ABC of Spain 2 / Cybercrime is booming. A report by Intel Security reveals that cybercriminals techniques have evolved to the point that currently use the same techniques used by businesses selling to extract valuable data from customers and employees.
According to the report, two in three emails that are sent worldwide are “spam” and its only purpose is to extort receptrores for money and information. According to the company McAfee Labs has detected more than 30 million URLs suspected of sending fraudulent e.
cybercriminals techniques have improved so much in recent years it is estimated that 80% of the workers are not able to even detect scams “phishing” most common and frequent. The Foreign Minister Jose Manuel Garcia Margallo, cited a study which reflects that Spain is the third largest cyber attacks in the world after the US and UK. The number of cybercriminals in 2014 exceeded 70,000, which has an impact on Spanish companies that lose each year more than 14,000 million euros due to cyber attacks. This implies that cybercrime move more money than even drug trafficking.
More sophisticated techniques Security Intel’s report, endorsed by the European Cybercrime Centre of Europol, also reveals that the latest social engineering They launched by cybercriminals are becoming more sophisticated and harder to detect. Through these methods, cybercriminals are able to get their victims do things they would not normally do, events that usually translate into the loss of valuable data and information. And also in substantial economic and reputational losses.
The report, called “Hacking the Human OS” and comes just days after 100 banks around the world have confirmed they have suffered attacks malware that caused them estimated at 1,000 billion dollars in damage, cases of sophisticated cyberattacks are collected. Computer networks and banks were attacked by “phishing” demonstrating the inherent weakness in the “human firewall” and the need to educate employees about the main techniques of persuasion in the digital world.
computer security experts highlight a notable increase in the sophistication of social engineering. “The most common thing we see when we investigate data breaches is the use of social engineering to force the user to do something that facilitates the infection of malware without being aware of it,” says Raj Samani, a spokesman for Intel Security Europe, advisor the European Centre for Cybercrime of Europol and one of the authors of the report.
Paul Gillen, Director of Operations of the European Centre for Cybercrime of Europol, also says that cybercriminals do not necessarily need a large technical knowledge to achieve their goals. “They rely on psychological manipulation to infect computers of victims through phishing, for example. These victims are persuaded to open attachments so seemingly legitimate pressed on a link in the body of the email that appears to come from known sources” says.
The team of 500 researchers from McAfee Labs Security Intel Labs highlights the fact that two thirds of emails from around the world are now “spam” aimed at extorting money and confidential information of the receiver. This means that consumers and employees should be alert against “phishing”.
“social engineering threats are worse than more intrusive malware, since it is more difficult to defend against them. Especially because the target is people, not just the system. In this sense, the most effective way to protect against these threats is to be informed, and companies should promote education on safety, in order to mitigate risks, “says Javier Perea, director of Intel Security Spain.
The importance of security and policy management has never been more apparent. However, another recent study by Enterprise Management Associates, notes that only 56% of employees have received some training in safety, protocols or policies.
What is social engineering is a set of psychological techniques and social skills used in a conscious and premeditated by cybercriminals to obtain information from third parties. It could also be called the subtle art of deception carried out by users, which ultimately are the weak link and that we are aware of the damage they can cause. An attack that uses social engineering can be divided into two categories: First, the so-called Hunting, which aims to extract information through minimal interaction with the target. And Farming, whose aim is to establish an ongoing relationship in time to “squeeze” the maximum to the victim and extract wealth of information.
Information ABC of Spain 2