Education, IP Blocking Could Decrease Success of Spear-Phishing Attacks

In the early days of Internet fraud, most cyber crooks used emails as their main medium to scam people into disclosing personal information. These emails were littered with spelling and grammatical mistakes, which alerted some cautious users. These days, however, online criminals have honed their spelling and grammar skills, and they manage to fool even the savviest web users with sophisticated methods of deception.

With the evolution of phishing and spear-phishing, companies are scrambling to find ways to combat and cut targeted social-engineering attacks. Panos Anastassiadis, COO and president of Cyveillance, said there are two things that could dramatically lessen the effectiveness of spear-phishing attacks: education and IP blocking.

“One I would say is education because social engineering is the way the spear-phishing attacks work and people are the weakest link,” he said. “The second would be IP blocking. We can provide to organizations a list of IP addresses that should be blocked, and these are the freshest IP addresses out there that have just come out.”

While phishing is a pressing concern for many corporations, it is not the only security issue they need to worry about: According to a 2009 McAfee Threats Report, distributed denial-of-service attacks have increased all over the world.

“What I’m asking myself is, what is more dangerous? A DDoS attack where there are actually solutions to avoid it, or a silent infiltration by an adversary who is also engineering a malicious program?” Anastassiadis said. “I personally think a silent infiltration will be way more dangerous because No. 1, you don’t know it happens; No. 2, the adversary is in your system and selectively exfiltrating information, or even worse, starting a data manipulation program that will go on for months, in which case you will absolutely not have any confidence in your own data.”

Anastassiadis said this kind of infiltration is launched for the sole purpose of creating financial or competitive gain, or to get a strategic advantage. The attacks can last months before they are detected, he added.

Considering the research and intelligence gathering Cyveillance has conducted recently, Anastassiadis said he believes there is no one sector that is under a greater threat of a cyber attack. While some groups are for monetary gain, others are for strategic information or for policy, he said.

“I believe there is nobody that is immune to this,” Anastassiadis said. “As long as somebody wants something you have they will try to take it. Sometimes, it is way easier than it looks . . .  so basically, if you do own information that other people want to know about, your sector is at great risk.”

As people are the weakest link, it is important to educate everyone concerned with cybersecurity with some sort of sensitivity training, Anastassiadis said.

“I believe we should train every single employee on the risks of cyber,” he said. “I think since everybody is going to use more and more social media, they should get the sensitivity training to understand that also this social media can be a perfect vector for social-engineering schemes.”

While openness of the U.S. government has been touted as the preferred method of operating, transparency can sometimes harm more than help, Anastassiadis noted.

“I see from time to time some social-engineering schemes and I say, how did these guys from Eastern Europe know how the Social Security system works here?” he said. “Do you know how the Social Security works, if it exists, in Belarus or in Armenia, or something like that? I don’t. I’m always impressed on how well they know our system and how well they can gain it.”

You may also be interested in...

GSA Eyes ‘On-Ramp’ Solicitation for OASIS Small Business IDIQ’s Six Subpools

The General Services Administration has announced plans to issue a solicitation as an on-ramp for the six subpools of the One Acquisition Solution for Integrated Services Small Business contract vehicle. GSA’s Federal Acquisition Service said in a presolicitation notice published Friday that it expects to award 30 contracts for subpool 1, 20 contracts for subpool 3 and eight each for subpools 2, 4, 5B and 6 of the OASIS SB indefinite-delivery/indefinite-quantity contract.

SSL to Design Methane Emission Detection Satellite; Richard White Quoted

Maxar TechnologiesSSL subsidiary has received a contract from Environmental Defense Fund to design and define requirements for a small satellite designed to detect and monitor methane emissions from oil and gas facilities worldwide. MethaneSAT is a small form-factor satellite that will work to provide high-resolution images to help detect and measure low- and high-emission sources in regions that constitute more than 80 percent of global production of oil and gas per week, Maxar said Thursday

Booz Allen’s Sarah St. Clair on Lessons Learned From HR Tech Upgrade Project

Sarah St. Clair, vice president responsible for human resource services at Booz Allen Hamilton, told Diginomica in an interview published Tuesday about the company’s experiences and efforts to address challenges associated with upgrading its HR technology system. St. Clair discussed Booz Allen’s move to execute the Workday project to manage recruitment operations and mentioned some of the actions the company made to mitigate negative impacts associated with project implementation.