Your adversaries want access to the lifeblood of your organization – if they succeed, the impact could be catastrophic.
The Threat
Sensitive government information, intellectual property, financial data, corporate secrets, client information…all of it is at risk through cyber breach.
Your adversaries are diverse, determined and at an advantage over your security teams. These adversaries range from nation states seeking to steal your intellectual property and colonize your network, to cyber-criminals seeking to perpetrate financial fraud and access your client data, to hacktivists seeking to shame your organization in the public eye. The threats to your organization are real, they are numerous and they threaten your most critical asset – the information that drives your success.
The Soft Underbelly of Cyber Security:
Every employee in your organization is a target…and every time they go the Internet or open the email client they run the risk of becoming an unwitting accomplice to the breach of your network. They are simultaneously your biggest corporate strength, your first line of cyber defense and your weakest link. Adversaries know that your employees are always on-line, that your mission dictates that they have free access to the Internet, and that despite your best efforts to train them, they can never make the correct security decision every time.
- Nation States: Use your employees to gain access to your intellectual property and as a beach head for colonizing your network
- Cyber Criminals: Use your employees to gain access to your financial information and to perpetrate fraud against you and your clients
- Hacktivists: Use your employees to gain access to your corporate secrets in order to shame you on the public landscape
Your employees are the preferred target…
The Bad Guy’s Bag of Tricks Against the User:
The bad actors that seek to harm your business use a number of clever techniques to turn your users into unwitting accomplices to breach:
- Spear-Phishing: Leading Incident Response firms state that 95% of the attacks they investigate are spear-phishing related – the nation state initiated (targeted or APT type of attack) relies heavily on spear-phishing
- Poisoned Search Engine Results: Cyber criminals poison search results every day behind every trending news item – setting attractive bait for curious employees in the form of malicious websites. It is estimated that roughly 30,000 new malicious websites are created every day
- Hijacked Trusted Sites: Legitimate sites are often used to push malware – typically involving cyber criminals. These organized gangs hijack a legitimate website (i.e. news outlet, charitable organization, etc.) and push their malicious script to your employees when they hit the page
- Social Networking Worms: Trust in social networks has spawned a lucrative new playing ground for bad guys of every type – worms and Trojans lurk behind Facebook, Twitter and LinkedIn posts
- Weaponized PDF Documents: In 2009, PDFs were the number one exploit pathway – hiding zero days that enable beach heads for the adversary
- Weaponized Office Documents: Recent attacks against RSA Security and those spawned by the DuQu Trojan relied upon weaponized .xls and .doc document types
A Quick Primer on Spear-Phishing:
