With a trick as simple as spearphishing, hackers were able to create massive chaos around the 2016 election. It all started with a standard-looking security request from Google for John Podesta, Hillary Clinton’s campaign chairman, to change his password. Two days later, Russian hackers stole — and later leaked — more than 50,000 of Podesta’s private emails.
Russian hackers targeted more than 300 people, covertly monitored scores of computers, which they gained access to via spearphishing, and secretly implanted malicious computer code in hundreds of files. The malware allowed operatives in Moscow to remotely take screenshots and capture keystrokes of DNC employees.
Let’s all take a moment and learn a lesson from this historical event – do not click on phishing emails.
Easier said than done. According to Gartner, people influence security far more than any technology or policy. Which is why we suggest every business runs phishing tests and security awareness training on a regular basis. You absolutely need to have the security infrastructure essentials in place — next gen firewall, endpoint protection, mobile device management, encryption, etc. — but you need more than infrastructure protection to keep hackers from penetrating your human cybersecurity shield.
ACE IT Solutions offers a comprehensive suite of customizable cybersecurity services to meet your organization’s specific risk profile and compliance needs, including security awareness training and simulated phishing solutions to mitigate the risks of these cyberattacks, spearphishing and malware.
We continually invest in evolving our information protection program, developing our people, processes, technology and systems to create best-in-class risk management services. Protecting your information requires a strong defense on all fronts: from developing a dynamic cybersecurity strategy, to implementing comprehensive controls and information security services.
To boost your cybersecurity posture, contact ACE IT Solutions at 646.558.5575 and ask about getting started with our phishing testing and security awareness training program.