Imagine receiving an email that claims another employee is talking about you in a public forum, and forwarding a link to the forum as proof. It looks legitimate enough, as the email is from a longtime client with whom you recently discussed business. The link asks for your login information, so you oblige without thinking otherwise, and then it's all over: Your information has been compromised by a group of hackers.
Intelligence in thievery This exact situation has happened to over 100 companies at the hands of a hacker group called FIN4, according to Ars Technica. A separate report by FireEye said the group has been compromising accounts since 2013, remaining undetected for most of that time.
FIN4 is extremely intelligent. Its members connect through multiple email accounts of each user they compromise to send elaborate discussions that are convincing enough to get employees to hand over their information. The FireEye report emphasized that FIN4 is very informed about its audience and the rhetoric each company uses in its professional emails. For example, when FIN4 hijacks an account to send an email, it uses company watchwords to make the email appear legitimate and secure, the source reported.
According to Ars Technica, after an account-owner opens the link in the email, FIN4 will show the user an Outlook username and password prompt, which then sends the information to the FIN4-controlled servers.
The authors of the study believe that FIN4 is heavily targeting health care and pharmaceutical companies to influence health care industry stocks. FireEye reported that FIN4 most likely is working to gain access to high-profile, market-moving information, but the authors are uncertain about FIN4's endgame. "Our visibility into FIN4's activities is limited to their network operations," researchers Barry Vengerik, Kristen Dennesen, Jordan Berry, and Jonathan Wrolstad wrote in the FireEye report. "We can only surmise how they may be using and potentially benefiting from the valuable information they are able to obtain. However one fact remains clear: Access to insider information that could make or break stock prices for dozens of publicly traded companies could surely put FIN4 at a considerable trading advantage."
FIN4 has also been clever enough to make a rule in email accounts that deletes emails with keywords for spam, such as "hacked," "phish" and "malware," which allows hackers to get away with their activities longer than they might have otherwise.
The FireEye report said FIN4 does not spread malware among its victims, but uses email account information to view private correspondences between employees and executives. FIN4 has infiltrated the accounts of scientists, advisors, lawyers and even executives of publicly traded companies and Wall Street firms.
The increasing need for cybersecurity
Data breach is becoming more commonplace in the business world, with headlines about customers and vendors being hacked for high-profile information appearing at regular intervals. This means email security is more necessary than it has ever been.
Hackers are more sophisticated than ever and their work is beginning to look trustworthy to even a high-end Wall Street executive. The Center for Strategic and International Studies reported that cybercrime costs $445 billion annually. The U.S. Bureau of Labor Statistics predicted that by 2022, the demand for security industry professionals will grow 37 percent. Industries are becoming dependent on cyber security to keep information safe, since more and more firms are managing their documents electronically.
Data breaches have become common through a multitude of channels: hacking, malware, physical attacks and social tactics. InformationWeek pointed out that hacking was the most used out of all four, which was exactly the way FIN4 got information of the 100 companies it infiltrated.
Many industries are affected by cyber security, both in the public and private sectors. InformationWeek reported that 90 percent of businesses in the private sector have been hit by a breach, while in the private sector, the Department of Homeland Security's Cyber Defense Budget was $936 million in 2012. This is because of the high number of threats the government receives, such as the 13.9 million cyber attacks the Senate Security Operations Center tracks each day. The top two devices that are attacked, the source concluded, were laptops and mobile devices, which are growing more prominent in the workplace.
All of this information leads to one easy conclusion
Companies need better cyber security. There is an increase of attacks on associations each year and with hackers becoming more sophisticated, there is more of a chance that a business will be attacked.
Heightened security such as email encryption and secure email services can ensure that an association is safe from cyber attacks. Additionally, awareness of how hackers work and updated information on the way they compromise information can help employees keep their eyes peeled for a security breach.
David Bailey is Senior Vice President at Protected Trust.
Protected Trust is a sponsor of the Print4Pay Hotel. I urge members and readers to visit their site to see their full line of products and services. More and more we need to provide well rounded strategic solutions for our customers. Protected Trust offers some unique solutions that can help us in our day to day efforts. Check them out here.
Comments (0)