1 May 2016

Spear-phishing: A problem on the rise


April 27, 2016 

Each and every day we are seeing newly planned cyberattacks, though perpetrators are giving old threats a new twist. These attacks combine real-world contact to gather, update or confirm information about their target.

I am sure most readers are aware of a type of spear-phishing referred to as whaling, which is when cyberattackers target company executives or those in C-suites. These older techniques have recently increased in usage — up 55 percent from last year — and involve phone calls that attempt to complete an individual’s stolen profile. Once the call is completed, carefully constructed emails are sent that contain malicious links or attachments to all of those that have been investigated, profiled and targeted.

Some cybersecurity experts have expressed concerns that the information gathering may be the precursor to a wave of ransomware attacks. Some attacks are even designed to leverage smartphones to infect their targets.

The FBI recently warned defense contractors about cyber threats, but all organizations should immediately alert their executives, administrative staff and others to phishing and whaling threats. This is particularly needed in the critical infrastructure, military, defense and aerospace industries given the sensitive information that is routinely handled by their executives, as well as most of their other employees.

No comments: