Keeping you up to date on the latest in tech and cyber. Feel free to forward to interested colleagues and acquaintances.
The first sign of attack may be a phone call !
Recent cyber attacks have featured the IT Helpdesk as a point of entry. Either by impersonating the Helpdesk and calling users to get information, or by calling the Helpdesk and impersonating a user to get the technician to provide information.
Many security breaches begin with so-called “social engineering” tactics. This is when someone persuades an employee to divulge information about another user or how to access an application. The hackers then use that information to sound more credible to the next person or gain access directly.
Recent social engineering hack costs UK supermarket $100M. See Reuters story here.
Recently hackers have used native English speakers to take advantage of assumptions that anyone with a normal accent is more trustworthy.
What you can do
Make sure you have a professional Helpdesk service staffed by security vetted, US based, technicians. A professional Helpdesk will make sure that anyone who is interacting with your users has a good understanding of your company and has approved methods of verifying people’s identities whenever they make requests.
At JustWorks, we are able to verify individual users by sending a custom push message via Duo to their phones. But even then, we are fully aware that if someone’s phone has been stolen the thief will not only be able to make calls as if they are coming from that number, but they would also potentially be able to acknowledge push messages.
In the end, there’s just no substitute for well trained, highly qualified and professional IT staff.
Educate, educate, educate
Keeping your employees aware of the latest cyber security threats is the single most effective action you can take. If you are already using a service to test peoples sensitivity to suspicious emails, those services can usually be expanded to include general cyber security awareness training as well.
You might consider forwarding this email to your staff, for example.
If in doubt: call back
Instruct your users that if they ever receive a phone call from someone reporting to be from the IT Helpdesk but they cannot be sure if the call is legitimate, that they should tell the person that they will call back and then call back into the helpdesk using a known good number. If necessary, consult the service provider’s public website and use the number published there.
They are not being rude, they are just using good cyber hygiene, and any professional Helpdesk technician will understand that.
Leave a Reply