Following the news that Wiggins and Froome medical records released by ‘Russian hackers’ via spear phishing, IT security experts commented below the best defence against spear phishing and what we can learn from this attack.
Jonathan Sander, VP of Product Strategy at Lieberman Software:
“The sad truth of our time is that if you’re like Wada and have information that is being specifically targeted, then you are fighting a very asymmetrical war. Only state level organizations like the NSA or GCHQ and core Internet infrastructure firms have the resources to go toe to toe with skilled, targeted attacks.
The best thing an organization can do to protect against spear phishing is user education. A user who is simply cautious will out do all the analytics and AI that is on the market. The next best thing an organization can do is mind their admin accounts and privileges. If the user who clicks on the phishing email doesn’t have rights to do anything important on their system or others on the network, then the bad guys who just stole their identity only have a step in the process, not instant victory.
The great thing about digital information is that you can send it anywhere, anytime. But it’s also its greatest risk. Now that the records are out there, there’s pretty much no way to get them back. If they had been protected through some fancy encryption techniques before they were stolen there may be a chance, but the time machine required to accomplish that now is still in the works.
As long as there are different sides to a political spectrum, there will be people on all those points of that spectrum that will think the others are wrong and use everything they can to show that – cybercrime included.”
Michael Patterson, CEO at Plixer:
“Everyone including the famous and the infamous need to be aware that any information they give out that is entered into a computer, could end up public information. The more notoriety a person has, the more their personal information becomes a target. The combined rushed to collect big data, the Internet and the hacking industry have made the world a smaller place when it comes to communications. Nothing is sacred nor is a secret forever.”
Javvad Malik, Security Advocate at AlienVault:
“Traditionally people have regarded hackers as ones that go after financial details or credentials to make quick monetary gain. What the Wada hack reminds us is that no matter the size of organization, or the type of data it holds – someone can find a way to use it for malicious purposes that can have far-reaching consequences. Having sophisticated cyber threat protection, detection, and response controls is no longer a luxury reserved for governments and financial institutes, but a necessity for all companies.”
Robert Page, Lead Penetration Tester at Redscan:
“The targeting of individuals is an increasingly common tactic used by cyber criminals to compromise an organisation’s security. Hackers can spend hours extensively researching their targets to create highly personal email communications that closely imitate genuine sources and are more difficult to discern from blanket phishing attacks.
The nature of spear phishing means that the source of an attack can be tricky to identify. By installing malware on a compromised machine, hackers can masquerade as individuals and attempt to trick colleagues into revealing additional sensitive information. By targeting high privilege users such as network administrators, criminals can quickly gain access to highly sensitive data.
Like all social engineering attacks, incidents of spear phishing can be reduced with proactive 24/7 network monitoring and by improving vigilance amongst staff. A real-world cyber-attack simulation is a highly effective way of highlighting an organisation’s security vulnerabilities and how quickly threats can spread.”
Mark James, Security Specialist at ESET:
“Data breaches come in all shapes and sizes and cause varying degrees of damage, the most common of course is more of your private data (usernames, passwords, DOB, addresses etc.) making its way onto the internet but sometimes data breaches are malicious in a different way, this particular breach involved private medical info about athletes in the US, any breach is of course bad but when it comes to very personal info it can have far reaching effects and sadly once this info is released its out, there’s no changing it or indeed un-reading it, these types of attacks are often instigated through phishing attacks and this one was believed to be a targeted version called Spearphishing, this is particular difficult to combat against as its tailored in such a way to target one or two individuals and designed to fool you with specific amount of information relevant to that person, because of this it has a high success rate and extremely difficult to defend against, you have to be pro-active and treat emails and correspondence with a level of scepticism, these types of attacks are often done extremely well and sometimes it’s only the smallest amount of information that will alert you.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.