http://www.csoonline.com/article/740396/spear-phishing-poses-threat-to-industrial-control-systems
By John P. Mello, Jr.
CSO Online
September 26, 2013
While the energy industry may fear the appearance of another Stuxnet on
the systems they use to keep oil and gas flowing and the electric grid
powered, an equally devastating attack could come from a much more mundane
source: phishing.
Rather than worry about exotic cyber weapons like Stuxnet and its big
brother, Flame, companies that have Supervisory Control and Data
Acquisition (SCADA) systems -- computer systems that monitor and control
industrial processes -- should make sure that their anti-phishing programs
are in order, say security experts.
"The way malware is getting into these internal networks is by social
engineering people via email," Rohyt Belani, CEO and co-founder of the
anti-phishing training firm PhishMe, said in an interview.
"You send them something that's targeted, that contains a believable
story, not high-volume spam, and people will act on it by clicking a link
or opening a file attached to it," he said. "Then, boom, the attackers get
that initial foothold they're looking for."
[...]
--
Find the best InfoSec talent without breaking your
recruiting budget! Post a Job, $99 for 31 days.
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/
