The Los Angeles Times recently posted an interview with Austin Berglas, assistant special agent in charge of the FBI’s cyber branch in New York. In the interview, Special Agent Berglas discussed cyber threats against America. Among the threats he discussed were the vulnerabilities of the banking industry and the stock exchanges. He observed:
Our message always boils down to everybody protecting themselves while on the Internet…. The No. 1 vector of attack for these bad guys is social engineering — the spear phish, the phishing e-mails …
This is certainly good advice – protect yourself from spearphishing. But how do you do that? Look at the email that compromised the AP Wire Service twitter account.
Recall that the fake tweet that was sent using the stolen credentials caused $140 billion in stock market losses. Upon quiet reflection, it is clear that all was not right with this email. It came one colleague’s account, but was signed by a different colleague. However, careful reflection is not how people use email. Despite having been warned that the AP Wire Service was under an email attack, when the reporter received this spearphishing email, on cursory inspection it looked like a normal work email. That was enough to start the chain of events that caused $140 billion in stock market losses.
Employees’ email decisions can compromise security. IT needs to help employees make better email processing decisions. That is where SP Guard comes into play. Using SP Guard, IT can determine a list of trusted senders and provide this information to staff in a simple and highly effective manner.
You can contact us at 408-727-6342,ext 3 or use our online form.