Tales of the activities of the Darkhotel criminal
group have alarmed many in top management. Last year, a number of C-level executives
were infected while staying at luxury hotels. The attack was conducted via the hotels’ Wifi
authentication web pages, which had been compromised by cybercriminals. These attacks clearly demonstrate
that sometimes endpoint protection can be the
only barrier between criminals and the information they need. Given today’s proliferation of
mobile workstations, this significantly raises the
value of Endpoint security. (What’s worth taking note of?)
This new surge in cybercriminal activity is marked by the extensive use of spear-phishing
emails, containing phishing links and variety of malicious
attachments. To disguise their attachments, the
attackers employed RTLO, a trick that reverses the final characters, including the extension,
in the file name.
Even more significant is their use of stolen certificates and of a zero-day exploit, which
went public after the compromise of the ‘HackingTeam’ security
company. (How to mitigate the risk?)
To protect your top management and, ultimately, your whole IT network from bei ng attacked,
you need to increase your focus on endpoint security
and mail protection. This means: – Using automated Vulnerability Assessment
and Patch Management tools for regular and timely
detection and patching of vulnerabilities in your software.
– Employing multilayered endpoint protection including Exploit Mitigation mechanisms, such
as Automatic Exploit Prevention featured in Kaspersky
Lab’s products. – Educating corporate staff including top
management in IT security fundamentals, so they
can recognize the signs of socially engineered spear-phishing.
– Protecting corporate email system with a multilayered security solution including Anti-Spam
and Anti-Phishing capabilities
Start re-thinking your IT Security Strategy now it’s the only way to address sophisticated
attacks like those conducted by Darkhotel.