Steve Fisher, Director of IT
In the world of IT, our current largest concerns are security compromises in the form of Phishing email attacks. It is reported that over 76% of companies were compromised in 2018, most of those through phishing and the use of malicious links or documents. Concerns range from taking over machines as bots to help the attacker infect others, to a full-blown internal takeover.
Most of this activity is easily recognized as the attacker has improper grammar, the ‘from’ address is unusual and the message or request is usually off – but, they’re getting better! Some emails come with a spoofed address using a seemingly real email address of an internal employee.
In some instances, the actors are no longer smart lonely guys living in a basement somewhere but are in an office with other like-minded individuals who pool their resources making them a more potent threat. These groups are likely state sponsored and well-funded and are of particular concern.
Security compromise concerns also vary according to the company type and whether they hold sensitive information, or perhaps control electrical or utility infrastructure. We know that utilities are high targets, as this can have a large effect on a large amount of people, but mostly these bad guys are just looking for a way to make money by stealing bank or credit card information.
So how do we protect against these types of attacks in an ever-changing landscape with state sponsored groups pooling their resources together?
A company can easily spend a lot of capital on tools and software that can help to detect and thwart attacks, and there must be a balance between what the impact of a compromise will mean for the individual company. If there is community infrastructure involved, then we expect a higher expenditure on protective software than we would for a grocery store. Tools range from DNS redirects and AI/Machine Learning to analyze and block threats to end-point software on the user devices that will block based on known threats.
However, the best protection is education for the end user! As they are the gateway to these attacks, teaching them to recognize, block, report and to NOT CLICK ON ANYTHING SUSPICIOUS can save a company from being compromised. Treat them as your front-line resources so you can rely on their eyes, knowledge and instinct to protect you. Partner with them to raise awareness and let them know it’s ok to ask IT for a second set of eyes. In relation to employing state-of-the-art AI technology, this has a lower cost and a greater return!
Stay safe out there!