On April 20, 2011, Computer World’s Jaikumar Vijayan reported on the increasing threat of spear-phishing to the enterprise.
The report relates the compromise of Oak Ridge National Laboratory. Oak Ridge National Laboratory was forced to shut down its email systems and all Internet access for employees on April 15, 2001, following a sophisticated spear-phishing cyberattack.
The Oak Ridge National Laboratory is just one of a series of recent compromises that started with spear-phishing email. Vijayan reports that the spear-phishing attacks are becoming more sophisticated. For example, the bad guys are using social networking sites to collect personal information to customize the emails for the intended victim.
Increasingly, organized cybergroups have started using convincingly crafted emails to target high level executives and employees within the organizations they want to attack. In many cases, the phishing emails are personalized, localized and designed to appear like they originated from a source trusted.
Vijayan cites Anup Ghosh, founder of security firm Invincea. Ghosh observed that almost all of the recently publicized cyber-attacks have been perpetrated using phishing emails. Ghosh said, “All you need to do is to get an email to a target. You only need a very low click through rate to establish several points of presence inside an organization. If you have 1,000 employees in your organization and you train them all on not opening untrusted attachments, you’ll still have someone doing it. This is not a problem you can train yourself out of.”
If traditional security methods can’t detect and stop low volume, highly targeted spear-phishing email and training isn’t effective, what can be done to defend the enterprise against spear-phishing? The enterprise can adopt a tool that identifies trusted email so that the target of the spear-phishing attack can distinguish real email from fake email. That tool is SP Guard from Iconix.
SP-Guard provides the recipient with three confirmations that a message is real:
- List View. There is an integrity indicator in the list view of the email client.
- Message. The open message has a further indicator of authenticity.
- Mouseover. Mousing over the authentication indicator in the message prompts the display of a certificate that further identifies the sender.
SP-Guard is available now from Iconix. For further information, contact our sales team. At 408-727-6342, ext 3 or use our online form.