Secure for the Summer
As we enter the tail end of summer, it’s important to take time to relax. If you haven’t made time for a vacation or at least a long weekend, do so! For Blackpoint staff, this has looked like going camping with family, attending weddings, traveling to new countries, and more. While you’re relaxing and enjoying some slower months at work, it’s important to stay vigilant about your cybersecurity practices while working—whether that’s from your home office or on a trip.
Multiple cyberattacks have hit around the holidays, especially in the spring and summer months. Malicious actors take advantage of relaxed employees, lower staff counts, and IT teams with limited capacity. For example, the Colonial Pipeline was hit leading into Mother’s Day in May of 2021, JBS, the meat processing company, was hit Memorial Day weekend 2021, and Kaseya was hit Fourth of July weekend in 2021. Thankfully, we did not see a repeat attack this July 4th, but we must stay alert.
The fact of the matter is that human errors can lead to security vulnerabilities. To prevent this from impacting your company, let’s review how to combat specific cyber threats this summer.
Social Media’s Role in Cyberattacks
Social media attacks against businesses have grown quickly. Companies are targeted multiple times a day, often by impersonating senior leadership. (You’ll learn more about Angler Phishing below.) In Q1 of 2022, the Anti-Phishing Working Group (APWG) found that impersonation attacks made up for 47% of social media threats, up 27% from Q4 2021. If you’re working remotely this summer, be cautious of what you post on social media. If you’re getting work done out and about, don’t post a photo of the hotel, airport, or coffee shop you’re at. Whatever details you make public—where you are, what you’re doing, who you’re with, etc. can be used by a malicious actor to impersonate or target you. One secure way to enjoy your trip is to not post anything until you’ve returned. That way, you can still share your trip with loved ones without hackers knowing where you are in real time!
Wi-Fi Once You Step Outside of the Office
When you’re away from your home or office networks, it can seem harmless to use whatever free, public Wi-Fi is at hand as you check a quick work email or open a few files. However, public connections are insecure and threat actors can easily join the same connection and perform Man-in-the-Middle attacks (more details ahead). Don’t give actors the chance to infect your connection with malware, eavesdrop on your device activity using special software, or set up a malicious Wi-Fi hotspot that impersonates the legitimate one (learn more about Evil Twin Phishing later).
Lastline, a network detection and response company now a part of VMware, surveyed 1,000 security professionals between May and June of 2019 and found that 68% of security professionals were most worried about employees connecting to insecure public Wi-Fi hotspots. This security vulnerability has only increased with the rise of hybrid and remote work. Your best bet? Simply do not use public Wi-Fi for anything confidential—work, online shopping, mobile banking, etc. If you must have an Internet connection, hop on your personal mobile hotspot protected by a strong password.
What is Phishing?
Another fear for those surveyed by Lastline was that workers would click on phishing emails or interact with spear phishing campaigns. Three years later, phishing attacks continue to be a prevalent attack vector, alongside the rise of ransomware. This type of attack falls under the umbrella of social engineering attacks—when an attack vector impersonates a trustworthy individual and relies heavily on human interaction and manipulation to gain unauthorized access to confidential information. There are many types of social engineering attacks, but this article will do a deep dive into phishing tactics.
Impersonation is a key component of phishing attacks. Phishing attacks employ both social engineering and technical subterfuge to steal consumers’ personal identity data and financial account credentials. Threat actors prey on unwary victims by fooling them into believing they’re working with a trusted, legitimate party. For example, they may pretend to be your boss who is currently on vacation. In the first quarter of 2022, APWG observed 1,025,968 total phishing attacks. This was the worst quarter for phishing observed to date and was the first time the quarterly total exceeded one million. Since early 2020, the number of phishing attacks has more than tripled.
In addition to being cautious of what you post while working remotely, be sure you don’t click on any suspicious links. Always read emails carefully, inspecting the email address it was sent from and hovering over links to view the URLs entirely prior to clicking.
Under the phishing umbrella are many terms, some we have already discussed and some we’ll simply mention. Understanding each one will help you and your employees know what to look out for while working this summer.
Phishing Tactics: At a Glance
- Evil Twin Phishing
- The hacker will set up a false Wi-Fi network that appears legitimate. Once connected, they can steal any sensitive information the user enters.
- Angler Phishing
- These threat actors use fake social media posts to get people to provide login information or download malware.
- Man in the Middle (MiTM) Attacks
- A hacker will position himself in between two parties and try to steal information exchanged between them.
- Email Phishing
- The attacker sends an email that appears legitimate, designed to trick the recipient into entering information via an email response or online via a malicious link. If done, the hacker can steal or sell data.
- Whaling
- A highly targeted phishing attack aimed at senior executives masquerading as a legitimate email. The victim is often encouraged to perform a secondary action, such as initiating a wire transfer of funds.
- Spear Phishing
- When a threat actor pretends to be a trusted party and targets a specific individual in an organization to try to steal their login credentials. Prior to the attack they may gather specific information about their target. They may also try to get money or sensitive material sent their way.
- Water Hole Phishing
- Hacking a commonly used site for a group of users and infecting their computers with the intent to penetrate the network.
- Smishing
- A form of phishing attack that uses mobile phones’ text messages (SMS) as the attack platform. The malicious actor does so with the intent to gain personal information, such as credit card number(s).
- Vishing
- Short for ‘voice phishing’, someone will use fraudulent phone numbers, voice-altering software, text messages, and other phone trickery to get users to divulge sensitive information.
- Geo-Targeted Phishing
- Hackers will target victims based on location, oftentimes with a focus on wealthy countries or locations. They customize their invasion to be believable to the intended audience, using common language or mentioning well-known businesses to the area.
To combat this multitude of attack vectors, companies would be wise to implement user training programs that occur throughout the year, especially during summer months. Phishing exercises help reiterate appropriate user response for your employees when security may not be top of mind for them.
Robust Security for Cloud Workflows
With less endpoint protection and control of the company network through the summer months, extra protection is necessary. When an employee’s guard is down, cloud security incidents could sneak their way in. With Blackpoint Cloud Response, your cloud presence is protected 24/7, regardless of location. Fully managed by our expert SOC analysts, you’ll be protected with immediate response even if one of your employees responds to a phishing email or works off an insecure Wi-Fi connection. While most solutions on the market only alert you to take action, Cloud Response provides a fast and unified response to threats on your behalf. Up your employees’ and customers’ cyber hygiene in the user-friendly Blackpoint portal, where you can fine tune customer notifications, enforce and manage security policies, and edit the list of Approved Countries for specific users.
Learn More About Blackpoint Cyber
If you are interested in learning more about Blackpoint’s streamlined ecosystem powered by our patented technology let’s connect. Trust cybersecurity experts with real-world cyber experience and deep knowledge of hacker tradecraft to protect your network, both on-premises and in the cloud, with excellence 24/7/365. Talk to a Blackpoint rep today to start the conversation about robust cybersecurity.