CyberheistNews Vol 1, #24
Editor's Corner
[caption id="attachment_1367" align="alignleft" width="150" caption="Stu"][/caption]
PwC Survey: Cybercrime Now In Top Four Biggest Business Crime
A new PricewaterhouseCoopers Economic Crime survey showed that cybercrime
is now in the Top Four biggest crime problems experienced by businesses,
right behind asset theft, accounting fraud and corruption.
Almost 50% of middle and senior managers in private and public sectors
stated that that cybercrime had increased during the last year, with
about 25% reporting more than 10 incidents. In this survey, cybercrime
was defined as malware incidents, industrial espionage and loss of
Intellectual Property.
The main cybercrime worry was reputational damage, but only 57 percent
reported having a media or PR plan in place to respond to data loss
incidents. Download the full report here:
http://www.pwc.com/en_GX/gx/economic-crime-survey/assets/GECS_GLOBAL_REPORT.pdf
So, what do they recommend?
1. Know who you are dealing with staff, suppliers, partners and agents.
2. Align IT, Internal Audit and the Board in the fight against economic crime.
3. Conduct regular fraud risk assessments.
4. Leadership by a Cyber-Savvy CEO, who instills a cyber risk-aware culture.
5. Implement a cyber crisis response plan.
Part and parcel of point 4 is training all employees to look out for fraud,
and especially be on the lookout for phishing. Do the KnowBe4 free Email
Exposure Check to find out how many email addresses of your organization
are floating free on the Internet, and find out how big your phishing
attack surface is:
http://www.knowbe4.com/eec/
Quotes of the Week
"A man travels the world in search of what he needs and returns
home to find it." - George Edward Moore
"Nothing's so hard but search will find it out." - Robert Herrick
"I'd rather have a search engine or a compiler on a deserted island
than a game." - John Carmack
Please tell your friends about CyberheistNews! They can subscribe here:
http://www.knowbe4.com/about-us/cyberheist-news/
"We Discovered A Serious Human Vulnerability"
"I'm a system administrator and we regularly get user's workstations
infected with malware. Then Microsoft reported that 45% of the infections
are caused by the users being 'social engineered', so we decided to test it
out for ourselves."
"First we did the Email Exposure Check. Out of our 197 users, 87 email
addresses were found on the Internet. Then we did the Phishing Security
Test, and sent these 87 a relatively simple simulated phishing attack,
that could have been sent by any bad guy."
"We were shocked to see that our spam filters and antivirus did not
catch the phishing email, and that 24 of these 87 clicked on the link.
We discovered a serious human vulnerability." -- P.H. System Admin
Find out for yourself how big this human security hole is in your
organization. Fill out this form, you will the results for free:
http://www.knowbe4.com/eec/
ITIC Interview: Stu Sjouwerman Security Q&A;
I was recently interviewed by Analyst Laura DiDio from Information
Technology Intelligence Consulting about security. Here is the
interview, on their website:
http://www.itic-corp.com/qa-interviews/stu-sjouwerman-security-qa
Phishing By Snail Mail
Yup, I received one of these myself last week, in my real-life mailbox.
Our VP of Sales in KnowBe4 got one too, both of them mailed out of
Phoenix, AZ. This is expensive to do, so it must trick people to
actually call the number they provide in the letter. I gave the
number a call, and a real-life American lady answered. Amazing how
they can get away with scams like this. Here is the actual letter
we received. I do not recommend calling that number!:
http://www.knowbe4.com/wp-content/uploads/2011/12/snailphish.jpg
Cyberheist 'FAVE' LINKS:
* This Week's Links We Like. Tips, Hints And Fun Stuff.
Super Fave 1: Like Blade Runner? In your next 10-minute break, watch this
short sci-fi movie, It's really well made, featuring Nicolette Sheridan!
http://www.wservernews.com/go/1322991498015
Super Fave 2: Now I know what I want for Christmas. Equip this thing with
razor blades and you have the ultimate stealth remote assassination tool... LOL!
http://www.wservernews.com/go/1322991510234
Talking about quadrocopters, these flyers can build a 6-meter tower. This
is pretty cool. Look at that coordination!:
http://www.wservernews.com/go/1322991526718
Nokia lit up London with a state-of-the-art light projection display
transforming London's 400 ft high Millbank Tower into a huge canvas:
http://www.wservernews.com/go/1322991587781
Digital Christmas Story told through Facebook, Twitter, YouTube, Google,
Wikipedia, Google Maps, GMail and Amazon. Times change - feelings remain the same:
http://www.wservernews.com/go/1322991616125
Skiing down hilly city terrain, jumping over hung laundry and parked cars,
sliding down stairs and much more from the award-winning film "All.I.Can":
http://www.wservernews.com/go/1322991660765