Email Threats

Supply Chain Attacks

Today’s businesses rely on hundreds of interactions with suppliers and partners at every digital layer.

An organization’s defense is only as strong as the weakest link in its supply chain. Attackers are increasingly using third parties to carry out attacks.

of businesses review the risks posed by their immediate suppliers

Cyber Security Breaches Survey 2022

of cyber attacks exploited the trust of customers in their supplier

ENISA Threat Landscape for Supply Chain Attacks 2021

4.9

average cost of a successful phishing attack

IBM 2022 Cost of Data Breach Report

Attacking through the inbox

Email is the number one way that companies communicate with one another, and a compromised supplier poses a serious risk.

Attackers can hijack the communications chain to send phishing emails or invoices from trusted supplier accounts.

Because attackers have hijacked legitimate accounts, their emails bypass gateways and other static email defenses.

How a supply chain attack might unfold

Read the blog: Supply Chain Fraud

Third-party supplier account compromised through successful phishing attack or ‘data-dump’ on Dark Web

2. Attacker poses as third-party and sends fake invoice with new bank details

3. Legacy email security marks as safe due to lack of links or malicious attachments

4. Attacker poses as third-party and sends fake invoice with new bank details

Third-party supplier account compromised through successful phishing attack or ‘data-dump’ on Dark Web

2.Third party supplier account compromised through successful phishing attack or ‘data-dump’ on Dark Web

3. Attacker sends a targeted phish containing a login request, which bypasses security rules because it comes from a known account

4. Employee enters credential and keystrokes are logged and sent back to attacker

5. Attacker uses employee account as springboard for next stages of the attack, culminating in significant data loss or ransomware

Block or allow: A recipe for disaster

Email security tools that rely on reputation checks and make binary decisions based on whether or not the sender is ‘trusted’ are ill-equipped to deal with supply chain attacks.

Email security in 2023 needs a different approach that isn’t stuck in the past.

Darktrace/Email learns every interaction. Every email. Every account.

Darktrace uses AI to learn what normal communication looks like for every email user, in order to spot the subtle signs of anomalous emails sent with malicious intent, no matter who has sent them.

If an email poses a threat, Darktrace/Email takes autonomous action to hold it from the inbox or neutralize the risky element.

Discover Darktrace/Email

Darktrace presents a digest explaining what action it has taken and why

A hypothetical supply chain attack – with Darktrace

Third-party supplier account compromised

through successful phishing attack or ‘data-dump’ on Dark Web

Attacker poses as third-party

and sends email containing a fraudulent invoice or unusual link

Darktrace/Email pieces together subtle signs

of attack, including: out of character, suspicious link, attempted solicitation

Risk is neutralized

with targeted action that causes minimum disruption to the business

13 days

Darktrace analysis reveals that other email security solutions, including native, cloud and ‘static AI’ tools, take an average of 13 days from an attack being launched on a victim to that attack being detected. Darktrace’s approach means those attacks are neutralized instantly.

Business uninterrupted

Don’t let the fear of attacks slow your business down. Because it assesses each email for individual risk, Darktrace/Email allows legitimate communication between organization and supplier to flow uninterrupted.

Darktrace presents a digest explaining what action it has taken and why

Get the full picture

Supply chain attacks often start but rarely end in the inbox.

Findings from Darktrace/Email are automatically fed into Cyber AI Analyst, which pieces together disparate events from across the digital environment to reveal the full scope of a security incident – presenting a clear and understandable summary.

Discover AI Analyst

CUSTOMER STORY

自己学習型AIがサプライチェーン攻撃からMcLaren Racingを保護

“By partnering with Darktrace, McLaren experiences the value of self-learning protection on a daily basis, across its email systems, cloud services, and corporate network.”

Ed Green, Head of Commercial Technology