The Weakest Link in Cyber-security? UsBy Samuel Greengard
It's increasingly clear that cyber-crooks are becoming smarter and better at breaking into systems. Yet, all of this isn't the result of any remarkable advances in malware. It's mostly due to tricking human beings into handing over the keys to the kingdom.
A research report from security software vendor Proofpoint, The Human Factor 2016, offers some perspective on how human flaws have supplanted system flaws. It notes that attackers are currently focusing on three primary methods:
Tricking recipients into ignoring security. An employee might click a bad link, open an infected document, download a file with malware based on the belief that he or she is addressing a real task. These high-volume methods attempt to sidestep security tools and protocol an enterprise might use.
Convincing targets to hand over credentials. These medium-volume campaigns target key individuals and attempt to gain access to their usernames and passwords. With this information, they have free access to the network and systems.
Using impersonation techniques. These low volume campaigns, which spoof a CEO or senior executive, focus on key individuals that have the right job duties and account access. These individuals initiate a transaction -- such as a data transfer or bank wire to a fraudulent account -- under the belief they are doing their job.
Meanwhile, ransomware attachments increased by 45 percent since Q1, and 80 percent of survey participants said their companies experienced at least one Business Email Compromise (BEC) phishing attack within the past month.
In the mobile arena, as many as 10 million Android devices were compromised by exploit kits. An overwhelming 98 percent of mobile malware is still associated with the Android platform. Finally, on the social media front, there has been a 150 percent increase in phishing as compared to the same period in 2015.
Other recent studies confirm the trend toward more sophisticated phishing, spear-phishing and whaling attacks. The takeaway? Organizations must amp up education and training, use tools that help identify bad domains and links, and adopt security solutions that blacklist bad sites.