Following news that millions of dollars have been stolen from banks by cybercriminals was yet another startling wakeup call for cybersecurity experts. Not surprisingly, hackers delivered the malware payload via social engineering phishing attacks targeted at reckless employees.
"Even after 20 years, social engineering is still the easiest way into a target's network and systems, and it's still the hardest attack to prevent," said Kevin Mitnick, legendary hacker and Chief Hacking Officer of KnowBe4.
Companies need to be aware that employees - in a number of different departments - are often untrained and rather careless when checking their emails. Spear-phishing tends to be a popular choice among cybercriminals, able to trick employees by using a customized approach.
"While this cyberheist is consider very sophisticated, spear-phishing is one of the most preventable and affordable," said Stu Sjouwerman, CEO of KnowBe4. "You would expect the finance industry to set the bar very high and have employees trained within an inch of their lives not to fall for such an attack. We would highly encourage financial institutions to take a look at their training methods and beef them up accordingly."