Could You Identify a Social Engineering Attack?
Social engineering can allow a cybercriminal to access networks without being hampered by the security solutions that a business has in place. Through the manipulation of the human element of a company, its critical resources are exposed. In order to protect your business against the threat of a social engineer, there has to be an overall awareness in your company culture.
Why Social Engineering Works
One of the main reasons that social engineering can be such an effective tactic for cybercriminals is because, rather than telling the target what they want to hear, the target is told what they expect to hear. By coming forward under the guise of someone who should be coming forward, the cybercriminal is able to extract information from unwitting staff members, adding to their intel through intensive online research.
These are the key factors that allow these kinds of attacks to be as successful as they are. The methods used by social engineers aren’t the kind that immediately come to mind when one thinks about cyberattacks. Since the attack doesn’t typically resemble more well-known threats like ransomware, these attacks are often able to infiltrate their target without any suspicion. Additionally, there is an excess of information available online, known as open-source intelligence, that provides the social engineer with the knowledge they need to craft their approach.
This open-source intelligence can come from a variety of places, making the social engineer’s job that much easier. There is plenty of information readily available on the Internet, all it takes is looking in the right place.
Sample Information
While it’s no secret that there is a ton of information online, the true scope of what is available can be alarming when all laid out. The following information can all be found if one knows where to look, and is by no means a comprehensive list of what is there:
Technological Details
Considering how valuable a cybercriminal would find the details of what technology is used in a business, these details are remarkably easy for cybercriminals to find. Companies will often show their hand in online job postings, identifying the hardware and software that they use in order to find someone with the experience. This not only ensures that qualified applicants send in their resumes, it also allows cybercriminals to send in the exploits needed to take the company down. Social media posts can also share this information–the wrong picture could give access to networking hardware and other critical and sensitive data.
Employee Data
On the topic of social media, sensitive company information can easily leak through oversharing. Employee activities that are shared or tweeted can provide a cybercriminal with crucial insights. Images can create an even bigger problem. If not scrutinized before posting, you can inadvertently display key details, from the data on the screens to the model of the computer that holds the data.
Furthermore, employees using social media carelessly can deliver more invaluable data for a cybercriminal to leverage. Discussing work schedules or even sharing specifics of work experience can potentially put your business at risk.
External Companies
Unfortunately, social engineering attacks can leverage data that you have minimal control over against your business as well, as other companies and vendors you do business with may share their experience with you as evidence of their value. Furthermore, if your janitorial services and trash pickup providers aren’t secure, your data could be stolen after it has left your property.
So while it is absolutely critical to leverage cyber protections for your data’s security, including solutions like firewalls and authentication measures, your employees also need to have their eyes peeled for the threat of social engineering. Every business needs to have a plan to avoid and mitigate the threat of social engineering. Catalyst Technology Group can help.
For more information, call (317) 705-0333.
A DDoS Attack Hits Your Productivity and Profits
How quickly could your business recover if it were suddenly hit by a Distributed Denial of Service, or DDoS, attack? Are you protected against the effects they could have on your operations? If asked these questions, most businesses should want to say yes, but in reality, over half lack the means to defend against DDoS.
It may be helpful to go over how a DDoS attack operates. Simply put, a DDoS attack overwhelms your network and its defenses by hitting it with a barrage of traffic. As a result of this attack, you can lose access to your data and be stuck with downtime. As any executive knows, this is how a DDoS attack really hurts a business. Downtime equals a loss of productivity, which in turn equals wasted time and lost profits.
In a report from CDNetworks, 88 percent of companies are under the impression that their defenses are sufficient to stop a DDoS attack. 69 percent of these companies have also been victims of a DDoS attack within the last year. This begs the question–how much are these attacks affecting these companies?
Other statistics provide a glimpse into the other costs that businesses face in response to these attacks. Companies in the United States invest an average of $ 34,700 into protection against DDoS attacks every year; while companies in Europe spend about $ 29,000 on average. These are not meager sums to sink into protections that don’t do their desired job. Some other questions a business owner or manager has to ask include: why do DDoS attacks defy the protections put in place to thwart them; and, what can businesses do to bridge this gap?
In order to secure your business against DDoS attack, you need to learn from the failures of the 88 percent (the companies that think they are ready to stop a DDoS attack), and even more so the 69 percent (the companies that have already been attacked over the past year). Nearly three-quarters of companies have already resolved to dedicate more funds toward preventing DDoS attacks over the next year. Do you plan to follow suit, and if so, how do you plan to protect your business against DDoS attacks?
If you’re looking for help protecting your business from DDoS attacks and other risk factors, reach out to Catalyst Technology Group. We can be reached at (317) 705-0333.
Tip of the Week: A URL Can Help Give Away A Phishing Attack
Back in 1995, scammers pulled the first phishing attack. They took the identity of AOL employees and requested the billing information of users through instant messaging. More sophisticated phishing attempts have evolved over the years, culminating in the commonly-seen email phishing attack, which tricks users into handing over personal or sensitive information. Phishing attacks can be seen through, so we’ll show you how you can identify threats before they become a problem.
How Phishing Emails Work
Above everything else, a phishing email needs to be convincing it if wants to trick anyone into opening it. For example, if you received an email from the bank filled to the brim with misspellings and blocked images, would you trust them? Phishing attempts have become more elaborate and more difficult to identify, as hackers understand that detail is important to trick users. Still, if you look closely, you’ll be able to identify a real message from a fake message designed to steal your information. In particular, you can check a URL for legitimacy.
The Tricks of Malicious URLs
Phishing attacks will typically require that the user clicks on a URL found in the phony email. They will then be redirected to a website that asks for their credentials. Most users who don’t know better will click on the link and not think twice about where it leads. Hackers understand this and try to distract them from caring by using strong language, urging them to take immediate action. This is how deceptive URLs try to succeed, but there is one fatal flaw in this tactic.
Avoiding Phishing Attempts
Phishing emails show all sorts of warning signs that you can identify if you’re observant. First, take note of any links that are in the message. Do NOT click them without first checking if they are legitimate. Hover over the link and see where it goes. Again, be extra careful to only hover over it and not click it. You should see where the URL goes, and if it’s not to the domain that it claims to be from, just avoid it. For example, if an email claims to be from paypal and wants you to click a link, the link should go to paypal.com–not payypal.com. Such an event could very well be a scam that wants to steal your username and password.
In other words, it’s a matter of common sense. Does the link look like it makes sense in the context of the sender?
If the answer is no, you’re probably staring at a phishing email. Don’t click the link, as it could perform any number of functions, from taking you to a malicious website or instigating a download of malicious files. Regardless, the end result will surely be detrimental to your organization and its network security.
Catalyst Technology Group can keep your network from suffering these types of breaches. To learn more about how we can keep phishing messages out of your inbox and monitor your network in real time for data breaches. To learn more, reach out to us at (317) 705-0333.
Lowlife Ransomware Hackers Now Asking for More Than $1k Per Attack
Ransomware remains a very real threat, and is arguably only getting worse. Attacks are now able to come more frequently, and there are opportunities for even relative amateurs to level an attack against some unfortunate victim. However, this is not to say that there is nothing you can do to keep your business from becoming another cautionary tale.
Ransomware, in review:
First of all, it’s important to understand exactly what ransomware is. A form of malware, ransomware will infect your system and encrypt your data. It gets its name from the fact that the attacker will demand a ransom in order for your data to be decrypted. What’s worse, if you pay, you’re taking the distributor at their word that they will decrypt your data once the money has changed hands.
Understandably, this form of ransomware can be a highly potent weapon against many users, who simply won’t know how to handle the situation beyond paying and hoping for the best. Of course, since the motives behind ransomware are financial, a lot is directed towards business targets, as they not only have more funds available but are also heavily reliant on their data to function.
Ransomware repercussions
The nature of ransomware means that those that distribute it can usually name their price for the decryption key. After all, it isn’t as though victims have anywhere else to turn other than the hacker (or so the hackers want them to believe). Due to this, ransoms for encrypted data have shot up–in 2015, the ransom to decrypt an infected computer would cost about $ 294, on average. That price had jumped to average $ 1,077 per computer in 2016.
In addition to this increase in ransom demands, there was a 36 percent higher rate of ransomware attempts between 2015 and 2016, 68 percent targeting consumers. This left a still-considerable 32 percent being leveraged towards businesses.
Does it get worse? Sure does.
As if it wasn’t bad enough already, ransomware is now able to be utilized by just about anybody who has a grudge or a desire for some extra cash. Ransomware is now offered as-a-Service, allowing an attack to potentially come from far more sources than before. Some variants of ransomware, such as Karmen, will only cost an aspiring cyber criminal $ 175 to cash in on.
Thankfully, there are steps being taken to eliminate the threat of ransomware. For instance, there are decryption tools to help undo the damage that Karmen can cause because it was derived from the open-source ransomware project Hidden Tear. Other tools and resources are available to help identify which ransomware has infected a given system, like this one from security researcher Michael Gillespie.
However, there are also steps that you can take to avoid a ransomware infection, like following best security practices and computing mindfully. Catalyst Technology Group is here to assist you in putting these procedures in place, as well as helping you recover should ransomware strike. Give us a call at (317) 705-0333 today.