Page 49 - Cyber Warnings
P. 49
How The Enemy Works
Spam. Spear phishing. Social engineering. Confederates inside the target institutions. Black-
hat tool kits that are more advanced than the tools that developers work with when building
applications. They’re all part of the arsenal that hackers use.
Nowadays we don’t hear much from the deposed African prince who wants to split a hundred
million bucks with us. Cyber crime has gone way beyond such stickups of unwary individuals.
The cyber criminals are working full time and studying your business. They scan for the open
port, look for SSL vulnerabilities, do automated testing. They seek out the one vulnerable
machine on the network or the one gullible or inattentive person who clicks on a link and lets
malware in.
They also learn who does your payroll, whether you use FedEx, who’s your ISP. They’ll send
you an invoice that says your account is overdue and you’ll be terminated if you don’t reply.
People click on the invoice link, which can look like a pdf file but which masks an executable
one, without thinking. Even high-credentialed employees like executives, CFOs, and treasurers
get duped. They’re in a hurry, and they click on links without thinking.
All the hackers need for a response rate is for one percent of their attempts to succeed, but the
percentage of the population that falls for it is much higher than that.
More than 80% of malware that reaches its target gets distributed by phishing, or by
somebody’s clicking a link on a compromised web site. This campaign highlights the fact that
organizations are only as strong as their weakest link, and in this case, it’s their employees.
IBM’s 2015 Cyber Security Intelligence Index indicated 95 percent of all attacks involve some
type of human error.
Attackers rely on that factor, counting on someone to open a fraudulent attachment or link.
Wordpress sites are a particular problem. Many people who use Wordpress do it as a hobby,
not in their full time jobs. They don’t keep security patches up-to-date. So if some hacker
compromises a Wordpress site and adds their own code, and then you click on one of the site’s
links – behind the scenes there’s a software download to your machine.
Defending Your Castle
Think of your business as a castle. Build the walls and dig the moat. Most attackers are looking
for the soft spots and easy pickings – they prefer to probe for open doors to your system, and to
simply walk in. You can turn these intrusion attempts aside by having those walls and moat -
appropriate policies and components – in place.
The drawbridge and the great wooden door are the entryway to the castle. Sometimes that door
must be opened, or the castle can’t function in the world outside. The door should open only
when needed. No other entryways, such as windows or emergency doors, should be left
unlocked.
49 Cyber Warnings E-Magazine – March 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
