With a flawed CrowdStrike update causing the recent global IT outage in Microsoft Windows devices, organizations worldwide are working hard to get things back to normal. In such an environment of uncertainty, cybercriminals are making the most of the situation by attempting to exploit this chaos. We expect the hackers to be all involved in the confusion and vulnerabilities the outage has revealed. It is essential to understand these threats and have strong countermeasures and knowledge to protect our organizations during this challenging moment.
What are social engineering attacks?
Basically, social engineering is an activity that exploits human mistakes to extract private information, gain access, or obtain valuables. In psychological manipulation, cybercriminals trick targets into revealing confidential information or performing some activities that might compromise security. This includes attacks like Pretexting, Baiting, and Tailgating, all tailored to exploit trust put in people and, particularly, the desire to help somebody in trouble.
What is Pretexting?
One of the most common social engineering techniques is pretexting, in which some scenario or context is fabricated by the attackers to elicit information that will enable them to steal. For instance, the hacker may call and pretend to be IT support immediately after an outage occurs, stating that access to secure systems is required to resolve ongoing issues. Such a situation exploits the sense of urgency and confusion that gives those featured a higher likelihood of compliance.
What is Baiting?
Baiting refers to the process whereby victims are lured through something that appears very attractive. A good example can be telling them to download a critical patch in a given software. The attackers may have to take advantage of this and send messages with the pretext of critical updates to fix the problems caused by the CrowdStrike outage. This might result in unwary users downloading such malicious files and making their systems vulnerable.
What is Tailgating?
Tailgating is another social engineering form that exploits physical security. Many organizations are thrown out of gear, and hackers could get physical access to restricted areas simply by tailgating on the heels of the Voltaren personnel through secure doors in the chaos of the outage. This intrusion is cloaked under perfect cover as employees and security people are less vigilant.
If these threats sound too far a possibility for your company, then I would like to remind you of the Sony Pictures hack in 2014. The sophisticated combination of phishing and social engineering utilities used to break into the system led to highly sensitive data leakage and caused a number of serious financial and reputational damages to the company at large. The hackers were imitating real contacts, fooling people into giving out passwords and other forms of vital information. This went to underline just how devastating the potential that social engineering attacks hold.
An easy way of preventing such things is to instruct employees to verify any unusual or urgent requests by calling the presumed sender back through official channels and not in reply to the received email or by following the links provided in it. To preserve system integrity, we need to focus on keeping all software and systems updated with the latest security updates while also making sure that the updates are received from a legitimate source.
It’s also very important that everybody, especially those with less technical experience, realize that it has become very important to ask for help without shame or fear. Cybercriminals cash in on moments of confusion and uncertainty; hence, the need to consult the IT department or knowledgeable colleagues whenever unfamiliar or suspicious activities occur is more important than ever. Asking for help is a step towards keeping personal and organizational security at par. By creating a culture where questions are encouraged and resources are available, we move further in building defenses against social engineering attacks or cyber threats.
The recent global IT outage caused by a flawed CrowdStrike update is a harsh reminder of the vulnerabilities in our digital infrastructure. While threats of social engineering attacks are looming over us, this recovery effort has put our organizations at risk. We should all be aware of such threats and have robust countermeasures in place, and we should all work in environments where help is pursued easily so that together, we can strengthen our defences. These proactive steps taken now will not only prevent huge damage but also put our systems and data in a position so that they cannot be exploited in the future when a similar scenario strikes us again.