Main Menu

Secured.22: Account-takeover risks and how to manage them

Last Modified: February 28, 2023

Account takeover (ATO) plays a major role in a huge number of successful cyberattacks, and it’s becoming increasingly common. In a 2020 survey, an astonishing 29% of respondents reported that in just one month they had suffered compromised Microsoft 365 accounts — which resulted in more than 1.5 million malicious emails sent in that 30-day span.


In this recorded session from Secured.22, Barracuda’s 2022 virtual customer conference, email security expert Mike Flouton provides a detailed explanation of how ATO works, why it’s the first step in a wide variety of different types of attacks, and what it takes to implement a multilayered, defense-in-depth strategy to prevent, detect, and block account takeover.

What is modern account takeover?

As Mike explains in the session, account takeover typically begins with credentials that have been stolen or purchased. These are used to gain control of an account on the target’s network. But typically this is only the first step in an attack chain that includes:

  • Infiltration of networks via compromised accounts
  • Reconnaissance to discover high-access accounts and high-value data
  • Credentials harvesting to expand access with increased privileges
  • Monetization by selling credentials, deploying ransomware, or committing fraud


    • Here’s a clip from the session where Mike is providing an overview before going into a detailed analysis and discussion of each stage of the attack chain:

    Bad news and good

    After laying out the many ways in which modern ATO attacks can unfold, Mike turns to the question of what to do about them. And the bad news is that traditional gateway security just can’t detect this type of threat — it looks outward at incoming threats that it can identify, but ATO mostly unfolds via internal email and data traffic.


    It’s still important, of course, to keep malware and spam out of the email stream. But stopping ATO attacks takes a more sophisticated approach than traditional gateway solutions. And the good news is that it can be done. Mike shows how an effective defense-in-depth strategy requires multiple layers:

  • Multifactor authentication
  • Password manager
  • Process controls
  • Security awareness training
  • Prevent, detect, remediate ATO using AI



    • And after explaining how these strategies work together, Mike will show you how Barracuda Email Protection incorporates all the features needed to deploy a security infrastructure that minimizes your risk from the rising tide of account-takeover attacks.


    If you’re not sure how well protected your organization is against ATO threats, be sure to watch this Secured.22 session to get the whole story of how they work and how to stop them.

    Related Articles.

    Secured.22: Optimize SD-WAN and SASE adoption
    The need for Barracuda Cloud-to-Cloud Backup for Microsoft 365
    Five security trends to look out for in 2023
    aBarracudaSolutions.com.au is a division of Attainable Cyber Solutions Pty Ltd, an authorised Barracuda Networks online reseller.
    Facebook-f Twitter Linkedin-in

    Quick links

    Support

    Subscribe

    Subscribe to email alerts. We promise not to spam your Inbox

    Copyright @2023 | All Right reserved

    Search Products