Business email accounts faced an increasing amount of cyber attacks in the 2018 second quarter, according to a new report from Beazley.
The report is specific to information handled by the specialist insurer’s Beazley Breach Response Services team.
About 23 percent of incidents reported to BBR were involved with email, with the worst hit organizations using Microsoft’s Office 365 cloud-based productivity product, Beazley found. The attacks also hit broadly across multiple industries.
“Business email compromise attacks are among the most expensive data breaches we see,” Katherine Keefe, head of BBR Services, said in prepared remarks. “Years of emails often need to be combed through to identify personally identifiable information or protected health information that has been compromised. In the majority of cases, multiple inboxes are compromised.”
In April, Beazley’s last report on the issue noted that cyber criminals are targeting business email accounts at an accelerated rate.
These attacks were costly. Larger attacks scale email attacks could cost more than $2 million, particularly if they involved the sending and receipt of personally identifiable information and protected health information, according to the specialist insurer’s findings. Costs would cover legal, forensics, data mining, manual review, notification, call center and credit monitoring.
Beazley noted that even a smaller email cyber attack isn’t cheap, as it can easily surpass $100,000.
Beazley said that turning on two-factor authentication (password and user name, plus unique personal information) can help counter these kinds of email attacks. Another way that works: Disabling the ability for third-party applications to access Office 365.
Here are some other highlights from the Q2 Beazley report:
The full report from Beazley Breach Insights is “Office 365 email attacks continue relentless rise.”
Source: Beazley