 |
|
|
| |||||||||
| |||||||||
Current Filter: Security>>>>>Comment> Anthem for cyber victims Editorial Type: Comment Date: 03-2015 Views: 1414   |  | ||
| Following the recent Anthem breach – where the USA's second largest health insurer was hacked, exposing personal details including the social security numbers of tens of millions of customers and employees – it seems cyber criminals have now been taking advantage of the public's concern and using phishing scams in an attempt to steal financial and personal information "The breach of Anthem has again highlighted the level of sophisticated cyber-attacks against huge organisation with huge consequences," comments Alex Marsden from Phish'd at MWR InfoSecurity. It also demonstrates how phishing is still a tried-and-tested modus operandi for attackers, he says. "Malicious actors are like any criminal and are opportunistic; communications put out by Anthem were unfortunately playing into their attackers' hands. This mirrors the same technique used by attackers mimicking the Mandiant report, sending people a malicious file masquerading as a report about hacking." "To prevent your organisation being victim to phishing, internal communication is key and unfortunately, as [the Anthem] case proves, external communication is just as vital," adds Marsden. "When considering the risks, organisations need to think more in the mind-set of an attacker." Anthem uncovered the breach itself and took rapid action to make sure those who might be compromised knew what had happened. However, with such incidents now happening with increasing alacrity, their shock value has long since evaporated – which is a worrying thought in itself. As Lior Arbel, CTO at Performanta, states: "This must be seen as another wake-up call for organisations all over the world. Every company must take immediate steps to protect themselves and to detect whether they have already become unknowing victims of the growing tide of cybercrime. This is the time for organisations to take a holistic approach to the security procedures required to combat advanced threats, rather than look for a 'silver bullet' technology solution." Laudable and timely sentiments, of course, but past experience shows that too many organisations are still hoping it won't happen to them by keeping their heads down and avoiding the limelight… except, with today's attackers, armed with a host of cyber-war weaponry to rival that of anyone's, there is no hiding place.
Brian Wall | |||
| Like this article? Click here to get the Newsletter and Magazine Free! | |||
| Email The Editor! OR Forward Article | Go Top | ||
PREVIOUS | NEXT |
||
