Part I: Why it is important to talk about phishing and website trickery
When imagining your company’s security perimeter being breached, you probably imagine a team of skilled hackers staring at command lines, writing code, modifying system files, scanning your network, brute-forcing your passwords, and spending hours working against your technical safeguards to crack into your business and steal your protected information.
While teams of hackers infiltrating secured systems occurs daily, the truth of the matter is that most data breaches are not caused by hackers circumventing technical controls like firewalls and access-control lists: they are caused by human error, social engineering, phishing, and the manipulation of your end-users to gain a foothold in the environment.
According to the Verizon 2021 Data Breach Investigations Report1: “85% of breaches involved a human element.” These human elements range from being tricked by a phishing email—found in 36% of breaches—stolen credentials—found in 25% of breaches—and “other user errors”— found in 17% of data breaches.
Furthermore, the team at Verizon created a heat-map connecting the Top-Level action performed by the attackers and the results achieved by the threat actors. Some amount of social engineering and other user trickery—like phishing or watering holes—was used in 92% of the data breaches studied to gain initial access to a company.
Given the prevalence of phishing and other social-engineering tactics attackers utilize, this blog provides a thousand-foot view of attacker tactics, threat vectors, attacker goals, what’s at stake and how to protect yourself and your end users.
Next week's blog entry will cover some of the tactics attackers use to gain a foothold in your environment.
By: Kyle Rozendaal
Hylender, D. (2021). 2021 Data Breach Investigations Report. Verizon. Retrieved March 10, 2022, from https://verizon.com/dbir/