Behind every big data breach headline there’s an attacker that has social engineered valid credentials out of someone. People often use the same password for their personal email as they do for their workplace and the various e-commerce sites they log into. If businesses expect to prevent attackers from leveraging valid credentials, they must first start with people taking more precautions with their passwords.
I’m sure many of you have seen this, but no recent video (which still gives me a laugh) best illustrates the problem with cybersecurity in the United States as the one below. In this video, which is destined to be a classic in user cybersecurity awareness programs, Jimmy Kimmel has a member of his staff go out on the street to “get some passwords.”
Having or establishing a trust relationship through a personal contact, brand or common activity is the key to getting a person to click on a website or email (or, apparently, give up their user name and password to a random person on the street with a microphone). Unfortunately, attackers know there will always be someone willing to give away their identity like it has no value. As P.T. Barnum would say, “There’s a sucker born every minute.”
New firewalls, better intrusion detection systems (IDS), anti-virus or next-gen security information and even management (SIEM) systems aren’t going to detect an attacker that owns an identity. It’s only with a user behavior intelligence solution that an attacker with valid user credentials can be detected based on anomalous activity.