Protecting against the next wave of advanced threats targeting Office 365 – Trend Micro Cloud App Security 2018 detection results and customer examples

Since the release of “Trend Micro Cloud App Security 2017 Report” about a year ago, threats using email as the delivery vector have grown significantly. Business Email Compromise (BEC) scams have already caused USD $12.5 billion in global losses as of 2018 – a 136.4% increase from the $5.3 billion reported in 2017. The popularity of Office 365 has positioned itself as an attractive target for cybercriminals. In January, 2019, the U.S. Secret Service issued a bulletin calling out phishing attacks that specifically target organizations using Office 365.

Trend Micro™ Cloud App Security™ is an API-based service protecting Microsoft® Office 365™ Exchange™ Online, OneDrive® for Business, and SharePoint® Online platforms. Using multiple advanced threat protection techniques, it acts as a second layer of protection after emails and files have passed through Office 365 scanning.

In 2018, Cloud App Security caught 8.9 million high-risk email threats missed by Office 365 security. Those threats include one million malware, 7.7 million phishing attempts, and 103,955 BEC attempts.  Each of the blocked threats represent potential attacks that could result in monetary and productivity losses. For example, the average cost per BEC incident is now USD $59,000. Blocking 103,000 BEC attacks means potentially saving our customers $16illion!

No matter what Office 365 plan you use, or whether a third-party email gateway is deployed, customers still stop a significant number of potentially damaging threats with Trend Micro Cloud App Security.

Customer examples: Additional detections after Office 365 built-in security (2018 data)

For customers using Office 365 built-in security, they saw obvious value from deploying Trend Micro Cloud App Security. For example, an internet company with 10,000 Office 365 E3 users found an additional 16,000 malware, 232,000 malicious URLs, 174,000 phishing emails, and 2,000 BEC attacks in 2018.

Customer examples: Additional Detections after Office 365 Advanced Threat Protection (2018 data)

Customers using Office 365 Advanced Threat Protection (ATP) also need an additional layer of filtering as well. A logistics company with 80,000 users of E3 and ATP detected an additional 28,000 malware and 662,000 malicious URLs in 2018 with Trend Micro Cloud App Security.

Customer examples: Additional Detections after third-party email gateway and Office 365 built-in security (2018 data)

Many customers use a third-party email gateway to scan emails before they’re delivered to their Office 365 environment. Despite these gateway deployments, many of the sneakiest and hardest to detect threats still slipped though. Plus, a gateway solution can’t detect internal email threats, which can originate from compromised devices or accounts within Office 365.

For example, a business with 120,000 Office 365 users with a third-party email gateway stopped an additional 166,823 phishing emails, 237,222 malicious URLs, 78,246 known and unknown malware, and 1,645 BEC emails with Cloud App Security.

Innovative technologies to combat new email threats 

Continuous innovation is one key reason why Trend Micro is able to catch so many threats missed by Office 365 and/or third-party email gateways. In 2018, two new advanced features were introduced by Cloud App Security to help businesses stay protected from advanced email threats.

The first is Writing Style DNA, an artificial intelligence (AI)-powered technology that can help detect email impersonation tactics used in BEC scams. It uses AI to recognize a user’s writing style based on past emails and then compares it to suspected forgeries.

The second technology is a feature that combines AI and computer vision technology to help detect and block attempts at credential phishing in real time, especially now that more schemes use fake, legitimate-looking login webpages to deceive email users. A login page’s branded elements, login form, and other website components are checked by this tool to determine if a page is legitimate.

Additionally, Trend Micro uniquely offers a pre-execution machine learning engine to find unknown malware in addition to its award-winning Deep Discovery sandbox technology. The pre-execution machine learning engine provides better threat coverage while improving email delivery by finding threats before the sandbox layer.

Check out the Trend Micro Cloud App Security 2018 Report to get more details on the type of threats blocked by this product and common email attacks analyzed by Trend Micro Research in 2018.

Read More HERE