Social Engineering in Action

Is social engineering that effective? Ask an Uber or Rockstar Games employee that question and you’ll likely hear a resounding yes. This effective mode of duping people within a targeted group or business was the method that one hacker used to hit both companies with a breach. Just how effective is it? In 2021, the FBI received 323,972 complaints of social engineering attacks. And there are many more that go unreported.

What Happened

A teenage hacker known as TeaPot claimed ownership of these attacks. The Uber network was accessed by convincing an employee contractor that they were part of Uber IT and their credentials were needed. They believe those credentials were first found and purchased on the Dark Web. From there, TeaPot tried to log in but was stopped by multi-factor authentication (MFA). TeaPot then contacted the employee through WhatsApp, a messaging platform. They then claimed to be from Uber IT, saying that they needed the employee to approve the MFA request. With Rockstar Games, it was Slack messages that were breached. It is believed that access was acquired through manipulation there.

Losses from a breach aren’t all the same. We often assume it comes in the form of stolen credentials. While this is often the case, in the Rockstar scenario, it was stolen intellectual property. Content from their upcoming game was released which means a loss of revenue. Additionally, the hacker is threatening to release code that would give access to anyone wanting to create pirated versions of the game.

How to Prevent Social Engineering

Humans are the access point, so it is through ongoing training that they must learn how to avoid succumbing to an attacker’s tactics. Enabling multi-factor authentication can assist with preventing access, but avoiding leaked credentials in the first place is critical. The Uber breach is a case in point.

Educating your workforce to recognize that they can be targeted through online platforms outside of work systems is part of the process. Humans remain the weakest link in cybersecurity. By taking a multi-faceted approach you can strengthen your human firewall and secure your business.

AllSafe IT recommends the following best practices:

• Deploy a multi-layered stack of security solutions like AllSafe IT’s Safe Total, which includes endpoint protection, advanced email security, multi-factor authentication, security awareness training and compromised credential monitoring.
• Implement Backup and Disaster Recovery (BDR). Restoring from backup is the easiest, cheapest and most reliable way to restore data after an attack.
• Assume you will be hit. We only hear about huge corporations in the headlines, but organizations of all sizes are targeted. Do everything you can to avoid an attack, but also be prepared for the worst.
• Have a malware recovery plan. Speaking of preparing for the worst, make sure you have an incident response plan in place. This will enable your IT team to quickly mobilize when a ransomware attack starts and may even be able to stop an attack before data can be encrypted.

AllSafe IT is proud to have spent over 15 years providing IT services to hundreds of companies. Our specialized services are uniquely tailored to provide our customers with the reliability, protection, and fast services needed to ensure 100% uptime and maximized data security. From comprehensive and preventative cybersecurity strategies to 24/7 customer support, AllSafe IT understands the unique needs of small to medium businesses.