46

Cybercriminals Utilize Social Engineering Techniques to Obtain

  • Upload
    others

  • View
    1

  • Download
    0

Embed Size (px)

Citation preview

Page 1: Cybercriminals Utilize Social Engineering Techniques to Obtain
Page 2: Cybercriminals Utilize Social Engineering Techniques to Obtain

"Cybercriminals Utilize SocialEngineering Techniques to Obtain Employee Credentials to Conduct

Payroll Diversion.”

Page 3: Cybercriminals Utilize Social Engineering Techniques to Obtain

“Active Phishing Campaign Targeting Student Email Accounts.”

Federal Student Aid has identified a malicious phishing campaign that may lead to potential fraud associated with student refunds and aid distributions.

Page 4: Cybercriminals Utilize Social Engineering Techniques to Obtain

The medical industry is the new No. 1 target for hackers. Almost all U.S. health care organizations have reported at least one cyberattack. (CBSN 2017)

The average impact of a successful spear-phishing attack: $1.6 Million.”2016 FireEye Whitepaper

Page 5: Cybercriminals Utilize Social Engineering Techniques to Obtain
Page 6: Cybercriminals Utilize Social Engineering Techniques to Obtain

"All the screens were black, all the computer screens were turned off," said Dr. Jennifer Pugh. "Everything we had normally used was essentially unplugged."

Pugh runs the medical center's emergency room. She was on duty the morning hackers sent a ransomware message demanding $44,000 in the cyber currency bitcoin to unlock hospital data being held hostage.

They went back to pen and paper for six weeks until the systems were back online.” © 2017 CBS Interactive Inc. All Rights Reserved.

Page 7: Cybercriminals Utilize Social Engineering Techniques to Obtain

Southwest Washington Regional Surgery Center notifies 2.3K patients after phishing attackVancouver-based Southwest Washington Regional Surgery Center informed 2,393 patients Nov. 6 about an email phishing attack that compromised their protected health information.

Page 8: Cybercriminals Utilize Social Engineering Techniques to Obtain

What is IT doing about this threat?

Page 9: Cybercriminals Utilize Social Engineering Techniques to Obtain

DMZ Internal vLANs

File Shares

DatabasesWeb Servers

App and Email Servers

PCs / Printers

InternetInternet

O365?

Page 10: Cybercriminals Utilize Social Engineering Techniques to Obtain

Proofpoint Email Targeted Attack Protection Filtering malicious attachments before delivery Rewriting URLs and filtering malicious sites Identifying clicks on malicious URLs

Multiple anti-virus scanning points (email, gateway, desktop)Network Intrusion Detection monitoring(24x7x365)

Page 11: Cybercriminals Utilize Social Engineering Techniques to Obtain

Email Security Gateway Filtering(July – September 2018)

Inbound EmailProofpoint Protection

ReputationClassifiers

Proofpoint TAPAttachment URL

Defense Defense

Company Inbox

• TAP Feed• Reputation

• TAP Feed• Signature based• Phish, AV, Spam

• Attachment detonation

48MEmails

37.6MEmails

Blocked

Known Threats Targeted Threats

.7MEmails

Blocked

• URL predictive

12,297ThreatsBlocked

14,701ThreatsBlocked 9.8M

Emails Delivered

Page 12: Cybercriminals Utilize Social Engineering Techniques to Obtain

Proofpoint Targeted Attack Protection Effectiveness • 93% effective (blocking 17,336 out of a total

of18,597 malicious emails in a one month period)• 1,261 malicious emails are still reaching user

mailboxes every month and present a risk of compromise based upon the user’s awareness of the specific threat and safe email practices

Page 13: Cybercriminals Utilize Social Engineering Techniques to Obtain

Phishing is the #1 attack method in 91% of cyber-attacks world-wide.

Page 14: Cybercriminals Utilize Social Engineering Techniques to Obtain

“Amateurs Hack Computers. Professionals Hack Humans.”

---Microsoft’s Guide to Defending Against Social Engineering Attacks

Page 15: Cybercriminals Utilize Social Engineering Techniques to Obtain

Phishing is a type of social engineering attack in which the attacker constructs an email message that lures the recipient of the message into performing an action. …

that action could be clicking on a URL, opening an attachment, responding with personally identifiable information such as a User-ID and Password.

Page 16: Cybercriminals Utilize Social Engineering Techniques to Obtain

“84% of organizations said a spear-phishing attack successfully penetrated their organization. ---2016 FireEye Whitepaper

“95% of all Security incidents involve human error.”

Page 17: Cybercriminals Utilize Social Engineering Techniques to Obtain

“Humans can be either the strongest or weakest defense against threats.”

The combination of high popularity and ease of attack generates significant risks to the University as employees and students are fooled by phishing emails and expose confidential information to theft and internal systems to compromise. (Gartner)

Page 18: Cybercriminals Utilize Social Engineering Techniques to Obtain

• Are you a Very Attacked Person (VAP)?• Have you received a large number of phishing

emails?• Access to PHI or Personally Identifiable Information?• Use risky devices or cloud services?• Top 10 Recipient of malicious messages?• Top 10 Clickers?

Page 19: Cybercriminals Utilize Social Engineering Techniques to Obtain

Are you a one of the Top 20 Credential Phished Persons?

Page 20: Cybercriminals Utilize Social Engineering Techniques to Obtain

What is your personal risk score?

Page 21: Cybercriminals Utilize Social Engineering Techniques to Obtain

How can you lower your personal risk score?

• Complete security awareness training assignments• Watch out for red flags in phishing emails and

become a human firewall• The lower your Phish-prone Percentage, the lower

your Personal Risk Score will be.

Page 22: Cybercriminals Utilize Social Engineering Techniques to Obtain
Page 23: Cybercriminals Utilize Social Engineering Techniques to Obtain

Subject: Secure your mailboxDate: August 21, 2016

OUHSC email Admin has detected unusual activity related to your account and will be temporarily disabled if you don’t Re-Activate and add more space. CLICK HERE to login and re-activate.

SignedAdminInternet Network 2016

Page 24: Cybercriminals Utilize Social Engineering Techniques to Obtain
Page 25: Cybercriminals Utilize Social Engineering Techniques to Obtain
Page 26: Cybercriminals Utilize Social Engineering Techniques to Obtain
Page 27: Cybercriminals Utilize Social Engineering Techniques to Obtain
Page 28: Cybercriminals Utilize Social Engineering Techniques to Obtain

Tips for Identifying a Phish

Page 29: Cybercriminals Utilize Social Engineering Techniques to Obtain
Page 30: Cybercriminals Utilize Social Engineering Techniques to Obtain

Subject: OU University Who's Who (2016 Edition) - You are included

Good morning.

We're writing to let you know that you received Honorable Mention in yesterday’s article titled "Who's Who in Academia" by Joseph Bozanek.

The article will remain available at www.newsdigest.co for the next few hours and is also available to download in PDF format.

Wishing you the best of continued success,

Mark Geierman, Ph.D.Editor, News Digest International

Page 31: Cybercriminals Utilize Social Engineering Techniques to Obtain

Subject: Fed Ex Delivery Notification

Unfortunately we were not able to deliver postal package you sent on December the 14 in time because the recipient's address is not correct. Please print out the invoice copy attached and collect the package at our office.

Your FEDEX

www.fedex.com

Page 32: Cybercriminals Utilize Social Engineering Techniques to Obtain

Malicious software (Malware) payloads usually hide in an attachment to a phishing message

• purporting to be from a business copier like Xerox that is delivering a PDF

• from a major delivery service like UPS or FedEx offering tracking information

• or from an OUHSC user who has a compromised account

Page 33: Cybercriminals Utilize Social Engineering Techniques to Obtain

• Back up your data regularly• Keep you data on a server in the campus

data center.• Do not download attachments from

someone you don’t know or if you weren’t expecting the file. Call the sender to make sure it’s legitimate.

Page 34: Cybercriminals Utilize Social Engineering Techniques to Obtain

• Any email that requires “immediate action”• Emails addressed to “Dear customer”• Grammar or spelling mistakes• Attachments you didn’t request

Page 35: Cybercriminals Utilize Social Engineering Techniques to Obtain

• Don’t click on links or fill out forms• Don’t believe everything you read• Visit the web page directly in your browser• Never provide personal information• Only open attachments you’re expecting

Page 36: Cybercriminals Utilize Social Engineering Techniques to Obtain

Proofpoint has reported that you have clicked on a link in an email that leads to a site that has been identified as a Phishing site. Your OUHSC account password will need to be reset.

Page 37: Cybercriminals Utilize Social Engineering Techniques to Obtain

If it's suspicious, don't open it!

Page 38: Cybercriminals Utilize Social Engineering Techniques to Obtain
Page 39: Cybercriminals Utilize Social Engineering Techniques to Obtain

If you see something, say something!

Report suspected phishing emails to IT.

Use the Phish Alert Button in Outlook.

Page 40: Cybercriminals Utilize Social Engineering Techniques to Obtain

Incidents are reported to:• Tier 1 or Computer Support Personnel or

Supervisor• IT Service Desk• IT Security• Office of Compliance (PHI incidents)

Page 41: Cybercriminals Utilize Social Engineering Techniques to Obtain

IT Information Security• [email protected]• 271-2476

IT Service Desk• [email protected]• 271-2203

Page 42: Cybercriminals Utilize Social Engineering Techniques to Obtain

• Comprehensive Training Education and Awareness (TEA) plan for all users that provides more TEA opportunities

• Implement Duo Two-factor authentication on the remaining enterprise applications

Page 43: Cybercriminals Utilize Social Engineering Techniques to Obtain

Untrained users have a phish-prone percentage of 75%

Trained users have a phish-prone percentage of 25%

Page 44: Cybercriminals Utilize Social Engineering Techniques to Obtain

• Share this information with your students• Encourage them to complete the security

awareness courses• Ask me to come speak to your class• ?

• ?

Page 45: Cybercriminals Utilize Social Engineering Techniques to Obtain
Page 46: Cybercriminals Utilize Social Engineering Techniques to Obtain