HA HA! You Got Phished
Blaming the end user isn’t going to stop cyber attacks
Area 1 Security | Area 1 Security
If you’ve ever watched the Simpsons, you know Nelson, that scruffy miscreant at Springfield Elementary. When things go wrong, no matter the cause, Nelson interjects with a point of the finger, and then his catch phrase, the unearned “ha-ha!”
It’s wholly unhelpful. Our collective response when people fall for sophisticated email phishing attacks is to channel Nelson, rather than deal with the root problem.
For so many people, work is clicking on things. If you’re a venture capitalist, or a lawyer, you have to click on links in email. It’s unreasonable to blame them. Nor does it make sense to ship victims off to training.
Around 95% of breaches start with phishing. It’s a method of attack that hasn’t changed, even as the results — be they viruses, ransomware, or point of sale attacks — have. To fight this threat, most companies rely on education. But when one click can sink a company, reducing the response rate to bad emails from 60% to 10%, which is what most phishing training programs hope to do, hardly makes an organization airtight. The best phishing emails are created by experts and could trick even an IT professional.
A better solution is to thwart delivery of said attacks altogether rather than hoping to stop user clicks. Area 1 Security watches the internet, crawling the entire web like a search engine to look for the early signs of phishing attacks. Attackers must create infrastructure for attacks, so they trap themselves in the world wide web. The web is a massive place, but with state-of-the-art analytics and big data, we can find the places hackers live.
Signs that a web page might be a phishing site include (but are not limited to) how well the page renders on mobile, since most hackers don’t spend the time to make their pages work on phones, or how long a page has existed. If you’re the first person to visit a web page, I can guarantee it’s a malicious website.
Stopping the next major breach shouldn’t be put on the end user. The experts should be responsible for protecting end users. And as the experts, we are focused on letting people work and play on the web in a natural, unguarded way.
