4
THE OPEN SOURCE CYBERSECURITY PLAYBOOK
TM
Phishing
What it is:
Any attempt to compromise a system and/or steal information by tricking a user into
responding to a malicious message. The most common phishing attacks involve emails
armed with malware hidden in attachments or links to infected websites, although
phishing can be conducted via other methods such as voicemail, text messages, and
social media, too.
What makes protection a challenge:
For one thing, employees are already in the habit of clicking things because that’s how you
interact with modern computers. For another, phishing emails are much more sophisticated
than they used to be. Scammers can take over legitimate email accounts or spoof their
email addresses to make it look like messages are coming from someone employees trust.
Once a victim is tricked and becomes compromised, the attacker now has their access
credentials. They can reach all the same servers, log into the same web applications, and
download the same les as if they were that employee. The challenge with protecting
against this is you need to limit what servers employees can access or how they can
access them. There are times that may run counter to what they need to do their jobs.
Additionally, even if you train employees to be on the lookout for suspicious emails, some
phishing attacks can be extremely targeted and look just like any other email from a
trusted source who is being impersonated. The most convincing examples of these
“spear phishing attacks” don’t provide any red flags until it’s too late.
Social Engineering
What it is:
There are two ways to steal anything — you either take it yourself or you get someone else
to give it to you. Social engineering is a broad umbrella term for any tactics designed to
exploit and manipulate trust, so the victim hands the attacker what they want — access to
information, accounts, or computers inside a secured area. Think fake customer service
calls designed to reset passwords or a criminal spoong your CEO’s email address and
asking someone in nance to send an urgent wire transfer — a type of scam referred to
as a business email compromise (BEC).
What makes protection a challenge:
Everyone — repeat, everyone — can be conned, defrauded, fooled, or manipulated. Being
vulnerable can sometimes come down to a lack of training or experience, but more often
it can simply come down to distraction and mental fatigue.
Since this attack targets people directly there’s very little that technical safeguards can
do, especially if the action isn’t outside the employee’s typical responsibilities or usual
behavior — like resetting a password for a desperate user (a typical tech support con).
PART 1: SCOUTING REPORTS
我的内容管理
收起
我的收益 登录查看自己的收益
我的积分
登录查看自己的积分
我的C币
登录后查看C币余额
我的收藏 
我的下载 
下载帮助 
评论0