Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More
Get access to immediate incident response assistance.
Get access to immediate incident response assistance.
Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More
Trustwave SpiderLabs issued a warning that threat actors may attempt to take advantage of CrowdStrike’s software update that caused widespread outages by using the news as the center of a social engineering scheme to convince people to open malicious phishing emails or fall for other types of attacks.
Using this news cycle is nothing new. Cybercriminals often attempt to exploit hot topics dominating the news cycles where they use the news to tempt targets into clicking on a malicious link or offering up vital information.
Chad Sweet, Co-Founder and CEO of The Chertoff Group, whose affiliate The MC² Security Fund acquired Trustwave earlier this year, said on MSNBC, “Unfortunately, we're already seeing reports that bad actors are exploiting this moment, taking advantage of CrowdStrike customers.”
Additionally, Trustwave CISO Kory Daniels shared, “The recent CrowdStrike outage underscores a growing concern: the potential for widespread disasters, either natural or digital, to serve as catalysts for criminal activity. When systems fail and chaos ensues, it creates ideal conditions for criminals to prey on the unique opportunity. History has shown us that these moments of disruption are often accompanied by a surge in criminal behavior. It's essential to recognize that the digital landscape, like the physical world, is susceptible to unforeseen events, and we must be prepared to defend against criminal acts that may follow.”
This has happened with the Ukraine-Russia conflict, tax preparation periods, and even the Olympics as attackers exploit headlines to their advantage. This is done by crafting sophisticated social engineering attacks that pique a person’s interest through general curiosity, need, or fear.
Cybercriminals are masters of manipulation. They understand that news events evoke strong emotions such as fear, curiosity, anger, or even excitement. These emotions can cloud our judgment and make us more susceptible to falling for their tricks.
When looking at the current CrowdStrike situation, threat actors have several options, but all depend upon their targets, not only knowing what is going on but most likely being directly involved on some level.
Here’s how they build their social engineering scheme:
The actual attack will likely focus on phishing attacks: Phishing remains the most common method attackers use to gain access. As we all know, they send emails or text messages that appear to be from legitimate sources related to the news story. These messages often contain malicious links or attachments designed to steal personal information. In this case, likely centered on the CrowdStrike problem.
These emails can be used to gather data, such as credentials or malware, that could give the threat group access to the target’s system.
Another method cybercriminals use is to create fake websites mimicking news outlets or organizations involved in the story. These sites often ask for personal information or try to install malware.
The most effective measure against phishing attacks is to stop them before they hit an employee’s inbox. Trustwave MailMarshal has decades of development, is easily deployed, and has an incredibly high success rate.
MailMarshal:
To safeguard against cybercriminals, organizations must prioritize email security and establish a comprehensive defense strategy to protect this vulnerable attack vector. Here are some essential measures to implement:
By incorporating these measures into their email security strategy, organizations can significantly enhance their defenses and reduce the risk of falling victim to email-based attacks.
Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.
Copyright © 2024 Trustwave Holdings, Inc. All rights reserved.