Computer Systems Security Planning for Success

Phishing: Involves communicating with someone via a fraudulent message in an effort to make them perform and action that will harm them. It is broken into five main categories:

Spear phishing: Sending phishing emails or other communications that are targeted towards a particular business or environment. These messages may include information about the inner workings of the organization in an attempt to prove their validity. They may also take advantage of a known, insecure practice at a particular organization. Spear phishing is not your standard wide-net phishing attempt, but more of a focused, tailored, custom campaign.

Whaling: Targeting high-ranking individuals at an organization. Whaling is often used in conjunction with spear phishing.

Smishing: Using SMS messages when phishing.

Vishing: Using voice messages when phishing.

Phishing sites: Threat actors can attempt to gain unauthorized access through information obtained from non-business related communication channel. For example, malicious actors may know that the CEO frequents a popular sailing forum. These actors could set up an account on the sailing forum to direct message the CEO for information.

SPAM consists of large quantities of unsolicited emails. These emails may be malicious or they may simply be advertising. In either case SPAM accounts for nearly 85% of all email. It is interesting to note that sometimes the malware distributed through SPAM is actually used to send more SPAM through a victim’s machine. The war on SPAM is constantly evolving and while many updates have been made to the way we send email, many improvements have yet to be realized.

Dumpster Diving: Information that can ultimately lead to the spread of malware can also be found in improperly disposed trash. Old records or hard drives may contain corporate secrets or credentials that give someone unauthorized access. It is important to properly dispose of sensitive information, making sure that all things that need to be destroyed are destroyed in a complete manner.

PINs, passwords, and other data can also recovered simply by looking over someone’s shoulder. These credentials could be the "in" that an attacker needs to spread malware. Through the aid of optics, such a binoculars, shoulder surfing can even occur at a long distance. Privacy screens, which limit the angle at which you can see a monitor, can be helpful in mitigating this type of attack.

Following behind someone who is entering a secure location with a credential is known as tailgating. Often people will even hold secure doors open for someone if they have their hands full. It is human nature to want to help people, but you also must remember that the person behind you may have a USB key with malware ready to deploy as soon as they gain physical access to a machine in the building.

Often as part of a phishing campaign, a threat actor will pretend to be someone else, which is known as identity theft or impersonation. This may be someone within the organization or someone with sufficient power outside the organization, such as a representative of a government oversight agency. Attackers may also use stolen credentials to make their messages appear official, once again giving them and easy route through which to deploy malware.