In a typical phishing attack, cyber criminals impersonate legitimate email senders to get recipients to click on malicious links. Phishing is behind almost a quarter of all data breaches, and whether an attack results in immediate financial losses or deeper penetration of the corporate network, phishing represents a growing threat to all organisations.
Northdoor offers next-generation phishing protection with an AI-powered anti-phishing solution that intelligently adapts to the evolving threat, enhancing protection while reducing the strain on IT staff and users.
According to a 2020 Verizon study, email phishing is the root cause of 22 percent of all data breaches. Many organisations have deployed solutions to detect phishing attacks and to educate users, and these can be relatively successful against simple mass-mailing attacks from speculative amateurs.
These conventional approaches use keyword detection, rules-based detection, reputation-based detection, header authentication and sender blacklisting. However, they struggle to cope with the complex obfuscation techniques used by cyber criminals, and they lack the sophistication needed to defend against targeting spear-phishing and whale-phishing attacks against senior executives.
The other key challenge in defending against phishing attacks is the constant evolution of the threat. Professional phishers study defensive solutions and adapt their approaches accordingly, so that organisations have found themselves in an escalating arms race against cyber criminals. With conventional rules-based solutions, the need to deal with changing types of attack creates a heavy additional workload for IT security teams. At the same time, users are put under unrealistic pressure to identify suspect emails and links.
The more sophisticated the attack, the harder it is for both users and IT security staff to detect—especially where rules-based solutions are concerned. And of course, this is a game in which the defender must be 100 percent successful, while the attacker only needs to succeed a single time.
Phishing has a huge financial impact: the FBI estimates that more than $9 billion has been stolen in attacks since 2015. Worse still, it enables criminals to gain a foothold on the corporate network. A typical attack aims to steal login credentials from a user, and then to escalate access rights in order to compromise mission-critical systems.
To protect organisations against these risks, Northdoor offers the AI-based Ajax Intelligence anti-phishing solution. The solution combines proprietary, next-generation machine-learning and advanced analytical techniques to defend against a constantly evolving threat landscape. Using deep linguistic analysis of both content and metadata, the anti-phishing solution checks all incoming emails for indicators of compromise, classifies each email and inserts user-friendly warning banners where appropriate. URL-rewriting prevents direct access to suspect websites.
Unlike conventional rules-based anti-phishing solutions, Ajax Intelligence is highly effective against zero-day attacks. It profiles the deploying organisation to learn typical attack types, and profiles each user to understand their normal message flows and behaviours. As time goes by, the solution automatically learns and adapts without intervention from users or IT staff.
Ajax Intelligence is a cloud-based subscription service that offers full integration with both Microsoft and Google cloud email services, which makes it fast and easy to deploy. It works across all email client software on any physical device, and gives IT security professionals a clear view of phishing threats. In addition to its primary benefit of protecting against financial losses and attacks on mission-critical systems, the solution removes the administrative burden of creating and tuning business rules.