By Michael Hill
UK Editor, CSO |
INTERPOL and the Nigerian Federal Police today announced the arrests of 11 business email compromise (BEC) actors in Nigeria as part of an international operation to disrupt and tackle sophisticated BEC cybercrime. Many of the suspects are thought to be members of SilverTerrier, a network known for BEC scams that have impacted thousands of companies globally. The results are the latest example of industry and law enforcement efforts to thwart BEC activity, the most common and costly cyberthreat facing organizations.
According to Unit 42 at Palo Alto Networks, which shared intelligence and resources as part of the operation, the collaborative effort was novel in its approach in that it didn’t target easily identifiable money mules or social media influencers who are typically seen benefiting from these schemes. “Instead, this operation focused predominantly on the technical backbone of BEC operations by targeting the actors who possess the skills and knowledge to build and deploy the malware and domain infrastructure used in these schemes,” Unit 42 wrote in a blog posting. Some of the actors arrested have avoided prosecution for the past half decade due to the complexities of mapping global victims beyond the flow of stolen funds back to the source of malicious network activity, it added.
While the success of the operation – dubbed Operation Falcon II – is a positive for law enforcement and the cybersecurity sector, it highlights the ongoing risk BEC poses to businesses across the globe. “The BEC threat landscape is extremely active and constantly evolving,” Pete Renals, Unit 42 principal researcher, tells CSO. “As a threat type, it has grown over the years to become the most prevalent and costly form of malicious cyber activity targeting our customers. Additionally, while these attacks rarely result in physical damage to victim organizations, the financial losses associated with these schemes are often equally significant.”
As such, it is imperative that organizations continue to prioritize defenses against email-based cyberattacks through preventative practices. As outlined in Unit 42’s blog, these include:
“While detecting and preventing BEC schemes should be a top priority for organizations, we also believe that the best cybersecurity approach is one that focuses on tools and capabilities that provide flexible defenses against the entire range (BEC, ransomware, APTs, etc.) of possible threat vectors,” concludes Renals.
More on cyberattacks:
Michael Hill is the UK editor of CSO Online. He has spent the past five-plus years covering various aspects of the cybersecurity industry, with particular interest in the ever-evolving role of the human-related elements of information security.
Copyright © 2022 IDG Communications, Inc.
Copyright © 2022 IDG Communications, Inc.