How do we respond to IT attacks in the current crisis? Three articles on this topic form the focus of it-daily.netThe coronavirus crisis has also led to a surge in cybercriminals . It’s a widespread misconception that hackers always use highly technical methods in cyberattacks. The opposite is usually the case – hackers view employees as the weakest link in the company and seek to manipulate them through social engineering and encourage them to behave in a certain way.
Social engineering has many faces Phishing – Awareness
It ranges from fake phone calls in which the attacker pretends to be a technician, to the often-cited USB drop, in which a USB stick containing malware is deliberately placed in front of the company, triggering the employee’s curiosity and causing them to take a closer look at the USB stick on their company PC.
But the all-time favorite remains the phishing attack. In numbers, this means that 92% of attacks on companies start with a phishing email. According to the BSI, 72% of these emails contain links to phishing sites where information is stolen or malware is downloaded unnoticed. Hackers have the human factor in their sights and are firing on all cylinders, especially during the coronavirus pandemic.
How have phishing attacks changed in recent years? Phishing – Awareness
Phishing attacks have made a significant qualitative leap forward in recent years, outgrowing their infancy. Spelling errors, incorrect grammar, and incorrect salutations have been replaced by deceptively authentic phishing emails, which are much harder to distinguish from legitimate emails both visually and in terms of content.
We’ve seen a clear trend over the past forex database three years, moving away from “more is more” and toward “quality over quantity.” Phishing attackers are also becoming increasingly successful at penetrating technical barriers, partly through technological factors such as polymorphic malware, but also through much more targeted emails. The consequence: employees are increasingly becoming the last line of defense for protecting the company.
What will cyberattacks in companies look like in 10 years?
In the coming years, we will see the strong focus on email fraud gradually diminish, and instead, other channels will increasingly be used for attacks. This includes, in particular, internal communication channels such as Teams and Slack.
We will see the expansion of new technologies, allows for a more accurate assessment such as voice bots that realistically imitate real calls from managers or colleagues.
Or going one step further – “deep fake” videos that are made available to .
A wider audience in order to very successfully manipulate employees with deceptively real videos.
Attacks will become more sophisticated
Targeted, and complex. This will be made possible by a higher degree of automation.
As can already be seen in the “Dynamite phishing” example.
Already today, these attacks demonstrate remarkable quality based on—to put it bluntly.
A few emails” on the infected computer and a twd directory relatively simple program. However, with the possibilities offered by big data and AI.
Alevel of penetration is achieved that can only be mastered with a modern, holistic, and coordinated security concept.
Employees will increasingly become the focus, and awareness training will gain massive importance. Every professional company will have modern awareness training in place across the board. SoSafe will be at the forefront of the fight against cyberattacks.