Phishing is the attack vector #1.

18 April 2015

In report ‘Phishing email’ the key to hacking of TV5 Monde‘, published 14 April 2015 on thelocal.fr, we read:

“According to a source close to the investigation cited by Europe 1, the hack started with a “phishing” email that was sent to all journalists at the TV channel at the end of January.

Three journalists responded, allowing the hackers to infiltrate the channel’s system using so-called “Trojan Horse” malware (malicious software).”

You may remember the Anthem cyber-attack some weeks ago. The credentials of five employees were phished and used by the cyber attackers to steal millions of customer data sets. Cyber-attacks start very often with phishing emails. Even if only a few employees responds it always ends up in a catastrophe.

Would risk management have prevented the TV5 Monde attack? Definitely not!

In the TV5 Monde case it is very likely that the Trojan-Horse would have been detected by a proper configured Anti-Malware scanner on the mail-in server. For details please see my post ‘Free email providers are preferred distribution channels for malware’.

@Mr. Oettinger. It’s time to start a truly useful European initiative:

‘Email providers shall run an in-depth scan of every email when it is posted to the mail-in server. If an email contains malicious object it must be rejected!’

It is very likely that the TV5 Monde attack could have been prevented, if a next generation firewall would have been used to run an in-depth scan of the phishing mails.

Have a good weekend!

This morning in my garden.

This morning in my garden.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s