South Korea is the latest to join the “compromised by spear phishing” list, suffering very serious attacks from their not-so-friendly northern neighbor. What’s interesting to me is that South Koreans exist in a heightened sense of security — both from physical and cyber attack. They live under the shadow of potential conflict with the crazies that make up the North Korean government. Thinking about security, and being hyper-vigilant against potential attacks, is far more common in this environment than it is for most of the rest of the world. It’s likely rivaled only by Israel.
If South Korea can be compromised, think of how easy a similar attack would work against the US government or commercial companies in the United States — actually, you don’t have to use your imagination, plenty of examples in the news over the past couple months.
On the brighter side, we’re also seeing a lot more activity and interest in our employee phishing awareness solution. It’s interesting to see how many different industries are feeling actual pain from phishing attacks. For some, it’s a nuisance growing to a level that needs to be addressed. For others, it’s a serious problem that has led to multiple data breaches (and yes, it was the Chinese).
We’re still not seeing any new technology that reduces phishing, which means training needs to be part of the solution. Mandiant said as much in their recent APT1 report. Some researchers at GA Tech are trying to develop a better way to automate this, but it’s still not proven. Regardless, the fight continues, and we’re all on the front line.
