Opening Our Network Security Playbook Part 5

USER EDUCATION – Some of the most difficult attacks to mitigate leverage social engineering where the bad guys are taking advantage of people’s good will. The most common example of this is a scenario where the attackers will call people at random and claim that they are a legitimate IT company. The caller ID will have a “spoofed” phone number that impersonates a legit company such as Microsoft or Dell. To an unsuspecting person, this looks pretty authentic.

During these events the attackers will attempt to gain remote access to your computer to "fix a major problem" and once connected, the attacker has full access to the machine. Commercially available tools such as TeamViewer and AMYY are being used.

Users represent the very last line of defense in our security stance. We try to put as many layers of protection as possible in front of them as we can. Insuring that users run with the least amount of privilege and access will restrict how far this type of attack can go. User security education is the best preventive measure you have in this style of attack. We send out bulletins on a monthly basis that remind users to be vigilant. We also try to build an open channel of communication with our users where they feel comfortable coming to us if they are not sure about something. Better safe than sorry.