Volume IV, Issue 5 (May, 2018)
Best Practices Corner
Preventing Phishing Attacks just got easier with
WatchGuard Total Security Suite/DNSWatch
Unless you’ve been living under a rock, you’re likely well aware of phishing attacks using email and other means to lure unassuming employees into clicking a link they shouldn’t. It’s been an ongoing issue since the existence of email, and it’s a problem that has never had any easy solutions to fix.
In fact, 76% of businesses report being a victim of a phish attack in the last year alone.1 Which is not particularly surprising, considering that these attacks are straightforward to execute and particularly profitable for those who succeed.
But there is good news for IT admins – with a little phishing education and a layered defense, it is possible to protect your organization from a phishing attack.
What is phishing?
A phishing attack is when a criminal sends an email pretending to be someone or something they are not, to extract sensitive data from the targets. They often use common tactics such as eliciting fear, curiosity or a sense of urgency to entice the target to open an attachment or click a malicious link.
What can be even more effective for a hacker, is to wage a spearphishing attack – emails that include specific information pertaining to the target. Attackers will often research their target on social media channels like LinkedIn or even your corporate website to craft the perfect email guaranteed to make them click.
Defending Against Phishing Attacks The most successful anti-phishing programs have four components: Protection, Education, Evaluation, and Reporting. These four steps work together to use your staff as a human shield, enabled by technology.
The first pillar in any anti-phishing program is to provide protection by putting a barrier in between your happy clickers and the attackers by:
- Monitoring and blocking access to malicious outbound DNS requests that ensure employees are not able to reach bad sites through suspicious links.
- Scanning tools that monitor file behaviors to ensure that malicious files don’t make it through the network.
- Using cloud sandboxing solutions that allow you to detonate suspicious files in a virtual environment to determine whether they are malicious. If the file is determined to be malicious, it will be quarantined, protecting the network from the attack.
It’s also critical to provide regular phishing education to your employees, along with evaluating their click rates. There are a variety of free and paid options available for training, including computer-based awareness training sessions, phishing email simulation exercises, and even just sharing phishing education videos and posters with staff. Organizations with well-trained employees that pass regular and accurately reported on phishing tests could have as low as a 5% susceptibility rate.
As part of the education, it’s important to let your staff know where they should forward emails they think are suspicious. Often, this is either forwarding the suspect email to the help desk or IT. These phishes are gold when it comes to understanding the how and who of an attack. By collecting and paying attention to phishes, you can sense trends in how your organization is being attacked (Office 365 phishes, Fake Invoices, etc.) and who (Sales, R&D, HR) are the targets. The attacker is effectively tipping their hand and we can use this to focus our security program and provide better protection.
Phishing Protection from WatchGuard Every organization has their share of happy clickers. And even if only a small percentage of your employees are likely to click on an unsafe link or download an infected attachment, you need to have the right security services in place. With WatchGuard Total Security Suite, you’re able to protect end users from an attack, while reinforcing phishing education in the moment.
WatchGuard Gateway AntiVirus scans files and traffic flowing through the Firebox to identify known malware and riskware.If a threat is identified based on signature matching, the connection is blocked or the file is stripped. This protects employees from malicious attachments included in a phishing attack from ever reaching the end user waiting for a chance to click.
For zero day threats reaching your network, WatchGuard APT Blocker executes the file in a cloud sandbox environment and analyzes its threat potential. Malicious files are quarantined, and system administrators are alerted of the threat.
But how can you protect those happy clickers?
WatchGuard DNSWatch leverages DNS-level detection to provide an additional layer of security to identify and stop malware infections. Malicious DNS requests are automatically detected and blocked, redirecting users to a safe place instead of the attacker. The Personal Touch component of this service provides detailed reports on the detected and blocked infection.
Best of all, the user making the request is redirected to a safe site that includes education information to reinforce the phishing education you’ve already provided. Reminding your employees about their training as they’ve just clicked on a link or attachment is the most effective way to prevent this from happening again. Coupled with this training is a message from you, maybe asking them to call you or forward the email the user just clicked on. In the moment, users are much more receptive to advice, presenting an opportunity to enable new security features such as multi-factor authentication or enabling a password manager.
If you would like Verus to help you configure your settings to include DNSWatch, please contact us today at firstname.lastname@example.org, or call 763.354.2200.
Cisco Adds AI Tools, Cheaper Devices
to WebEx Chat Offerings
Cisco Systems Inc., the biggest maker of the gear companies use to connect employees, said it’s expanding the use of artificial intelligence in its online collaboration and video-conference products to make meetings more useful and efficient. Menial tasks such as scheduling, taking notes and following up on requests will be taken care of by machines in the future, according to Rowan Trollope, who heads the networking company’s Applications division. Cisco on Wednesday will unveil updates to its market-leading WebEx collaboration products that will include Assistant, an artificial intelligence-based meeting helper. The company is also offering cheaper hardware to make the service available in any room with a TV as well as a subscription service with online storage, security and analytics. Cisco’s push is aimed at making it easier for WebEx’s 100 million users to stay hooked and keep them from drifting onto cheaper or free services. It’s part of a broader effort to respond to the networking industry’s move away from expensive, purpose-built hardware toward a focus on getting more revenue from services provided over the internet. Trollope’s division has been the main driver of recent growth in Cisco’s deferred software and subscription revenue, which now tops $5.4 billion.
Cologix Upgrades Neutral Cloud Connect Platform
Cologix, a network and cloud neutral interconnection and data center compan, last week announced Cloud Connect, a network solution that provides a streamlined source for enterprises to now access every cloud service provider on its platform with a simple connection from any of their data centers. The solution enables extended reach into every Cologix market and a more robust, secure and efficient way to satisfy customers’ current needs, while retaining adaptability to the ever-changing technology landscape. Cologix Cloud Connect provides differentiated choice for enabling and future-proofing IT hybrid and multi-Cloud strategies with unparalleled vendor choice resulting in an extension of the reach and benefits offered to Enterprises. Cologix offers more connectivity choices for dedicated access to public cloud services like Amazon Web Services, Microsoft Azure, Google Cloud Platform and IBM Cloud than any competitor across its platform. Additionally Cologix customers can connect to more than 250 cloud service providers, operating nodes within Cologix data centers, to augment their own internal IT environment.
Food for Thought
Grilled spicy chicken breast stuffed with
mozzarella cheese offers a low carb grill delight
- 1 lbs. boneless chicken breast
- black pepper
- ¼ cup mozzarella cheese, shredded,divided
- 1 tsp. butter (I used Brummel & Brown)
- ¼ cup Franks Hot Sauce
- ¼ tsp. celery salt
- Preheat grill to medium low heat
- Butter fly your chicken, by cutting it horizontally. Do not cut all the way through. Sprinkle the inside of the chicken with pepper. Evenly top the the chicken with cheese and fold over the chicken to close it. It should look like the chicken breast before you cut it.
- In a microwave safe bowl (I used a pyrex measuring cup) melt the butter for 8 seconds. Stir in hot sauce and celery salt.
- Brush one side of the chicken with hot sauce mixture and place the hot sauce size down on the grill. Brush more hot sauce over top of chicken. Cook for about 7 minutes. Flip the chicken and brush on remaining hot sauce and cook until no longer pink; about 5 minutes more.
- Serve with a side salad, celery, carrots and ranch dressing if desired.