The latest report by the Anti-Phishing Working Group’s has found upticks in phishing attacks against companies in the logistics, shipping and cloud storage sectors. Josh Mayfield, Director at FireMon commented below.
Josh Mayfield, Director at FireMon:
“Though it may seem odd to see such different kinds of companies as targets, when you step back and think about it…logistics and cloud storage share an attribute that makes them attractive for cybercriminals – interconnectedness. By pursuing logistics and shipping, the cybercriminal has a gateway to a vast array of organisations linked to those logistics companies. The reason we see more cybercriminality today than 20 years ago is because of the interconnectedness of the world.
Cloud storage has seen a rebirth with more multi-cloud workloads sharing across various organisations and cloud vendors. If you look at it, you can see how cloud storage vendors have the same interconnectivity as logistics – a one-to-many ratio is at play. One cloud storage vendor may serve thousands of organisations, each of which are making calls to the cloud (send and receive) increasing the probability that the cybercriminal can hitch a ride back into the targeted network, separate from the cloud storage provider.
In both logistics and cloud storage, the cybercriminal is perched at the envelope of serendipity, biding their time for the right opportunity to spread to additional targets. They have walked into a buffet of options, enhancing the probability of some success somewhere.
Organisations can prevent these types of cyberattacks with security enforcement and object-oriented policy control. By taking a particular asset and applying security policy to the asset, organisations can thwart the best efforts of a would-be cybercriminal.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.