Stephen Fowler, Director of Technologies
Stephen writes about the importance of social engineering training. If you would like to talk about your own cyber security needs, please email him at email@example.com.
Engage with our experts at OmniCyber Security and with our partners Proofpoint and CybSafe to advise on how to educate and protect your employees, your business and your customers.
When it comes to social engineering attacks like phishing and pretexting, deepfake romance isn’t an imminent threat or concern for businesses, and AI isn’t an efficient tool for attackers. Essentially, via basic social engineering, people will reveal passwords and sensitive information if you ask them nicely.
Britain’s data watchdog has recently issued a construction business with a potential £4.4 million fine after a successful phishing attack exposed the personal data of up to 113,000 employees.
In a typical approach, one employee forwarded an email containing the hidden payload to a colleague who then opened it, and downloaded the content, allowing the malware to do its work.
The attack compromised 283 systems and gained credentials to 16 accounts. Once inside, it uninstalled their endpoint software and could have then led to access to the remaining account list, containing personal data from both current and former employees.
The Information Commissioner’s Office said the company in question failed to exercise good security hygiene and missed alerts amongst other failures, so it was deemed to have broken data protection laws.
It is worth highlighting, the EDR in use quarantined the malware and dispatched an alert, but the company failed to thoroughly investigate the suspicious activity. If they had done so, they could have discovered the threat actor who had obtained access to these systems.
Fundamentally, the data regulator found a litany of errors, obviously beginning with not responding to the initial alert of suspicious activity.
Using outdated software systems and protocols, combined with a lack of suitable training for staff and insufficient risk assessments, leaves us all vulnerable to attackers. In this case within a supply chain, they put their customers and their customers’ customers (and so on) at risk.
For more information on the expert advice and training we provide at OmniCyber Security, contact our team today.