14 DAY TRIAL // A survey on 700 respondents at businesses in Asia, North America, EMEA region and South America revealed that IT and security professionals believe that a significant factor for the success of targeted attacks is gullibility of employees who fall for social engineering tactics.
Phishing attacks are widely used on consumers to fool them into following malicious links hosting malware components, but many companies offer training courses that teach their employees how to spot deceitful messages that could allow an attacker a route to sensitive digital assets.
Access to personal online services increases risks
However, according to a study commissioned by Intel Security, 38% of the participants believe that clicking on unknown links or opening emails from unknown sources is one of the causes a threat actor was able to gain access to the company’s network.
Social engineering is a powerful weapon, especially when combined with advanced pieces of malware. This week, security researchers at Kaspersky reported a phishing operation that lured recipients into launching a maliciously crafted Word document by delivering a very credible-looking email claiming to be from the IRS in relation to a tax return approval.
Intel’s study also reveals that security professionals' efforts to defend the digital perimeter are made more difficult by the fact that threat actors employ persistent malware along with multiple attack vectors, exploits and payloads.
Also, the channels for malware distribution increase as employees have access to social networking and personal services such as Dropbox and Evernote. Compromised accounts are often used to deliver malicious messages to other friends on the list.
Post-incident investigation is most time-consuming task
BYOD policies, which allow use of devices running different operating systems, make it harder to set up defenses for endpoint systems, 24% of the professionals noted.
The survey shows that at the top of the list of the most time-consuming tasks faced by the security unit of a company is determining the damage caused by an attack, accounting for 47% of the answers; this involves pinpointing the changes made on an affected system and the resulting consequences as well as the number of computers that were impacted in the process.
As per the results of the study, the respondents indicated that in 2014 an average of 78 security investigations were carried out by their organizations. Out of these, 28% focused on targeted attacks.
Contributing to the success of the attacks is also the fact that security professionals at the surveyed companies are not knowledgeable enough as far as cybercriminals tactics are concerned.
When asked how familiar they are with malware obfuscation techniques, less than half of the respondents (45%) said that they were up to date, while 48% admitted that there was plenty of room for improvement.
