The recent data exposure suffered at LinkedIn is a timely reminder for executives to think about the impact of spear-phishing attacks. Here’s a list of the top five ways executives can prevent a spear-phishing attack.
In a recent interview with cybersecurity expert Justin Cannon, he shared about the implications of the LinkedIn data breach, and gave specific, actionable items that any organization can use to prevent becoming a spear-phishing victim.
The LinkedIn data breached affected over 700 million users, so there’s a high chance that anyone with a LinkedIn account was a part of the breach. Attackers likely caused the breach with malicious use of the official LinkedIn API. This API access allowed the attacker to download the user records. Why LinkedIn didn’t have safeguards to prevent data abuse is currently unknown.
The nefarious actors accessed legitimate PII contact details, including phone numbers, addresses, and full names. They were also able to extract linked social media handles, gender, and professional experience. All this data is currently available for sale on black market Tor sites.
A spear-phishing attack is an attempt by a social engineering hacker to access sensitive information by crafting email attacks targeted at individuals at vulnerable companies. These criminals will use the PII (personally identifiable information) and other data points to make the emails seem legitimate. Any cybercriminal that purchases this data will likely use it to perpetrate spear phishing attacks.
According to Justin Cannon, the number one way to prevent spear phishing attacks is by instituting regular cybersecurity awareness training seminars for all employees. He recommends formal training monthly along with regular testing of that training. The key to a successful training system is positive reinforcement for employees who successfully avoid the spear-phishing attack tests. Employees that know what to look out for are significantly less likely to become the victims of a spear-phishing attack.
The second-best thing that executives can do to help prevent spear phishing attacks in their organization is to employ email filtering software. Several solution providers offer products that will help prevent malicious emails from ever hitting your employee’s inbox. Email filtering software is not a catch-all solution as any good hacker will work hard to circumvent these systems, but it works well as a single part of the total solution.
Mr. Cannon also recommended implementing a quality Next-Gen firewall that will go above and beyond a traditional firewall. A Next-Gen firewall includes additional security features such as protection at the application layer and IPS (Intrusion Prevention System), which can help defend your corporate IT infrastructure against spear-phishing attacks if adequately deployed.
In addition, all companies should integrate a DLP solution into their corporate networks. A DLP, aka Data Loss Prevention system, will stop the exfiltration of sensitive data by employees targeted by spear-phishing attacks. A DLP solution is good practice under all circumstances, but it will be instrumental in preventing employees from inadvertently sending corporate data to outside attackers.
Lastly, a quality logging and analysis program should be created and used in conjunction with a SIEM solution. Constant logging and active monitoring can help catch a spear-phishing attack before it causes any significant harm. It is crucial to have well-trained analysts pouring over the logs all the time. In fact, Mr. Cannon recommended that all CIO’s instruct their analysts to be on the lookout specifically for spear phishing attacks as they are likely to increase in the near future.
The above recommendations are a good start but may not be sufficient depending on the needs of each organization. As cybersecurity threats continue to increase, so will the need to combat them aggressively. Organizations that do not currently have a CISO role, should budget for one and add the role to the org chart as rapidly as possible.