Page 36 - Cyber Defense eMagazine January 2023
P. 36
a sense of urgency or fear in recipients, clouding their judgment and making them more likely to make a
mistake. Where email attacks are concerned, attackers are also increasingly using IPs geolocated within
the U.S. when targeting U.S.-based organizations. This helps them bypass conditional access mitigation
efforts and is something security teams should keep an eye on moving forward. Simply blocking or adding
additional scrutiny to overseas IPs is no longer enough.
Recognize Attackers’ Shifting Strategies
These Quarterly Threat Report findings highlight the ways attackers are shifting their tactics in response
to new security measures. As more organizations implement MFA, they are finding methods to
circumvent it. As users grow more aware of social engineering tactics, they are finding new ways to
disrupt their thinking. Until organizations demonstrate the ability to consistently stop identity-based
attacks, they aren’t going anywhere. The battle between security teams and attackers is a constant cat-
and-mouse game, with each adapting to the other’s tactics as they evolve. There is no silver bullet that
will solve every security challenge—but understanding these threats is the first step toward stopping
them.
About the Author
Ben Brigida is the Director of SOC Operations at Expel. In this role, he’s
responsible for making sure Expel maintains the quality of delivery
customers have come to expect. Ben has been with Expel since the
company’s inception in 2016. Prior to Expel, Ben worked in the security
operations center (SOC) at FireEye.
Ben can be reached online via LinkedIn and at our company website
https://expel.com/
Cyber Defense eMagazine – January 2023 Edition 36
Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.