Social Engineering Conclusions
As the threat landscape continues to evolve, new tools and approaches are emerging regularly. But one thing remains constant: the human factor. More than ever, cybercriminals rely on people to download and install malware or send funds and information on their behalf. And as the shelf lives of automated exploits get shorter, the potential return on investment from social engineering will further outpace that of automated attacks.
Social engineering is at the heart of most attacks today. It can come through something as simple as a bogus invoice lure in a multimillion message malicious spam campaign. It may appear as an intricate fake chain of emails and out-of-band communications in email fraud. Even Web-based attacks — which once depended almost exclusively on exploit kits and drive-by downloads — are now built around social engineering templates. People willingly download bogus software updates or fake anti-malware software.
These opportunistic attacks extend to social media channels and cloud-based tools as well. Fraudsters and other attackers capitalise on major events and trends and leverage legitimate services to trick defenders and victims. Threat actors themselves are focusing more on individuals rather than entire organisations. No industries are exempt from attack. But in some cases, risk varies by industry and over time by a number of measures, including roles within an organisation, the severity of threats received and the types of data to which users had access.
State-sponsored attacks against individuals for financial gain and APT-style tools groups looking to key personnel in restaurants and other targets. In many cases, these smaller targets may not be prepared to defend against sophisticated threats. Regardless of the vector or approach attackers use, defenders in WordPress Security operations must understand threat actors and how they operate. Threats may come from what appear to be legitimate sources. They may not involve easily recognised malware. And they will frequently use channels ranging from social media to Web-based attack chains. Attackers are opportunistic and adaptable. They take advantage of new options, vectors and tools to increase their chances of success.
Social Engineering Recommendations
Today’s attacks target people, not just technology. They exploit the human factor: our natural curiosity, desire to be helpful, love of a good bargain, time constraints and respect for authority. Protecting against these threats requires a new, people-centred approach to WordPress Security. We recommend the following:
• Train your people to spot attacks that target them. Your WordPress Security awareness training should include phishing simulations that use real-world tactics to see who’s most at risk. Teach them to recognise attacks on email, cloud apps, mobile devices, the Web and social media.
• Get advanced threat analysis that learns and adapts to changing threats. Today’s fast-moving, people-centred attacks are immune to conventional signature and reputation-based defences. Be sure your defences adapt as quickly as attackers do.
• Deploy DMARC authentication and lookalike domain (typosquatting) defences. These technologies stop many attacks that use your trusted brand to trick employees, partners, vendors and customers.
• Get visibility into the cloud apps, services and add-ons your people use. Deploy tools to detect unsafe files and content, credential theft, data theft, third-party data access and abuse by cloud scripting apps.
• Automate some aspects of detection and response. Automated tools can proactively detect WordPress Security threats and other risks posed by the ever-growing volume of apps your people use in the enterprise. And wp security orchestration and automation solutions can help you respond faster and more effectively. Consider solutions that connect, enrich and automate many steps of the incident response process. That frees up security teams to focus on tasks that people do best, boosting awareness and WordPress Security.