Issue link: https://iconnect007.uberflip.com/i/1253723
JUNE 2020 I SMT007 MAGAZINE 41 a look at this attached file to prove it was not you. I'm copying HR." You can send Bob to every security training there is about phishing emails, etc., but the minute Bob gets an email from the CIO copying HR saying, "You're being accused of stealing data in your job," no mat- ter how many red flags in his head say, "This is a trick," Bob may open that email. For the victim, their brain says, "This is a risk. This could be a fake email." And yet, you have the other part of their brain saying, "I am being wrongfully accused. I don't want to lose my job. I'm going to get in front of this right now." What makes email phishing so dangerous is you have the human factor, and Bob, for example, has a VPN into your network. Rather than me hacking into your network, if I can hack Bob from out- side of your network, I can pivot into your net- work without doing a lot of work. Back to the vacation example, a hacker can find out if the CIO is in Cancun on vacation, away from his email, based on their social media pages. I can send an email to Bob, say- ing, "I'm on vacation right now, so don't bother calling me, but you need to get on top of this right now." At that point, Bob is stuck because he can't evaluate whether it's true or not. Bob doesn't want to risk losing his job, so he might click on a suspicious email or link. Johnson: What's the one thing you would tell a manufacturing company to check on right now? Landeck: For any industry, know your risks. What bad thing would a cyber-event do to These emails can look very real. If she clicks it, the email unlocks the malicious payload, then the criminal hacker can infect your machine. can help them quantify it. You can create actu- arial tables using what's called a Monte Carlo analysis to give them ranges. Happy Holden: Let me ask the question that everyone is afraid to ask: How many different ways can somebody hack in? Landeck: Emails are the most common. A great resource would be the Verizon Breach Report. A lot of companies are hit every day, and they have a large team that looks at all the breaches and how they happen. It breaks down by per- centage the various things that can happen, so they will tell you based on the last 1,000 breaches, X% happened due to the emails. Going back to the VPN topic, an organization has a protected network, so while there's inter- net outside, they have this fortress called their LAN or WAN that they have the VPN to get into. If I'm a hacker and want to get into your network, I have to find a way in. A very difficult way is to find the outside routers, hack through your routers, and then figure out how to go through your routers and servers. It is much easier for hackers to go to LinkedIn. If I want to hack I-Connect007, I would do a LinkedIn search and find some- one who works there, such as Barb Hocka- day. I would then Google Barb and see that she likes dogs. As a hacker, I would craft an email, make an educated guess as to Barb's email address, and then send her an email, saying, "I'm from the dog rescue and would like to work with I-Connect007." These emails can look very real. If she clicks it, the email unlocks the malicious payload, then the crimi- nal hacker can infect your machine. Here is another scenario I use when teach- ing. As a hacker, I can pick a company and find out who their chief information officer or chief information security officer is. Then, I would find a couple of their database administrators on LinkedIn and send a fake email, pretending to be the CIO. It's an easy email to forge. If the DBA's name is Bob, I can say, "Bob, attached is part of the logs that show your account was accessing databases incorrectly and stole some data. I hope this is a big mistake. Please take