us:
English: Americas
How Does It Work?
Endpoint-delivered threats usually enter an organization through:
- a user-infected device introduced into the corporate network which then delivers malware that can spread laterally.
- an infected portable device.
- users who are tricked into downloading and installing malicious software by claims that they are antivirus, disk cleanup or other utility software.
Endpoint security threats happen when attackers can use strategies such as leaving an infected USB drive around the organization’s parking lot in anticipation that an employee will pick it up and plug it into a network connected system. However, pulling off such an attack is expensive and much more risky for the attackers, especially if they are remote and need a trained human asset in-country to assist with the attack.
Endpoint protection becomes more complicated as users connect their own devices into the corporate network and as more users work remotely. An organization has to accept that not all traffic on the user’s device will go through the corporate security controls, and in many cases, the organization may not have device control to enforce a specific endpoint security solution to protect against endpoint security threats.
Opportunistic attackers and those attempting targeted threats on organizations tend to use socially-engineered emails sent to corporate email accounts to compromise user endpoints.
This strategy is easy to execute and cost-effective as attackers can execute the attack remotely, enabling attacks across multiple users, and at multiple different times.
The 2013 Verizon Data Breach Investigations report explains that running a campaign with just three targeted phishing emails gives the attacker a better than 50% chance of getting at least one user to click and have their machine compromised; sending ten almost guarantees getting at least one user to click and compromise their device.
Once compromised, the endpoint can give up a mountain of an organization’s information along with access credentials that are keys to critical systems and data. The risk of exposure further increases when the compromised endpoint connects to the network and allows the attackers to spread laterally through the organization’s networked endpoints.
The strongest defense is a layered security approach which includes best-in-class security solutions on the endpoint to check for malicious behavior, signature matching, and other solutions that can inspect traffic going to and from the device. Additionally, detection and protection from email delivered threats early in the lifecycle of a threat is a primary strategy in stopping a large volume of endpoint delivered threats into organizations.
Get Ahead of Tomorrow’s Threats with Proofpoint
Anticipating the nature of certain cyber threats helps organizations identify where their defenses are weak and which protective measures to prioritize. Most organizations are more resilient through layered strategies that leverage detection and prevention technologies, real-time threat intelligence, and user-focused training programs to reduce the risk of attacks via email and cloud environments. As threats like phishing, BEC, ransomware, and credential theft evolve, it’s important to have the right mix of tools and processes to keep your data and your people protected. Take ownership to protect against threats and make strides to improve your cybersecurity effectiveness.
Leverage the capabilities trusted by 83 of the Fortune 100 companies. Contact Proofpoint to learn more.
Related Resources
The latest news and updates from Proofpoint, delivered to your inbox.
Sign up to receive news and other stories from Proofpoint. Your information will be used in accordance with Proofpoint’s privacy policy. You may opt out at any time.
