Social Engineered Data Breach

Remote Workers Vulnerable to Social Engineered Data Breaches

One successful social engineering data breach can move your stock price fast — in the wrong direction. Is your company’s network prepared to handle a mega hack accomplished via social engineering, such as the recent one that Twitter suffered?  With the shift to remote work, the threat for social engineering hacks can increase.  When employees are involuntarily isolated at home for work, their psychology and behavior can change.  Employees may become inordinately worried about their job security. A recent report published by ClearSky’s analysis team outlined a “Dream Job” campaign designed and executed by the Lazarus group (aka Hidden Cobra), which exploited feelings of job insecurity along with the desire for a better position. The group targeted employees with a “dream job” supposedly acting on behalf of major corporations such as: Boeing, McDonnell Douglas, and BAE. According to ClearSky, this campaign has been successful in infecting companies and organization across the globe.  Social Engineered Data BreachEmployees working in an office environment often have a greater sense of job security compared with people who work from home.  In the office, milestones are celebrated, company policies are discussed, birthdays are celebrated.  When it comes to requests, employees might see the requester in the hall or chat with a co-worker about the request.  Remote employees work in isolation from their colleagues. Anxiety can be high about job security. Employees may act before they think when it comes to fulfilling requests that are in reality, phishing exploits.  Remote workers are often eager to respond without verifying a request. It is a vulnerability that many companies have not prepared to address. Social engineering hackers use this vulnerability to their advantage.  What’s the cure?  Remind and re-train employees to be aware of socially engineered attacks, and be ever vigilant for leaks of sensitive data. CybelAngel leads the way in assisting enterprises in detecting and resolving data leaks.

Hackers try to blend in with your employees

When using social engineering to attack, hackers often identify names and job titles of employees. LinkedIn is one of the best ways to access employee names, titles, and background. Employee profiles contain all the elements a hacker needs to make an organizational chart of your company — and pinpoint who might be vulnerable to trickery. To target a company, a hacker may develop and use a fake LinkedIn profile. Scammers may contact employees by posing as recruiters, using fake profiles and false appearances. Employees may accept invitations from fake profiles because the profiles appear to be people from their local area.  After hackers link with your employees, they can access your employees’ network of contacts.  The more employees a hacker can connect with, the more knowledge the hacker can collect about employee names, job titles, and which employees present the easiest opportunity to steal information. After hackers link with employees at a targeted company, they will search for vulnerabilities, such as employees out of office. Hackers know that employees working from home are often easier targets because they may act on requests without verifying them. One way to decrease your vulnerability and keep bad actors out of your network is to train employees not to link with fake profiles on LinkedIn.  

How to tell a LinkedIn profile is fake

Fake LinkedIn profiles will seem to be typical employees of your company — but look a little closer to see if the profile contains these indicators that it may be fake. According to an article published by Security Boulevard in April states, “A regular cadence of clear, simple education and tips can go a long way to provide effective security training. Education and empowering employees to recognize potential threats can make workers a powerful frontline defense against the bad guys.”  It is incumbent on enterprises to keep communication lines open with their remote workers, along with frequent reminders of how to avoid falling into a social engineered trap…such as a fake LinkedIn profile and outreach.

Prevent a social engineering data breach

When we think about social engineering, the first consideration is which assets are most important to protect. What is the most valuable data at your company? Is that data shared in the cloud?  Do third-party networks or suppliers host your data?  These are the types of questions that hackers and cyber criminals contemplate when determining which companies to attack for the richest payday.  To stay ahead of these criminals, we must  identify a company’s exposure to digital risk, and ultimately diminish that risk. At CybelAngel, we use advanced machine learning to identify risky data leaks before they become data breaches.  If someone is leaking confidential data, we find it first, alert you, and if requested, we remediate the incident  Click here to see how much of your data is being leaked beyond your enterprise’s perimeter.  Because data leaks are inevitable; but damage is optional.