Last week’s global IT outage serves as a poignant reminder of why we must continuously fortify our defenses through engaging employees in security awareness training. In a matter of hours cybercriminals were on the path to exploiting CrowdStrike’s service interruption to launch phishing attacks, registering hundreds of lookalike domains. Below, we’ll explore how these attacks work and how organizations can equip employees to combat such threats.
The Cybercriminals’ Tactic: Exploiting Trust
Phishing attacks thrive on trust and urgency. Following CrowdStrike’s service issue, cybercriminals crafted emails that appeared to be legitimate communications from the company, copying style and tone of maximum chance of successfully breaching their targets. However – phishing isn’t new, and the approach is far from innovative. All that changed was the subject of the emails – so why does a simple change create so much additional risk for organizations?
Why Hot Topics and News Stories Are Prime Targets
Hot topics and news stories like the CrowdStrike outage make excellent ammunition for spammers and hackers for several reasons:
High Engagement and Interest
News stories attract significant attention, making them perfect for phishing campaigns. People are more likely to open emails related to current events, especially if they are directly affected or interested in the topic.
Sense of Urgency
News stories often come with a sense of urgency. Cybercriminals exploit this by creating emails that demand immediate action, such as “Update your account now due to the recent CrowdStrike outage.” This urgency can cloud judgment and lead to hasty decisions.
Trust in Familiar Sources
When a trusted company like CrowdStrike is mentioned, recipients are more likely to trust the email. Cybercriminals leverage this trust to make their phishing attempts more convincing.
The Psychology of Being Fooled
Understanding the psychology behind why people fall for phishing scams can help in developing better defenses:
Authority Bias: People tend to comply with requests from authoritative sources. Emails that appear to come from a reputable company or figure can easily deceive recipients.
Fear and Anxiety: Phishing emails often play on fear and anxiety, such as the fear of losing access to an account or the anxiety of missing out on important updates. This emotional manipulation can lead to quick, unthinking responses.
Cognitive Overload: In a busy work environment, employees may not have the time to scrutinize every email. Cybercriminals exploit this by sending emails that look legitimate at a glance, hoping that recipients will act without thorough examination.
Building a Strong Line of Defense: Employee Training
The silver lining in these attack waves is that they often exploit human vulnerabilities, not just technical flaws. This means comprehensive employee training & engaged learners can act as a robust safeguard. Here’s how:
1. Educate on Phishing Recognition. Regular training sessions to educate employees about spotting phishing attempts are critical. Employees should learn to recognize the signs of phishing, such as generic greetings, unsolicited attachments, and any urgent, unexpected requests. Using real-world examples, particularly those involving incidents like CrowdStrike’s, can make these lessons more relatable and effective.
2. Promote Verification Habits. Encourage employees to verify the source of any suspicious email. This might mean double-checking the sender’s email address, or directly contacting the organization through a verified phone number or website. Verifying information is especially important when emails concern service disruptions or other unusual activities.
3. Realistic Phishing Simulations. Conducting phishing simulations can foster a culture of caution. By periodically sending fake phishing emails to employees, organizations can test the workforce’s vigilance and provide immediate feedback and additional training to those who click on simulated scams.
4. Encourage Reporting Suspicious Activities. Promote a no-blame culture where employees feel safe reporting anything suspicious. A timely report can help IT staff mitigate potential threats before they escalate. Quick response teams should be ready to investigate and neutralize threats as soon as they are reported.
Personal Precautions: Steps for Individual Protection
While organizations must implement overarching policies, individuals play a crucial role in maintaining security. Here are essential steps everyone should follow to avoid becoming a victim:
1. Scrutinize Email Content. Always take a moment to scrutinize emails, especially those requesting any form of urgent action or containing attachments. Look for grammatical errors, suspicious URLs, or email addresses that don’t match the sender’s claimed identity.
2. Use Strong, Unique Passwords. A strong password is your first line of defense. Use complex passwords for all accounts and avoid using the same password across multiple platforms. Password managers can help generate and store unique passwords securely.
3. Enable Two-Factor Authentication (2FA). Enabling two-factor authentication adds an additional security layer. Even if your password is compromised, 2FA ensures that your accounts are not easily accessible without a secondary verification method.
4. Keep Software Up-to-Date. Regularly update your software, including antivirus programs, operating systems, and any applications you use. Software updates often include security patches that fix known vulnerabilities.
Conclusion
The phishing scams leveraging CrowdStrike’s recent incident highlight a critical need for robust cybersecurity awareness and resilience. By prioritizing employee education and steadfast personal practices, we can collectively thwart these phishing attempts. Remember, in the battle against cybercrime, knowledge and vigilance form our most effective defense. Let’s stay informed and prepared, and together, we can OutThink the hackers.
