Cyber Attacks Target Human Frailty

In testimony before the United States Senate Armed Services Committee, Subcommittee on Emerging Threats and Capabilities, cyber security experts from Mandiant told the Senators that intruders often use  deceptive emails to compromise systems. Kevin Mandia said,

They’re leveraging human weaknesses and human vulnerability and trust to break into these organizations.

Mandia told the senators that it is difficult to defend against deception.

It is easy to deceive people.  This is an example of a deceptive spearphishing email.

What looked like a routine FedEx email was, in fact, a cyber attack that compromised the New York Times.

Your personnel will receive deceptive emails.  Your security hangs in the balance when an employee decides to click a link or open an attachment.  Telling employees to avoid suspicious emails is good advice.  The attackers use this same guidance — that is why cyberattackers use social engineering to craft emails that are not suspicious. IT must intervene in the email processing decision.  That is the role of SP Guard.  Using SP Guard, IT can determine a list of trusted senders and provide this information to staff at the moment the person is deciding to click or pass.  In the SP Guard environment, staff can, for example, easily distinguish a trusted HR email from a spoof HR email.

You can contact us at   408-727-6342,ext 3 or use our online form.


Comments are closed.