Scribd Logo
Upload

Welcome to Scribd!

  • Defense Guide: Uidacent Hreat Dvisory

    Uploaded by

    Roberto H
    15 views5 pages
    Guía de defensa

    Original Title

    w_guie15

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Guía de defensa

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    15 views5 pages

    Defense Guide: Uidacent Hreat Dvisory

    Uploaded by

    Roberto H
    Guía de defensa

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 5

    GUIDACENT THREATRECON ADVISORY

    Defense
    Guide

    © 2021 Guidacent
    Phishing
    Defense
    Guide
    An effective tactic. That’s how the
    FBI Cybercrime Division describes the
    growing problem that has become
    phish⬧ing(noun) something of a pandemic for the
    1. the fraudulent practice of sending emails world of Online Business Operations.
    purporting to be from reputable companies
    in order to induce individuals to reveal
    Your Guidacent Phishing Defense Guide can
    personal information, such as passwords
    help you reduce the risk of compromise
    and credit card numbers.
    from a potential phishing campaign.
    2. type of social engineering where an
    attacker sends a fraudulent message
    Did you know that more than 90 percent of all
    designed to trick a human victim into data breaches began as part of a Phishing
    revealing sensitive information. campaign?

    With an average click-through rate of more than


    80 percent, phishing emails are the most effective
    Phishing attacks, that threaten data breaches, methods used by cybercriminals.
    account compromise, and malware has become
    something of an existential challenge for We open links or attachments in one out of five
    organizations to manage. Remote operations as the times, which means that a well-designed phishing
    new norm for many workplaces have added campaign that targets more than five employees
    complexity to the growing problems associated with in a victim organization will be successful.
    Phishing.
    Phishing campaigns begin with an email designed
    Guidacent has prepared this guide to help you keep to resemble a legitimate point of contact, but the
    the bad guys from getting their hooks into your ways in which the attack and penetration allows
    business. the threat actor to enter, pivot and route through
    the system vary, once the campaign is successful.

    “Phishing Defense Guide” © 2021 Guidacent -1-


    PHASE 1
    AVOID GETTING HOOKED!
    One big mistake companies make that leaves
    them vulnerable to phishing attacks is because they
    don’t have the right tools in place, and they don’t
    train their staff on what to do when a security
    event—like a phishing campaign—hits their inbox.

    A popular attack method is when a threat actor


    acquires protected information through social
    engineering, including information collected from
    public sites, or through extended phishing efforts.
    And with an 80-percent success rate, it’s not that
    difficult!
    Keep everyone informed and on
    the look-out for fake messages A phishing campaign’s success is based on the
    threat actor establishing a level of trust with the
    If a phishing scammer gets the email target victim or group. Once that trust or sense of
    credentials of one person in your organization, familiarity has been established, that’s when the
    trouble starts.
    they’ll target anyone using that email pattern,
    and based on public data—it’s not hard to do!
    Here are the three most common phishing
    penetration methods used by threat actors:

    ANTI-PHISHING 101 1. Imitating the sender address in an email to


    appear as a recognized point of origin.
    1. Educate your staff & schedule regular “Fake 2. Embedding a link in an email that redirects you
    Phishing” training sessions. to a website that requests sensitive data.
    2. Keep your systems updated and patched. 3. Installing hostile code (“Trojan”), through an
    email attachment or ad.
    3. Make sure you have a strong SPAM filter in
    place, which detects malware, etc. If you are looking at a link with a URL that doesn’t
    begin with “https,” avoid the temptation of
    4. Have a “Cybersecurity Playbook” prepared for accessing the link.
    when something happens.
    And be sure to rotate your passwords for all online
    5. Implement a web filter to block malicious accounts on a regular basis. The more complex
    websites (they work right out of the box!) password structure you use, the less likely it will be
    6. Require encryption for all remote access into compromised—even in a phishing campaign.
    your operations. You can also reduce the risk of compromise from a
    phishing campaign by keeping your browsers up-to-
    date. Many attacks take advantage of systems that
    Cybersecurity giant, Symantec, reports that one in are not current or that have known flaws as a result
    2,000 emails are phishing attacks, equating to be of gaps in their system patches.
    approximately 135 million attacks every day!

    “Phishing Defense Guide” © 2021 Guidacent -2-


    PHASE 2
    REVIEW & PREPARE
    Five Questions to Consider… While we
    know the malware problem continues to
    burden every business type and throughout
    all sectors, Consider the following issues
    when evaluating your defense strategy:

    1. Are we validating everything?

    By design, and unlike other attacks, ransomware


    often takes temporary residence on a computer
    with “Authenticated” credentials, which avoid
    Don’t click on that link! detection before its encryption algorithm
    completes its objective
    It’s a good idea to NOT click on a link in an
    email or instant message, just because you 2. Do we have the right tools
    know the person where it originated. When (and are we using them properly)?
    possible, use your search engine to access the
    origination point (the host site where you are Effectively segregating your network and
    ensuring your endpoint protection controls are
    downloading the attachment).
    properly deployed, will have a powerful impact
    on defending the edge of your systems.

    3. How do we decide who gets access?


    SECURITY AWARENESS IS ESSENTIAL!
    Organizations can no longer trust a user because
    1. Reinforce company policies regarding not they are an employee (or say they are) or based
    sharing or revealing user credentials. on their password alone. Zero Trust is a concept
    based on the impetus that trust is never presumed
    2. Encourage the use of company-sanctioned until proper authentication has been verified.
    file-sharing programs, rather than via email
    attachments. 4. Did we lock the front door?
    3. Adobe Acrobat Reader and Microsoft Word Review all firewall configurations to confirm all
    often contain unpatched vulnerabilities that non-essential activities are blocked. Consider
    can be exploited. subscribing to an OSINT reputation service to
    automatically block access to known malicious
    4. Explain incident reporting procedures and actors.
    ensure that users feel comfortable
    reporting security incidents. 5. What didn’t we fix that needed fixing?
    5. Automatically enable firewall, advanced Patch Management: Vendors provide fixes to
    malware protection, encryption, and data known and exploitable vulnerabilities. Make it a
    loss prevention on all endpoints. point to implement the fixes and be sure that all
    systems and software are current with respect
    to their patching and updates.

    “Phishing Defense Guide” © 2021 Guidacent -3-


    PHASE 3
    ASK THE EXPERTS!
    Managing Cyber Risk means looking at the most
    likely situations that you will face in your day-to-day
    business operations.

    For many organizations, becoming truly resilient to


    ransomware attacks requires more than incremental
    improvements. It requires organizational change that
    broadens the scope of involvement at the top of the
    Guidacent’s ThreatRecon Security organization and instills focus on business risk, rather
    Professionals can help get you than technology controls.

    in a safer posture to defend It requires the ability to focus investments on


    against a phishing campaign mitigating likely outcomes, based on a review of
    attacker motives and the ability to anticipate high-
    You CAN improve the overall threat defensive impact scenarios.
    posture of your business operations against
    The consulting teams at Guidacent view
    the potential compromise from a phishing
    cybersecurity and risk management as elements to
    campaign! better enable businesses to build strong,
    secure operating environments, which extends the
    4 Ways to Evaluate RISK value of our digital infrastructure and economy.

    If your organization would like to explore how to


    1. Is the Risk Timely? evaluate and address risk and build on the integrity
    2. Is the Risk Relevant to business operations? of your critical assets, contact us at
    cybersecurity@guidacent.com.
    3. Is the Risk Pervasive and capable of spreading?
    Guidacent can help you on the journey and keep you
    4. Does this Risk pose an Urgent impact out of dangerous traffic as you’re following your
    to the business? business path.

    Ready to learn how Guidacent can help


    your business establish a strong
    Cybersecurity Defense?
    Email us at
    cybersecurity@Guidacent.com
    to schedule a free consultation.

    “Phishing Defense Guide” © 2021 Guidacent -4-

    You might also like