Flattening the social engineering curve

Zimbini Sogoni, SOC Team Leader.

With the rise of COVID-19, people are faced with fear and uncertainty, and cyber criminals are actively using this as an opportunity to prey on vulnerable individuals and companies, says Zimbini Sogoni, SOC Team Leader at CyberTech.

She further mentions: “We’ve noticed a rise in targeting against enterprises, particularly key executives and c-level managers within companies. What’s more, there has been an increase in scam attempts like phishing, which is an attempt to gain sensitive information such as passwords or credit card details by someone posing as a legitimate institution to acquire sensitive information, and domain spoofing where victims receive an e-mail that looks like it’s from a manager or executive.”

Social engineering is a form of baiting where attackers catch individuals off-guard using common day-to-day activities like updating your anti-virus software or responding to a tender document or confirmation of a purchase order received. But attacks don’t stop there, says Sogoni. “Hackers are becoming more sophisticated and advanced and criminals are using the victim’s location and employment information to start the social engineering attack to trick the user into clicking on a link/attachment and gaining access with the end result of reputational damage and financial loss for organisations.”

While the healthcare and financial sectors were previously key targets, more recently all industries, including government, are having to increase their security measures as attackers use social engineering scams to harvest information. All industries are at risk of an attack dependent on volume and sensitivity of data stored, with criminals finding several paths into organisations. The HR and recruitment departments are usually at higher risk as more employees fall for payroll fraud and recruitment scams.

Sogoni explains two types of threat actors in the market: “The first is where the attacker would be identified as fake and will try and scare the victim into believing they have valuable and sensitive information, and the second attacker being more advanced, skilled and equipped to fulfil the attack.”

Mira Andric, Operations and Delivery Manager for CyberTech.

With virtually every industry facing some level of risk and with more employees now working from home, smart first steps (best practices for organisations) are ensuring that employees perform regular software updates, employees separate business e-mails from private e-mails, enabling two-factor authentication where necessary and performing regular backups of company data.

Mira Andric, Operations and Delivery Manager for CyberTech, adds: “While organisations should have endpoint detection and response (EDR), database activity monitoring and firewalls in place to monitor and respond to attacks, it is of the utmost importance to have a solid cyber security awareness programme in place for all employees to ensure security awareness training. If organisations are to combat attacks, training will need to be in place for employees to spot a malicious link in an e-mail and understanding the importance of the “think before you click” approach. The entire organisation should receive training from managers to receptionists – finance, marketing and everyone else in the organisation.”

While criminals are notorious for quickly adapting their social engineering schemes to take advantage of victims, ultimately the key to fighting criminals is for organisations to have the tools and resources available, and to have employees that are prepared and equipped. An educated workforce is just as important as the technology in place.

Read article on IT Web.