Hey, when I spend several hundred dollars and two days of my time to attend a cybersecurity conference, a guy like me hopes he can milk a few blog articles out of it. Here is the third (so far.)
Most of these nuggets came from a keynote titled “2016 Cyber Attacks By The Numbers” presented by Kevin Thompson, a former CIA analyst and now a threat analysis for the cybersecurity firm FireEye. Very eye-opening.
Primary Attack Vectors
- Spearphishing with weaponized exploits.
- Microsoft Office VB macro enabled attachments.
- Tuesday and Wednesday are the top days for phishing campaigns.
- Strategic web compromises.
- Conferencing websites such as TeamViewer, WebEx, JoinMe, and GoToMeeting
- Outsource IT companies – for spoofed phishing emails
- Outsource HR companies – everybody clicks on the link in an ADP email. Go to a fake website, fill in a bunch of personal information.
- Fake log-in pop-ups
- VPN log-in screens faked – “your session has disconnected, please enter your user ID and password to resume.”
- Outlook Web Access faked log-ins to capture your email credentials
- The use of Emergency Access Tokens with a long or no expiration date
- Compromised computer systems
- 50% of compromises use malware.
- 50% of compromises simply use captured user credentials that are valid on the network.
On Wednesday we will reveal the rest of the attack vectors that Kevin shared with us.Share