Lesson software, network attack

Recently, the survey of 100 large (more than 5,000 employees) North America is displayed that lesso software actors are making greater efforts to recruit internal personnel of the target company to assist in attacks. This survey was conducted by the Hitachi ID, which has conducted a similar study in November 2021. Compared with the previous survey, it has increased by 17% to assist in assistance to assist in the number of employers to carry out lesso software attacks.

The most specific, 65% of the survey objects said that between December 7, 2022 and January 4, 2022, they or their employees were found to help hackers established initial visit.

In most cases, threat actors use email and social media to contact employees, but 27% approach work is made by phone, which is a direct and shameless contact means.

As for the money provided to employees, most people received less than $ 500,000, but some proposals are above 1 million US dollars.

In these cases, half of the lesso software gangs even attacked the target company without any internal personnel.

This suggests that once a company becomes a candidate that Lesso software attacks, the rest is to explore potential methods, so that penetration is easier and more impossible to discover.

A neglected area

As the result of the survey reflects, internal threats are often ignored, underestimated and not considered when developing a network security plan.

When the IT supervisor is asked, 36% of people replied more attention to external threats, and 3% of them are not worried about threats.

Since last summer, Lockbit 2.0 Lexue Software Action Public invitation rogue employees have helped them have enhanced the awareness of this issue since the company's network access, but the problem still exists.

CISA released a tool in September 2021 that helped companies assess their position on their internal threats and warned that this special trend is rising.

Decided to have the actual entity in this issue added employee training and send fake emails to employees in key areas. However, most of them have not implemented specific security measures to curb this problem.

Ideal timing

The United States is experiencing a resignation called "big resignation", which improved the success of the soldier's actors in these strange negotiations.

Today, many companies' employees are in the edge of resignation or have decided to leave, but waiting for a suitable opportunity, an unexpected proposal for large funds may be attractive for some people.

More and more people feel too much pressure, the salary is too low, which is exploited, exhausted, and I feel that the job is no longer worth spending time and energy.

These people may be regarded as a desired candidate of the Lesson Software, and these gangs will tempted them into short-term governance with high reward.

Support the "Safety Run" just one thousand!