ALPS blog

von Richard Werner, Business Consultant

Most employees start their workday by checking their mail inbox. Most of the messages there are from colleagues and customers, one perhaps from a dear friend, and one informing about an Amazon delivery that was never requested. As a trained employee, he will forward the latter to the emergency response team and continue processing all the others. Even though there is currently no activity from the Emotet botnet as a result of the takedown, attack scenarios like the one using the malware need to be considered.

Organizations should also have trained their employees to watch out for emails that somehow change their tone – such as replies to an email conversation history or forwards that ask to click on a link or open an attachment without the usual “hello” or “how are you.” Via this type of attack, malicious actors stole emails on a large scale (up to 180 days of content from a single victim) and used them to launch attacks primarily against mid-sized companies and institutions. They abused existing conversations and added generic content. The fact that they responded to original emails made them very successful in 2019 and 2020. The question is: will they stop there?

Every email is potentially malicious

Although the email attack vector has proven to be very successful, it is still far from what sophisticated attackers could achieve. Therefore, it is very likely that these types of attacks will evolve in the near future. Since it is now possible to misuse existing conversations for malicious activity, it is worth considering right now: what could stop a threat actor from actually continuing a conversation with a potential victim instead of just attacking them immediately?

Well, obviously it’s useful to build a relationship, because a connection established in this way builds more trust, so a potential victim is then more likely to open attachments and click on links – perhaps even enter passwords, and ignore alerts should they pop up. In this way, attackers can more easily bypass most email security mechanisms. It also opens up other opportunities, such as in the case of Business Email Compromise (BEC), to make financial demands or make requests for intellectual property and trade secrets such as trade agreements (such as pricing arrangements). For example, a competitor can very easily undercut a price if he knows in advance what the other is offering. Something like this, even for relatively small companies, can make millions.

Automated spearphishing

There are two already known attack patterns that can ultimately be put together well. Spearphishing – gathering information about a victim and using it to create a specific attack on that person – is used in high-profile, targeted attacks, such as by state-sponsored actors. BEC and mails equipped with attack tools are already widely used in mass attacks. However, both methods have their drawbacks for the attacker. Spearphishing may require manual intervention, while automated attack methods continue to use generic phrases that allow automated defenses and trained personnel to detect them. The obvious evolution of email-based attacks, then, is to combine the advantages of the two existing attack patterns and replace the disadvantages of one method with the advantages of the other. The way to do this may be through the use of artificial intelligence.


One of the current trends in IT security is certainly the use of artificial intelligence (AI) and machine learning (ML), which make it possible to automate processes and thus improve defense capabilities. Unfortunately, technology is always used for both good and bad purposes, so these same techniques could also be turned against the IT user. Data scientists certainly assume so. Even more troubling is the fact that the tools needed to do this already exist and are available as open source code. They just need to be trained with a large enough number of emails. This is exactly the same technology that is used for chatbots, which (among other applications) also work in some dating apps.

AI can learn to communicate like a given human being if trained with enough examples. Now, if Emotet-style attacks download up to 180 days of their victims’ email communications, it can be assumed that they undoubtedly contain sufficient information for an AI to learn to mimic a particular person. And this is not limited to the victim from whom the emails were stolen, but also includes anyone who had regular contact with the victim. This would allow a conversation to continue “artificially” without anyone noticing.


There are two types of attackers that could actually take this next evolutionary step. The first group are state-sponsored actors. Almost certainly, they are already using these methods. However, they are usually not interested in attracting attention. Therefore, they avoid mass attacks and focus on very specific targets.

The second group includes technically savvy threat actors, like the cybercriminals behind Emotet. They have the necessary mail data and certainly the expertise to do so. Why they don’t use this type of attack is anyone’s guess! They probably don’t need to because they are simply still too successful with their current attack methods. But a look into the digital underground shows that the offer of “hacking as a service” or for “backdoor access” to companies is booming. Therefore, it stands to reason that the next step after “starting a business” and “finding a customer” will be “automating processes to increase revenue” in order to break into even distrusted companies.

Attack and protection

Today, around 90% of all malicious activity is stopped by email security solutions. Even without statistics on this, it is safe to assume that a large percentage of attacks that make it through this first line of defense are detected by sensitized employees. In large-scale AI attacks, these two frontline defenses will be reduced in effectiveness. Content filters will no longer be able to find common indicators, and quarantined messages may even be actively solicited by their recipients. Employees also cannot be trained to suspect an attack behind every attachment or link. Moreover, organizations won’t be able to block every communication or link. In short, human error will be the rule, not the exception.

As a result, more attacks will reach the endpoint, increasing the likelihood of successful infections. That means more alerts, as well as greater overall workloads for security teams. To ease the burden on their IT security team, customers will need to invest in automation technology to identify anomalies, assess their severity and find ways to manage them.

Third parties could also be additional victims in these attacks with AI-generated email communications. Therefore, identifying the initial attack email and all associated conversations is a must. After all, for this second victim, there is a possibility that the attack is still ongoing and the company faces accusations of not having done everything possible to stop it. Automating these processes has a major impact on the resilience of the enterprise and the ability to respond quickly.

XDR represents one such technology. It is the evolution of endpoint detection and response (EDR) technology. The “X” in XDR stands for “cross-layer.” Trend Micro was among the first to adopt an XDR strategy and continues to evolve solutions. The XDR portfolio currently includes solutions for endpoints, email, networking and cloud technologies, and Trend Micro will soon add options for smart factory store floor and IoT. In its current evolutionary stage, Trend Micro Vision One Detecton & Response provides an overarching view with easy-to-use analytics that goes beyond traditional XDR solutions.