What Greek Mythology Can Teach Us About Present-Day Cybersecurity
The cybersecurity Pandora’s Box is still open, and it shows no signs of shutting down when it comes to our present-day digital posture.
Last year, we found how the forced transition to remote work opened security and compliance gaps, effectively opening a cybersecurity Pandora’s Box. Presently, many enterprises are still grappling with the aftereffects of a hybrid workforce.
In a study conducted by the Ponemon Institute, IBM found that large organizations continue to face more security vulnerabilities than ever before. Recent beaches—Colonial Pipeline to Facebook to gas stations in Iran—confirm what we all know to be true: no one is safe from cyber gangs and criminals. Yet, Ares would be astonished by the digital warfare being waged on organizations of all sizes today.
To dive a bit deeper into what is continuing to cause these ripe hunting grounds, we conducted a global survey—our inaugural Trust Issues survey —to identify gaps within an organization’s cybersecurity postures. We found that many workers are leaving breadcrumbs for these cyberstalkers, leading them straight to their prey. Here are four hunting tactics that threat actors use and the data to show how we feed into their games.
Hunting tactic: Gathering information online
A cunning bad actor will stalk workers online to gather as much information as possible—any information shared publicly on LinkedIn, Facebook, Twitter, or Instagram page allows a cybercriminal to piece together a profile of the victim. With nearly half of global workers including work details on their social media profile, and some even sharing their corporate or personal email for all to see, it’s a safe bet that a malicious person will use this as a compass to decide who to target next.
While it is a common practice in many parts of the world to include work details on social profiles for networking and recruiting, it’s a stark reminder that unsavory characters could be using this information in their next attack. Therefore, it’s imperative to be extra cautious about what is shared. For example, maybe only share company and job title but leave the work or personal email out.
Hunting tactic: Using compromised emails and passwords
Retailers are a top target for the bad guys, with customer data being at the top of the list. With 1 out of 3 global workers using their corporate email for non-business-related purposes, the implications are clear: this is one way cybercriminals can find an “in” to an enterprise.
All it takes is one breach for this information to end up on the dark web forums, where it is bought and sold. To ensure a corporate email doesn’t end up in the wrong hands, it is suggested to create a throwaway account to conduct non-business-related activities. It will help with peace of mind when shopping for that perfect gift for a favorite co-worker or liking posts on a smaller scale.
Hunting tactic: Impersonating brands
Across the globe, workers are experiencing an influx of suspicious messages from cybercriminals impersonating large brands used every day. In fact, the majority of global workers say they received an impersonated email or message from brands like Facebook, Google, PayPal, Amazon, and UPS.
To focus on one sector, malicious actors try to get unsuspecting individuals to pay them through spoofing financial services—with this sector being one of the highest to get the phishing treatment. Therefore, it is imperative to be vigilant when sussing out if that PayPal request for your details is honest.
Hunting tactic: Phishing for gold
All roads lead back to phishing. With almost half of global workers saying that they have not received any formal training or education about this common cybercriminal tactic, cyber education must jump to the top of the list for employee training.
The workforce will always come with a certain risk level; however, with proper awareness, education, and the will to remain hyper-vigilant, the playing field with these relentless cyber hunters can become even, turning this Greek tragedy into good fortune.
Go here to learn more about our additional survey findings.
Methodology: Dynata, a leading market research tool, conducted this survey of 2,000 global workers employed by companies with 2,500+ employees (ages 18-65+) on behalf of SailPoint.