[Live Webinar] The Science and Methodology Behind Social Engineering
No matter how much security technology we purchase, we still face a fundamental security problem: people.
![[Live Webinar] The Science and Methodology Behind Social Engineering](https://blog.knowbe4.com/hs-fs/hubfs/science-webianr-socail.jpg?length=260&name=science-webianr-socail.jpg&t=1524074248035)
The Spiceworks staff wrote: "Years after CryptoLocker raised its ugly head — setting off an unfortunate security trend — ransomware continues to be a rather painful thorn in the side of IT professionals and organizations around the world.
In 2017, we saw entire companies and government agencies shut down for days thanks to WannaCry and NotPetya, sometimes costing a single organization hundreds of millions of dollars. And things haven't gotten that much better recently.
For example, in March 2018, the city of Atlanta fell victim to ransomware that brought city services down (airport Wi-Fi, online bill pay systems, police warrant systems, job application forms, and more) and forced many employees to shut down their systems for five days. Similar attacks have been launched against cities in the U.S. and around the world.
Lance Spitzner said:
Here are a few more:
The UK Mirror reported that Britain is braced for a wave of crippling cyber attacks in Russian retaliation for the Syrian missile strikes. Here is an excerpt:
"Vital transport links, water supplies, gas networks, banks, hospitals and air traffic control could be targeted following the joint assault on Bashar al-Assad’s chemical weapons compounds on Friday night.
Experts believe hackers in Moscow are already trying to break into key computer networks that could bring the UK’s infrastructure to a halt.
Employees download malicious files, click phishing links, correspond with hackers, and even share contact information for their colleagues.
Positive Technologies has released a new report Social Engineering: How the Human Factor Puts Your Company at Risk, with statistics on the success rates of social engineering attacks, based on the 10 largest and most illustrative pentesting projects performed for clients in 2016 and 2017.
To verify the security of corporate systems, Positive Technologies testers imitated the actions of hackers by sending emails to employees with links to websites, password entry forms, and attachments. In total, 3,332 messages were sent. If the “attacks” had been real, 17 percent of these messages would have led to a compromise of the employee’s workstation and, ultimately, the entire corporate infrastructure.
27 percent of recipients clicked the link
![[NEW WHITEPAPER] 10 Best Practices for Protecting Against Phishing, Ransomware and Email Fraud](https://blog.knowbe4.com/hs-fs/hubfs/WP_Best_Practices_Protecting_Against_Phishing-1.jpg?length=260&name=WP_Best_Practices_Protecting_Against_Phishing-1.jpg&t=1524074248035)
A survey conducted among corporate decision makers in early 2018 discovered that nearly 28% of organizations had experienced a phishing attack that was successful in infecting their networks. Don’t let this happen to your organization.
Did you know, 43% of breaches result from social engineering attacks? What's more, according to a recent Verizon investigation, phishing emails account for 98% of all social engineering related incidents and breaches.
Ransomware and phishing attacks have garnered a great deal of recent attention in the cybersecurity community. As the Verizon Databreach Report has long warned, ransomware is the most common type of malware carried by phishing attacks. It's used in 56% of such incidents.
Ransomware is very effective for criminals. It exposes them to relatively little risk. But even as ransomware surges in criminal use and popularity, there are signs that businesses and local governments aren't investing in appropriate security against it.
“Personnel are advised to be alert for suspicious activity related to ongoing cyber operations targeting the Department,” the agency’s Cyber and Technology Security Directorate said in an email sent early Thursday morning to all workers.
Last month, more than 2,000 employees received emails, texts and social media messages designed to fool them into either downloading malware or handing over their login information, according to the email, which multiple sources provided to POLITICO.
The adventures of Kevin Mitnick and his girlfriend Kimberly.
Kevin called me and told me a story how they were crazy enough to track down a lost (stolen?) bag in Mexico city. His GF Kimberly wrote up the story. Enjoy!
"Travelling constantly around the world is always an adventure especially with four carry-on bags and five checked bags filled to the brim with electronics for Kevin’s live hacking keynote presentations. Landing in Guadalajara, Mexico earlier than expected was a pleasant surprise. The next couple of hours however, were an experience similar to a thriller movie.
![CyberheistNews Vol 8 #16 [Heads-Up] Phishing Scam of the Week](https://blog.knowbe4.com/hs-fs/hubfs/CHN-AVATAR-2017-1-6-1-4.png?length=260&name=CHN-AVATAR-2017-1-6-1-4.png&t=1524074248035){kind=avatar}
