Ensuring the operation of a computer network
Whaler fishing or Spearphising - (Upgraded version of Phising). If you use "deception" of access data through attachments or hyperlink aspects in fake emails, the attacker tunes the responsible preparation for knowledge of the environment and internal processes of the target of the future attack, we are suddenly at 8,9,10… or more. It is already a Spearphising attack (or Spear Phishing - hunting on the edge of a spear or simply a harpoon).
In the case of Spearphising, it is a combination of classical phishing and old well-known social engineering, as its world was introduced (and realized) in the distant past and was described in a few years by Kevin Mitnick in his book The Art of Deception. He realized himself very sophisticatedly with telephone companies and later with banking houses, and with the help of his discovered and undisguised talents he discovered how easy it is to obtain information from unsuspecting employees of these companies. Then they couldn't do almost unbelievable things with them, incomprehensibly simply. But back to Spear Phising. It is with email in the perfect Czech language, with a small, easily overlooked "modification" of the sender's domain in a single letter (for example, instead of l), with email preferably with the signature of one of the influential bosses, it is becoming relatively more interesting. If the attacker decorates this email optimally with the boss's iconic photo in the signature of "his" email, then the chances of success for the enemy increase again.
In addition, if the text in the e-mail is sufficiently urgent and requires the reaction of the user "ASAP", which term this boss very often, as an experienced megamanager uses J even more experienced, is only a small step to a major fire problem. The user clicks on the attachment, confirms that he really wants to open it and he must not avoid the inconvenience associated with disobeying the order in due time :-) And that's it.
All it takes is the user, his boss and the boss of his boss together with the management or directly with the business owner… and especially in the past before the heart attack of the company's IT department already shakes his head in disbelief, usually late. The heads are even more concerned about whether to pay the ransom or try to recover from the deposit. Whether to start a contract with an attacker for the best price for the decryption key, or spend, at best, weeks, or worse, unnecessarily, trying to collect (understand find where to take) data after all possible and impossible backups and step by step to resume operation companies with "thank God" perhaps most of the original data and databases.
What with this? How to reduce the risk of a successful attack in our company? How to reduce to a minimum the possibility that this problem will concern us? It simply doesn't work. Unfortunately.
Still, let's not lose hope. There are definitely methods, ways, technologies from which a very effective defense strategy can be mixed. It is clear that it is mainly, but not only, software and hardware technologies, their regular and consistent management, monitoring, ongoing evaluation of security incidents, but also, not least, user education, their motivation to behave on the Internet and regular security education.
All these segments of the company's developing security strategy, which are appropriately selected and "tailor-made", cannot do wonders. Thanks to this, neither the user, nor his boss and the boss of his boss, nor the owner of the company, and especially the well-functioning fire brigade IT separate, just nowhere else has to shake his head in disbelief.
