The malicious actors who targeted Marks & Spencer (M&S) and the Co-op tricked IT workers to gain a foothold into their organizations’ systems, according to a new report from Reuters.
The social engineering attack on the Co-op enabled attackers to reset a member of staff’s password before breaching the network. A similar tactic was used against M&S.
In the wake of these incidents, the NCSC (the government agency responsible for cyber security) has issued guidance to organizations urging them to review their IT help desk “password reset processes” to limit their chances of suffering a breach.
Continually Validate Risk Exposure
“This incident shows that organizations must not only authenticate users but also continuously validate their risk posture and behavior throughout their digital journey,” comments Piyush Pandey, CEO at Pathlock.
“In such cases, even if attackers gain unauthorized access to the corporate network through sophisticated social engineering techniques, their malicious activity can be detected and stopped early. Combining behavioral analytics with centralized access governance ensures that only the right people, not just the “right credentials, ” can access critical systems.”
Create an Enterprise Threat Model
Aditi Gupta, Senior Manager, Professional Services Consulting at Black Duck, says social engineering skills and the use of AI to impersonate employees, is a common tactic utilized by many threat actors that is becoming increasingly familiar.
“One security strategy to combat this is for organizations to create a threat model for their enterprise,” she adds. “It is important to identify the surface area and exposure of the organization to threat actors. This can apply to applications, the network and most importantly, customer facing employees such as the helpdesk. Securing the perimeter of an organization needs to include a tailored strategy for each entry point.”
Information Security Buzz News Editor
Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.