Targeted Attacks – Harden the Human Target

In order to compromise data networks, a point of entry is required.  An effective point of entry is the people who use the systems.   The Wall Street Journal‘s recent article, You Are A Security Risk, provides a nice discussion of this topic.  Ironically, the criminals use publicity about cyber intrusions to dupe careful people into their trap.  For example, there is a fake security alert purporting to be from CERT.  There is another current targeted attack using emails allegedly from the Stratfor’s CEO George Friedman, urging recipients to provide personal information in response to the recent compromise of Stratfor by cyberattackers.

Equally frightening is how effectively the malware that is installed evades detection by security software. We saw this in the recent compromise of the U.S. Chamber of Commerce, in which the FBI, and not internal security measures, alerted the Chamber to the problem. The Chamber is not alone in being unable to detect compromised systems. Kevin Mandia, CEO of Mandiant Corporation, recently testified as follows before the U.S. Congress:

we routinely witness attackers circumvent conventional safeguards deployed to prevent and detect security breaches.  Virtually all of these intrusions belong to the growing subset of advanced threats that usually evade off-the-shelf technologies that American corporations rely upon – often times exclusively – for their defense.  In fact, in over 90% of the cases we have responded to, Government notification was required to alert the company that a security breach was underway.  In our last 50 incidents, 48 of the victim companies learned they were breached from the Federal Bureau of Investigation, the Department of Defense or some other third party.

Employees must be empowered to defend against cyberattacks. When the cyberattacks target the human, the human must be hardened. A tool that hardens the human  is available now from Iconix. That tool is SP Guard from Iconix.

SP Guard Inbox

SP Guard provides the recipient with three confirmations that a message is real:

  1. List View. There is an integrity indicator in the list view of the email client.
  2. Message. The open message has a further indicator of authenticity.
  3. Mouseover. Mousing over the authentication indicator in the message prompts the display of a certificate that further identifies the sender.

SP Guard now offers a fraud filtering enhancement.  This additional protection is becoming increasingly important given the latest generation of highly targeted spear-phishing emails which are so well crafted that users cannot tell real from fake.

SP Guard is available now from Iconix. For further information, contact us at  408-727-6342, ext 3 or use our online form.


Comments are closed.