Our Latest Online Backup Reviews:Vembu SyncBlaze
Industry LinksTools and Graphs
Overconfidence in technology is leaving companies exposed to phishing and other attacks that prey on humans, as evidenced by red team tests where 52% of employees clicked on a link in a fake email
HELSINKI, FINLAND – March 22, 2017 — /BackupReview.info/ — Attackers consistently prey on companies that have what cyber security experts call a “false sense of security” when it comes to relying too much on technology to defend their networks. The warning comes from a spokesperson for F-Secure’s red team – a group of cyber security experts specializing in ethically attacking organizations to highlight strengths and weaknesses in their security.
“Using technology to solve human problems just doesn’t work, and anyone telling you different is selling magic beans,” said Tom Van de Wiele, Principle Security Consultant at F-Secure. “Real-life attackers, especially criminals, live off perfecting subtle social engineering tricks that trick human beings into letting their guard down. And letting employees believe that cutting edge security technologies will handle everything gives a false sense of security, which is something today’s attackers are counting on.”
“You’d be amazed by what people click on while they’re working. They’re not stupid, just caught off-guard, not necessarily expecting to be duped,” said Van de Wiele. And indeed, simulated phishing attacks have high success rates in F-Secure’s Red Teaming Tests.
For example, in a recent job, F-Secure red team experts sent out a fake LinkedIn email to see how many of the client organization’s employees would click on a link in an unsolicited email. 52% of employees clicked. In another test, F-Secure’s red team created an email leading to a fake portal where employees would need to log in using their domain credentials. 26% of recipients followed the email link to the portal, and 13% actually entered their login credentials.
Nothing is off limits
According to Van de Wiele, these tests often surprise companies by revealing just how exposed they are. “Internal views of security rarely match the weaknesses attackers actually see,” he said. The tests encompass a company’s entire attack surface, not just digital but physical too – or anything under the company brand.
“Many companies are surprised when we gain access to offline servers, as many CISO’s are unprepared to deal with an attacker who gains physical access to their company’s premises. And that’s surprisingly easy to do: all you need is a safety vest and physical work order. Safety vests are better than Harry Potter’s invisibility cloak. Put it on and you can get anywhere, no questions asked.”
With Red Teaming Tests, organizations can:
Founded in 1988, F-Secure is listed on the NASDAQ OMX Helsinki Ltd.
f-secure.com | twitter.com/fsecure | facebook.com/f-secure
F-Secure Media Relations
General Tags: data storage, backing up online, online backup services, data security, online data backup, online file storage, online backup reviews, SaaS, compare online backups, top rated online backups, online backup, software as a service, online backup news, cloud computing, online backup providers directory, online file backup, online backup companies, CEO interviews
Like us on Facebook
Sponsored Links:Data Deposit Box Asigra