//////////////////////////////////////////////////////////////////////////
FEATURE: THREAT ASSESSMENT
Fady Younes, Cybersecurity Director, Middle
East and Africa, Cisco
Cybercriminals are now also using Gamut,
a method by which emails may appear to
be from a dating website, pharmaceutical
company or a job offer – all of which are built
to create a sense of intrigue and entice users.
What recommendations does
Cisco have for CISOs?
Why is email the most appealing
tool for fraudsters? And when
it comes to malware in emails,
what sorts of attachments
and programs have attackers
gravitated towards?
We are living in a hyperconnected age.
A time in which we are heavily reliant on
communication as a tool for managing
business relations and staying up to date
with the latest information. For this reason,
fraudsters are keen to exploit such a vital
method of communication, knowing
that it has an extremely high usage rate.
Additionally, email users are often working in
fast-paced environments, where they open
documents and click on links in an instant. It
only takes one wrong click for a cybercriminal
to exploit data.
The most common attachment types
are simply the types of files which are
frequently sent and received around
offices on a daily basis. Microsoft Office
documents and PDFs alone account
for more than half of all malicious
attachments, demonstrating just how easy
www.intelligentcio.com
it is to be attacked if a user does not check
and scrutinise the source of the email.
Cybercriminals are all too aware that if a
user receives an email which appears to
be of a trusted source, especially in a work
context, they are likely to click on it with the
intention of being efficient and maintaining
positive relations.
In terms of delivery infrastructure, many
cybercriminals use bulk email toolkits for mass
mailing and increased chance of comprising
an account. Botnets are also used to send the
majority of malicious emails.
In recent years, Necurs has harmed a
number of organisations. Deploying banking
trojans and ransomware threats in batches
of millions, Necurs is able to reinvent itself
and avoid detection.
Another banking trojan and malware
program, Emotet, steals from inboxes using a
‘RE:’ response to appear as part of a chain of
messages. It injects a particular code into the
user’s computer, obtaining data as a result of
the simple wrong click on a document or URL.
Prevention
As alarming as the results are, organisations
do not need to live in fear. They simply
need to act accordingly and remain aware.
Employees will always be an organisation’s
greatest defence. To prevent attacks, CISOs
and IT managers can run regular phishing
exercises. Not only does this reveal flaws and
areas for improvement, but it also causes
employees to think critically and remain aware.
Phishing assessment tool Duo Insight
enables users to craft their own fake phishing
scam. The exercise is aimed at highlighting
vulnerable users and devices before a real
scam has the chance to cause havoc.
The company’s 2018 Trusted Access Report
found that 62% of phishing exercises
captured at least one set of user credentials.
Alarmingly, half of the users tested entered
their credentials into a fake website, proving
the importance of education.
Multi-factor authentication should also be
used to help prevent against an attacker
INTELLIGENTCIO
35