Security, Security, Security

Security, Security, Security
September 18, 2019 Comments Off on Security, Security, Security News Fred Dickey

The old saying used to be location, location, location when it came to running a business, and that’s probably still true to a degree for physical location of retail spots. However, security is front and center in the cyber landscape.

Last week I attended a live webinar and then watched a recording for another webinar that was scheduled in direct conflict with the first webinar that I attended. The first webinar was presented by Datto and had representatives from several large players in the security world. The second webinar was hosted by WatchGuard. Both webinars had a similar focus on the current cyber security trends.

There were a lot of facts tossed around like “99% of email-based financial fraud relied on human clicks rather than automated exploits to install malware”, making end users one of the greatest threats when it comes to cyber security.

I also learned a new terminology, whaling. Whaling is a specific form of spear phishing were the emails are targeting the CEO and various other executive officers of an organization. This means the attackers have already committed extensive studies into how the organization operates, collected proprietary data from the organization and already know enough about it’s executive officers to make a convincing manipulation in the favor of the attackers.

There was an incident recently where a company lost approximately $240,000 from being tricked into believing that they were talking to their CEO. This happened outside the scope of emails. A malicious group had written an Artificial Intelligent program that mimicked their CEO’s voice to accomplish this. Not sure if the conversation took place via phone, Facebook Messenger or snap chat but the AI was able to convince staff that they were talking to their boss when they were not. They were convinced to the tune of over a couple hundred thousand dollars. Always authenticate who you think you are talking to before committing actions that you can’t undo later. Social engineering has reached new heights in sophistication.

The cyber threat landscape has been evolving into ever more sophisticated attack vectors. It is only through a multi-layered defense plan that an organization can weather such attacks. Such a muti-layered defense plan should include written policies, effective hardware and software layers as well as an organizational wide commitment to end user awareness and education.

Share this:
About The Author
Fred Dickey Fred is the owner and founder of Fast Assist. Fred attended college at the University of Tennessee in Knoxville, majoring in Computer Science, after graduating High School in 1990. Being originally from Nashville TN, Fred boasts over 20 years of professional IT experience, having owned his own IT Support company from 1995 to 2006 when he lived in Knoxville TN. Fred has also worked on the IT Corporate Help Desk of a major Federal contractor from 2008 to 2011 and has experience with ITIL and Enterprise level application and infrastructure support. He has worked for several small IT Support companies between then and now before launching Fast Assist on October 2017.