The security landscape has evolved a lot since the internet's infancy, moving from trolls trying to cause disruption to large-scale organized crime, intended to create a quick profit.
If you've been keeping an eye on social media in recent weeks, you may have even noticed this yourself. On July 15, Twitter feeds were bombarded by posts from some of the world's most trusted voices, informing them that they would double any Bitcoin sent to them. Though it's obvious in hindsight that the posts by Elon Musk, Barack Obama, Bill Gates, and 42 others weren't genuine, Twitter's security wasn't fast enough to prevent the theft of tens of thousands of dollars.
Following an internal investigation of the Twitter hack, we know that the accounts were compromised through a targeted phishing campaign, known in the security industry as spear phishing. A small number of employees in Twitter's internal support team were contacted via phone and persuaded to hand over their credentials and two-factor authentication codes. These lower-level employees were then leveraged to gain further access to account management tools.
This is a common technique that VirtuWorks has seen several times in its more than two decades of operation. In a live event just this June, CEO Omar Armenteros described an almost identical situation: "Attackers, first of all, will research their subject and find out about them, " he explained. "It really helps the hackers create an organizational chart of who to attack, who's important, what the chain of command is, who makes decisions. Then they'll hack somebody unrelated, like an assistant, and sit and wait."
How You Can Protect Your Business from Spear Phishing
In 2019, 88% of organizations experienced spearphishing attempts, with 98% of those through email. In light of this, and in the wake of Twitter's hack, VirtuWorks has seen concerns from businesses who wonder how they can stay safe when even the tech giants aren't immune.
As with any security threat, protecting against spear phishing attacks should start on a cultural level. With the proper training and awareness, employees can create what's known as a "human firewall", with attackers having to penetrate their experience and logic to gain access.
Strong password principles can also go a long way. Regardless of the position, credentials should change regularly, ensuring that a password doesn't remain useful for long if it does get compromised.
Beyond that, though, the reliance is often on third-party technology. As a Microsoft Gold Certified Partner, VirtuWorks has a strong familiarity with the solutions offered by its Microsoft 365 suite, and its universal identity system is designed to prevent or mitigate attacks much like Twitter's.
Microsoft Azure Active Directory Premium P1 protects businesses from 99.9% of cybersecurity attacks by verifying at multiple points that any user's behavior is typical. VirtuWorks has been building on that for years, creating a cloud with its own identity framework which can replace insecure on-premises Active Directory controllers. Together with Microsoft, VirtuWorks can provide the following:
- The ability to create all user accounts in the cloud, and, with the latest versions of Windows 10 Pro, tie them into the Microsoft cloud
- Untethering of devices from a physical location, letting employees authenticate themselves via the Microsoft cloud so long as they have a connection
- Multi-Factor Authentication (MFA)
- Federated sites, which let users sign into external sites with their existing Microsoft credentials
- The ability to cut a user off from all resources, at all locations, in one action
- Free for VirtuWorks customers: Password self-service, which lets users have password expirations and reset their password on their own
- Microsoft Machine learning threat analysis, which automatically identifies risky logins, such as those from a different country, and blocks them or sends a notification
- Conditional Access: The ability to limit logins based on device, a users location, or their personal device's security level
The result is a landscape that's suddenly much less friendly to attackers. Even if they compromise a user's credentials and multi-factor authentication, conditional access policies will prevent them from logging in from a different device and flag it as a risk. With federated sites, they'll be met with the same issue of trying to access a third-party tool.
At the same time, software like this, built into all of Microsoft's products, gives a large degree of oversight on the network if a fast, human response is needed. In combination with Microsoft Intune, it can be used to quickly shut down a specific user's access to documents or tools and stop attackers before they can do major damage.
The threat of spear phishing is understandably an intimidating one, but with the right tools, and more importantly the right security culture, businesses can be reassured that an attack like Twitter's won't be successful. Read more about creating a security culture and how VirtuWorks protects its customers. Contact us today if you’d like a personal review of your security measure.