80% of breaches result from human error. Proper
training prepares employees to avoid
traps
Phishing campaigns target your employees with emails to entice clicking on a malicious link. Once the link is clicked on, malware can be deployed and the attack can begin. Oftentimes, the initial phases of attack are stealth -- hackers are gathering information on your network and devices. Once a sufficient amount of information is collected, your data can be stolen or your networks can be held hostage via ransomware.
Another new method of attack is vishing or “voice phishing”. A vishing campaign will attempt to gather key information (for example, default login credentials, or network device information) through employees via a phone call. On the call, hackers will spoof your employees as company insiders or vendors, then collect sensitive information needed to later gain access to your network and launch an attack.
Because cyberattacks are a recent phenomenon, many employees lack proper education to understand the dangers of phishing and vishing. Even as attacks become more top of mind with large, publicized breaches covered in the news, employees that want to protect themselves may be uncertain as to what steps to take. Meanwhile, stakeholders may want to educate employees on how not to fall victim to attacks, but be unsure of how to train their employees and how to measurably track their progress.
Omega’s Security Awareness Training will train your employees to identify and protect themselves from cyberattacks through customized phishing and vishing campaigns. Through a centralized dashboard, you’ll see real time progress of individual employees, and your organization as a whole. Over time, the simulated training attacks become increasingly sophisticated. Employees who pass these attacks progress to the next level, and those who fail are given additional training and remediation until passing. The result is not only an increase in employee knowledge but also a quantifiable change in behavior. Staff become well-informed, well-trained individuals who are wise to the signs of attack.
Email is the cornerstone of business communication, but many are unaware it is built on an old foundation. At the time the original email messaging protocols were created 40 years ago, security and surveillance were not concerns. By default, common protocols such as SMTP, POP3, and IMAP were built to operate without encryption. More recently, Secure Socket Layer (SSL) connections have improved on these protocols; however, SSL connections only encrypt messages between your email provider. Once your message goes beyond your ISP provider’s email server, it will be delivered to several intermediate servers before reaching your recipient’s server. Unfortunately, it is impossible to control whether or not those upstream servers maintain encryption. Protocols like SMTP use a “store-and-forward” design which means anyone with access to those servers could access your sensitive data.
As the surveillance technologies malignant actors use have become more sophisticated, adding layers of encryption to protect your messages from prying eyes has become essential. Failure to implement encryption means that malignant actors can steal sensitive data. Whether it is violating your customers’ trust, or stealing trade secrets to your business, a failure to incorporate encryption will leave your communication exposed to malignant actors. Depending on your industry, there may be repercussions from a compliance standpoint. Standards such as HIPPA, PCI, and GDPR outline specific guidelines for email encryption, as well as penalties for a lack of adherence.
The good news is that advances in email encryption have made protecting your message data easier than ever. At a bare minimum, the right email encryption tool should encrypt messages from when you click “send” until hitting your intended recipient. An ideal tool will also scan your message data and attachments based on compliance requirements, and notify you or offer remediation steps if a message deviates from established standards. Moreover, an ideal email encryption service should be easy to use; your employees should not have to sacrifice productivity for safety. Many providers can not only encrypt your message data, but also ensure it adheres to particular compliance requirements.
In the same way that links in phishing emails can be malignant, so too can websites. Certain websites auto-download executables or deploy malware once visited. It is crucial to put in place guardrails that prevent employees from navigating to these websites on company assets. Web Content Filtering uses several strategies to block access to malignant sites.
At its most basic level, content filtering works by matching strings of characters to a predefined “blacklist”. If the strings of characters on a particular website match the strings of characters on the predefined “blacklist”, the website is blocked. You can work with your network administrator to create a custom blacklist of malicious strings, or download a list from a database online(?). In addition to strings of characters, URLs can be blocked based of their names–these sites could be known-malicious sites, or simply websites that distract employees from work.
At a more sophisticated level, sites can be blacklisted at the DNS level based on certain IP addresses. For example, for URLs where the source IP address or domain is in certain countries (e.g., Russia, Iran, or China), access could be blocked. More specifically, databases exist of IP addresses associated with phishing, malware, botnets, and other high risk categories. These spoof pages may redirect from a legitimate site and look like a legitimate site, but are actually malignant. Protection at the DNS level creates a DNS sinkhole or “blackhole” that redirects queries from these malignant sites, sending them to a sinkhole or “blackhole”. Thus, your employees are prevented from navigating to the malicious site.
More generally, access to IP addresses to any location that is not business-critical could be blocked. Companies can block access to sites that aren’t necessarily malicious, but that do distract employees from work. Time spent on particular websites can be tracked, and only websites that are necessary to complete their job will be accessible.
At a more sophisticated level, sites can be blacklisted at the DNS level based on certain IP addresses. For example, for URLs where the source IP address or domain is in certain countries (e.g., Russia, Iran, or China), access could be blocked. More specifically, databases exist of IP addresses associated with phishing, malware, botnets, and other high risk categories. These spoof pages may redirect from a legitimate site and look like a legitimate site, but are actually malignant. Protection at the DNS level creates a DNS sinkhole or “blackhole” that redirects queries from these malignant sites, sending them to a sinkhole or “blackhole”. Thus, your employees are prevented from navigating to the malicious site.
More generally, access to IP addresses to any location that is not business-critical could be blocked. Companies can block access to sites that aren’t necessarily malicious, but that do distract employees from work. Time spent on particular websites can be tracked, and only websites that are necessary to complete their job will be accessible.