The facts are in— according to the FBI’s Internet Crime Complaint Center (IC3), Business Email Compromise (BEC) has grown from a “3.1 billion-dollar scam” in 2016 into a “5 billion-dollar scam” in just one year. Now, according to Trend Micro, these losses are currently projected to be larger than 9 billion dollars.
What is initially perplexing about these figures is that cyber security spending is as big a business as ever. If that is the case, why are simple e-mail scams outsmarting security systems and costing so much money?
The answer is surprisingly simple. Rather than using malware or automation, scammers have resorted to using more of a human touch through social engineering. These attackers disingenuously find any information that they can use to mislead employees and manipulate them into handing over-sensitive data. These attacks always present the probability of real harm but can be especially damaging to a company if they deal with export control and must abide by export import regulations. So, while you may be able to tout that your business is fully DFARS or ITAR compliant, that doesn’t mean that your company is invulnerable to some digital sleight of hand.
BEC has brought home how these low-tech threats can effectively cripple a business. Especially for companies working with DoD contracts, the stakes are at an all-time high. Even if a company regularly takes steps to maintain DFARS or ITAR compliance on its own, your company may still be at risk if its employees do not understand how social engineering works.
With that said, the solution involves appropriate internal procedures, user education and preventative technology solutions. Systems that rely mostly on automation to prevent attacks rarely account for this issue. Attackers usually gain access into a system through subverting an employee’s expectations with regards to syntax, dialect, or other more human traits. They attempt to mimic details like specific phrases that an employee uses or how they might sign off in an e-mail to manipulate a target.
The good news is that with RegDOX’s Secure Data Room, there is an extra layer of security with additional Outlook integration. Files accessed remotely and locally can be tracked using Brainmark® technology. This feature protects sensitive user data by removing the capability for specific files to be downloaded, printed, or photographed by identifying when and how it happened. It is also integrated with an automatic tracking and alerting feature that will allow for real-time administrative notice of aberrant behavior.
For more information about RegDOX’s Secure Data Room and how it works, click here. Contact us today!
About RegDOX Solutions Inc.
Operating since 2007, RegDOX Solutions Inc. is a market-leading provider of highly intuitive SaaS solutions enabling customers to securely manage and collaborate on confidential documents and information, whether inside or outside of their IT environments. RegDOX® offers compliance options for the transference and storage of ITAR, DFARS, EAR, HIPAA, and Corporate technical data within the cloud through highly intuitive, feature-rich virtual data room solutions. In addition, RegDOX offers DFARS assessment services for contractors and subcontractors of the DoD.