on the employees. It can’t just be background training once-a year. It has to be personal and engaging so people really get it.”
Attacking Through Social Media
As well as entering the email stream, hackers are identifying the personal interests of victims on social media. “Every kind of media is used for attacks. Social media is used to carry out reconnaissance, to identify targets and learn about them,” said Barker. “Users need to see what attackers can find out about them on Twitter or Facebook.”
The trick hackers use is to pretend they know the target. Then the get closes through personal interaction on social media. “You can look at an organization on Twitter and see who works in finance. Then they take a good look across social platform to find those individuals on social media to see if they go to a class each week or if they traveled to Iceland in 1996,” said Barker. “You can put together a spear-phishing program where you say, ‘Hey I went on this trip with you.’”
Protecting Against Attacks on Humans
The counter-action to personal hacking is education and awareness. The company can identify potential weaknesses and potential targets and then change the vulnerable aspects of the corporate environment. “We have to look at the culture of the organization. Those who are under pressure are targets. They don’t have time to study each email they get. We also have to discourage reliance on email,” said Barker. “Hackers also exploit the culture of fear, where people are punished for their mistakes. Those are the people most in danger. We need to create a culture where if someone makes a mistake, they can immediately come forward. The quicker someone comes forward, the quicker we can deal with it.”
Another defense against personal hacking is to move much of the company communication offline. “Part of the training is to encourage less email on the senior level,” said Barker. “Employees look at the boss or the CEO and see how they behave. If you have senior leaders on the organization who walk the floor more and communicate by phone, that’s going to trickle down.”
ARM Technology Drives the Future. Join 4,000+ embedded systems specialists for three days of ARM® ecosystem immersion you can’t find anywhere else. ARM TechCon . Oct. 24-26, 2017 in Santa Clara, CA. Register here for the event, hosted by Design News ’ parent company UBM.
Rob Spiegel has covered automation and control for 17 years, 15 of them for Design News . Other topics he has covered include supply chain technology, alternative energy, and cyber security. For 10 years, he was owner and publisher of the food magazine Chile Pepper.
Image courtesy of Cyber.uk