traditional monitoring approaches, which rely on global rule sets to flag known malicious files, as many spear phishing campaigns “don’t contain a lot of the markers that traditional security solutions look for.”
“You just can’t take this kind of heavy-handed approach,” said Cidon. “It’s basically impossible, in my humble opinion, to do this without AI.”
Cidon warned that governments of all sizes are particularly vulnerable to attack, as their networks are often repositories for large amounts of sensitive information.
“They are a target, not just at the Federal level, not just NSA, CIA, the Democratic National Party,” said Cidon. “We’ve also seen a lot of these attacks in even local governments.”
According to Cidon, Microsoft Office 365 will be the first email platform to launch the Sentinel service, and this platform will still be responsible for the secure storage and delivery of emails, ensuring privacy and the fulfillment of government security requirements.