The Human Factor report from Proofpoint shows that almost all cyber-attacks, at some stage, involve the exploitation of human error in the form of social engineering.
What Are Social Engineering Attacks?
Social engineering attacks involve the manipulation and deception of people into performing actions such as transferring money to criminal accounts or divulging confidential information.
What Kind of Attacks?
The Proofpoint Human Factor report makes the point that as many as 99% of cyber-attacks now involve social engineering through cloud applications, email or social media. Social engineering attacks can also involve cybercriminals making phone calls to key persons in an organisation.
Easier and More Profitable
These attacks are designed to enable a macro, or trick people into opening a malicious file or follow a malicious link through human error, rather than the cyber attacker having to face the considerable and time-consuming challenge of trying to hack into the (often well-defended) systems and infrastructure of enterprises and other organisations. Social engineering attacks are, therefore, easier, less costly, more profitable, and more likely to be successful than having to create an exploit to try and gain access to company systems.
Targets – “Very Attacked People”
Cybercriminals are looking for money and valuable data and information. The Proofpoint report, which was based on 18 months of data analysis collated from across the company’s global customer base, highlights the fact that the gatekeepers of money and data in target organisations become the “very attacked people” (VAP) i.e. the most often approached targets. These VAPs are often identified by attackers using information from sources such as corporate websites, social media, trade publications, and search engines.
Patterns & Routines
The report also revealed how attacks involving email messages can be made to mimic standard business routines and legitimate email traffic patterns e.g. downtime at weekends and spikes on Mondays. Also, malware tends to be evenly distributed over the first three days of the working week, and attacks in the Middle East and Europe appear to be more likely to succeed after lunch.
What Does This Mean For Your Business?
The fact that many businesses and organisations are taking cyber defence seriously and have improved their system defences means that cybercriminals are moving into social engineering attacks.
Businesses and organisations can protect themselves against such attacks through staff training (particularly for guardians of funds and data), keeping anti-virus and online filtering up to date, using encryption e.g. VPNs for certain employees, having clear policies and procedures in place with built-in verification and authorisation for money and data requests, and being careful about publicly-visible employee information that could be used to target key staff members.