Home / Technology / News /  Hackers look to target big tech firms through IT professionals
Back

Hackers look to target big tech firms through IT professionals

According to a report, IT staffers receive an average of 40 targeted phishing attacks every year.mintPremium
According to a report, IT staffers receive an average of 40 targeted phishing attacks every year.mint

Cybercriminals are turning their attention towards employees of IT companies, using them as entry points into the company’s own infrastructure

Cybercriminals are turning their attention towards employees of IT companies, using them as entry points into the company’s own infrastructure.

IT staffers receive an average of 40 targeted phishing attacks every year, according to a July 2021 report by cybersecurity firm Barracuda Networks. The company analyzed more than 12 million phishing and social engineering attacks impacting more than 3 million mailboxes at 17,000 organizations, between May 2020 and June 2021.

Phishing attacks are cybercrimes where an attacker tries to coerce the victim to visit malicious links, which can then be used to install malware on their devices. They are usually carried out using emails, text messages, or even phone calls. Social engineering, on the other hand, involves the psychological manipulation of a victim to trick them into giving away sensitive information.

The report said that old methodologies of email protection that relied on rules, policies, allow or block lists, signatures, and other attributes of traditional email security are no longer effective against the growing threat of socially-engineered attacks.

The average organization is hit by 700 social engineering attacks every year and one out of every 10 such attempts is aimed at compromising business emails, according to Barracuda’s report.

Attackers can target employees outside of the finance and executive teams to find the “weak links" in an organization, said Don MacLennan, senior vice president, engineering and product management, email protection at Barracuda. “Targeting lower-level employees offers them (cybercriminals) a way to get in the door and then work their way up to higher value targets. That’s why it’s important to make sure you have protection and training for all employees, not just focus on the ones you think are the most likely to be attacked," he said.

“The rapid shift to remote work witnessed a tremendous disruption of security programs," according to Prashant Bhatkal, security software sales leader, IBM technology sales.

Organizations were focused on bringing their business online, making security an “afterthought", which led to a “record high" in data breaches in India during the pandemic, Bhatkal said.

To their credit, organizations are taking the matter of security seriously. “Securing identities has become a core tenet of security, as identities can create walled gardens in the face of fading organizational perimeters and increasing workforce mobility. So, it helps in establishing a digital trust with your employees, your customers, partners, and vendors," said Gurpal Singh, associate research manager at International Data Corporation (IDC), a market research firm.

ABOUT THE AUTHOR

Prasid Banerjee

An engineering dropout, Prasid Banerjee has reported on technology in India for various publications. He reports on technology through text and audio, focusing on its core aspects, like consumer impact, policy and the future.
Catch all the Technology News and Updates on Live Mint. Download The Mint News App to get Daily Market Updates & Live Business News.
More Less

Recommended For You

Trending Stocks

×
Get alerts on WhatsApp
Set Preferences My ReadsWatchlistFeedbackRedeem a Gift CardLogout