Email as a Threat Vector in 2023Abnormal Security's Crane Hassold on Preparing for New Threats via Email
Although email has been around for decades, it wasn't initially designed with security in mind. As a result, we're stuck playing catch-up while adversaries continue to find new ways to use it as an attack vector. Crane Hassold of Abnormal Security opens up on the threat landscape and how security professionals should prepare for new attacks via email in 2023.
In a video interview with Information Security Media Group, Hassold discusses:
- The inherent weaknesses of email;
- Gaps in traditional email security measures;
- How to defend against current email-borne threats.
At Abnormal Security, Hassold leads an intelligence team responsible for researching enterprise-focused phishing threats. Prior to moving to the private sector in 2015, he served as an analyst at the FBI for more than 11 years, spending most of his career in the Behavioral Analysis Unit, providing support to the intelligence community and law enforcement partners against national security adversaries and serial criminals. In 2012, he helped create the FBI's Cyber Behavioral Analysis Center, which takes an asymmetric approach to examine cyberthreats by combining the traditional behavioral concepts used for decades in the violent crime world with technical expertise to gain a holistic understanding of threat actor TTPs. He now uses this expertise at Abnormal to interact with BEC threat actors and provide information to the community about what threats may target organizations next.