With the growing range of security threats and data breaches, protecting your business has never been more important. As cyber threats become more sophisticated, we discuss the recent rise in spear phishing attacks.
Phishing is a type of email fraud used to obtain sensitive information from a mass audience. Spear phishing is a more targeted attack, focusing on individuals within specific organisations. By reviewing social media sites and other resources, cyber criminals develop detailed profiles which are used to personalize emails or impersonate users close to the target, making them look authentic and more difficult to identify.
The highly targeted nature of spear phishing attacks means they are designed to bypass traditional security defences. When combined with strong familiarity, the success rates are high. Once a link is clicked or an attachment opened, the hacker is able to compromise systems and execute malicious software.
The costs of spear phishing
Spear phishing attacks can affect all companies regardless of size. You may think that small businesses are less attractive targets but this is not the case. Recently, smaller businesses have been viewed as the 'soft underbelly' for penetrating larger businesses within their supply chain. In 2013, 31% of all cyber attacks were on SMEs.
Everyone is a valuable target. If you have access to personal or corporate account details, strategic information or client data, you could be an attractive target. The costs to your business could be substantial, as follows:
- Theft and exposure of your clients' data leading to client dissatisfaction and potential legal action
- Theft and exposure of your valuable data and intellectual property leading to loss of competitive advantage
- Malicious activity or sabotage of your systems or data
- Subsequent spear-phishing attacks on clients or suppliers leading to reputational damage
- Loss of money through compromised financial details
- Recovery costs to clean your network after an attack
What can your business do?
Businesses have an important role to play in minimising the risks posed by spear phishing attacks. Striking the right balance between educational awareness and technical security controls is key.
Staff should be made aware of the threats of spear phishing and prior to opening any attachment or link, should consider the following:
- Who sent the email and can it be verified?
- Is the style of writing consistent with the sender?
- Is the request out of the ordinary?
- Have colleagues received a similar email?
Educational awareness should be supported with appropriate security controls. Boundary defences such as firewalls and proxies should be in place, patch updates undertaken regularly and administrator privileges restricted.
These controls help to protect your systems from spam and phishing attacks, but alone cannot be relied upon to block spear phishing attacks. Designed to bypass standard email security gateways, spear phishing emails often have embedded URLs which are initially inactive and therefore clean when scanned. Once security checks are passed, the phishing web content is activated.
Dedicated spear phishing security software does exist, such as that by Mimecast. Targeted Threat Protection re-writes all URLs embedded in emails and scans the destination website every time a link is clicked on, giving you real time protection and reducing the risk associated with legitimate sites being compromised at a later date.
Raising awareness amongst your staff is the first step in protecting your business against spear phishing. The next step is ensuring you have the correct levels of security protection to prevent attacks from penetrating your systems.
This is an area which is constantly evolving and on which your IT support provider should be able to advise. For more information on spear phishing or to discuss your security concerns, simply get in touch.