There are still crucial details we don’t know about the Twitter hack that compromised numerous high-profile accounts earlier this month. Twitter issued a blog post sharing some of the tactics and fallout from the largest security breach in company history. What has been acknowledged is that this was the result of a social engineering attack – the hackers were able to trick Twitter employees into giving them access to key accounts allowing them to access critical internal systems.
The nature of the attack completes a dangerous trifecta that highlights a massive security challenge facing organizations today:
- Social Engineering is getting harder to identify. The FBI recently released its Internet Crime Report in which Donna Gregory, the chief of their Internet Crime Complaint Center (IC3) says “Criminals are getting so sophisticated it is getting harder and harder for victims to spot the red flags and tell real from fake.”
- More Channels, More Problems. While email phishing is a common vector for using Social Engineering tactics, the problem compounds as organizations start using a broad array of cloud-based communication and collaboration technologies including Microsoft Teams, One-Drive, and SharePoint, Google G-Drive, Slack, Box, Dropbox, and Zoom. Each of these channels represents another point of attack for bad guys to exploit employees.
- Working-from-Home (WFH). COVID-19 accelerated the WFH trend that was already actively underway in a broad swath of industries. This recent article from CNN Business that examines the Twitter hack states that “Experts say social engineering may also be easier when people are working from home, where they may be distracted or let their guard down”, citing cybersecurity experts from Georgia State University and the Electronic Frontier Foundation (EFF).
These three trends combine into a dangerous and toxic stew which leaves organizations vulnerable to attack at unprecedented scale. Legacy solutions designed for a world where email was the focus and employees were mainly in office locations are woefully inadequate against sophisticated attacks. Colleagues from across the industry have confidentially shared that their companies have been phished recently, resulting in suffering both reputation and monetary fraud, supply chain issues, Docusign problems, and various other damages.
There are some things that companies can do to protect their users, systems, and data from attack.
- Deploy modern tools to protect the business (don’t wait for incidents to happen). Use AI and machine learning technology to fight against a rapidly changing threat landscape.
- Extend protection and compliance to all digital collaboration channels (Slack, Teams, O365, G Suite, OneDrive, Box, Dropbox)
- Recruit employee volunteers and members of IT staff to help real-time without overloading your SOC
- Upgrade to a modern email security solution as an additional layer to existing Secure Email Gateways (e.g. Proofpoint, Mimecast, Cisco, Symantec, Barracuda)
- Consolidate tools and get best of breeds for file-share, Data Leakage Prevention (DLP), email security and collaboration channels to minimize incidents
Clearedin helps customers with a modern solution for these new and sophisticated attacks. Contact us for a free consultation today.
(Image credit: www.todayville.com)