Barracuda Uses AI 'Sentinel' to Combat Spear Phishing


Barracuda Networks this week launched Sentinel, a cloud-based artificial intelligence (AI) platform that stops spear phishing and other types of email fraud.

Unlike typical phishing scams in which attackers cast a wide net hoping to catch many victims, spear phishing is highly targeted. Usually, this type of attack focuses on a specific individual or group of users within an organization.

In spear phishing scams, emails may appear to come from a colleague or another internal user. Believing a request for login information or embedded links are legit, targets often let their guard down, inadvertently providing hackers with a foothold on their networks.

Barracuda Sentinel employs a real-time AI system to keep a vigilant and critical eye on email accounts to stop spear phishing attempts, explained Asaf Cidon, vice president of Content Security Services at Barracuda Networks.

"Sentinel uses an AI engine to detect and block spear phishing attacks based on knowledge of unique communication patterns of an organization. Within an organization, Sentinel evaluates and analyzes each and every aspect of a message, including the metadata of the message, the content and the tone," Cidon said.

Although spear phishing attempts can be very convincing, Barracuda's new detection technology isn't easily fooled.

"The AI engine looks for anomalies, based on the historical patterns of communication," Cidon added. "For example, if the CEO and CFO have communicated thousands of times in the past using certain corporate emails and a certain tone, if a certain message seriously deviates from the normal patterns, it would be a likely spear phishing candidate."

Further, using Barracuda Sentinel's Domain-based Message Authentication Reporting and Conformance (DMARC) capabilities, businesses can combat domain spoofing, another tactic used by scammers to lure in unsuspecting victims.

A telltale sign of a phishing email is a sender address from an unknown or unofficial domain. Spear phishing attempts often use a spoofed domain, giving the appearance that they originate from within a user's own organization.

And all this added protection comes with a minimum of IT management overhead, assured Cidon.

"Barracuda Sentinel is completely effortless from an IT perspective. It takes two minutes to set up, and it does not require any appliances or installing any software, and has zero impact on the network," he said. "It is also compatible with any underlying email security gateway."

Once organizations deploy the product, "it automatically learns the company's communication patterns and automatically starts blocking spear phishing attacks in real-time," Cidon said. "IT does not need to set any manual rules or policies. Once a spear phishing attack is intercepted, the user as well as IT are notified. Barracuda Sentinel has a dashboard where IT can monitor intercepted attacks, at-risk employees and spoofed domains."

Barracuda Sentinel is available now. More information is available here.