Page 21 - Cyber Warnings
P. 21
When we create protection systems that are intelligent, can analyze behavior and can
learn without being spoon-fed, systems that do not just compare results against a list, we
create platforms that are more resilient.
Startups such as Crowdsrike lead the frontlines of signature-less detections, or as they
call it detecting Indicators of Attack.
However, the gorillas in the endpoint protection room are starting to catch up with the
likes of Symantec and Sophos now advertising that their agents are moving away from
signature-based protection. 2017 will be the nail in the coffin for the legacy signature-
based approach to attack detection.
II. Inventive phishing campaigns will continue to enable bad actors to find their "easy catch"
and entry point into systems.
Attackers will always go for the easiest method to penetrate an enterprise. In the past, it
was the network level that saw the most success. Exploiting the hubris of security
engineers that stood with their back to the world and said confidently, “No one is getting
past these systems I built, becauseI built them, and I know everything.”
Eventually, breaches tamed the egos, networks were secured, the endpoints somewhat
hardened, and working their way through edge systems up to the host level turned into a
chore. Attackers modulated their approach and sought to find the next best vehicle into
your systems. Turns it out your end-users are the top of the line hybrid compact sedan.
Social engineering campaigns aimed at getting end-users to open up their systems to
attackers are wildly successful. We live in a fast transaction world. Every busy little
brain is clicking on everything in front of them. No one has the time to stop and think, “Is
this a legitimate communication?”.
Why bother with that when we can just open all the attachments! I haven’t seen this cat-
video.exe before!
From 2015 and 2016 various industry reports such as Verizon’s DBIR and others, have
shown that users still have much learning to do.
Organizations need to take their Security Awareness Training programs seriously, and
we are far from the point where our user-base can act as intelligent sensors that will
respond appropriately when targeted by phishing campaigns.
While we are still catching up, attackers are getting inventive. There is a rise in “angler
phishing” where bad actors are delivering social engineering traps via social media to
21 Cyber Warnings E-Magazine February 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
