October Risk Roundup: Don’t get caught playing cyber Squid Games
Social engineering attacks are one of the most common and successful means attackers use to target their victims, and it’s not surprising that they’re so successful. Threat actors are opportunistic, and they capitalize on major events or pop culture phenomena to phish eager victims. This is the case for the (current) most-watched Netflix show, Squid Game. As with any current trend, it’s best to exercise caution when downloading or clicking on links, no matter how enticing they may seem.
1. Squid Game becomes lure for cyber threats
Adversaries that are extremely good at phishing understand what people will click on and download. Part of this is staying up to date with current events and understanding what people want. Adversaries have been embedding malware in torrent downloads for years, and it’s extremely effective in proliferating malware. When in doubt, it’s always best to view the media from a trusted source (which in this case would be Netflix). – Tommy Johnson, Cyber Security Engineer
Cyber criminals often leverage current events as part of such schemes – as evidenced here with offers of access to Squid Game episodes without paying for Netflix or a chance to win cryptocurrency in a virtual Squid Game competition. However, their objective is always to exploit unsuspecting victims. Just like in Squid Game if something seems too good to be true, then, sadly, it probably is. – Aaron Kraus, Security Engagement Manager
2. Cyber insurance is more than a safety net to cover liabilities
If you think of cyber insurance as monetary reimbursement after an incident, you are not taking full advantage of your cyber insurance program. Cyber underwriters help organizations identify security weaknesses during the procurement stage, such as lack of MFA, network segmentation, or regularly tested back-ups before a policy is in force. At Coalition, we scan our policyholders’ networks and provide alerts when vulnerabilities are present so that we can help our customers proactively secure their systems. In the event of an incident, we partner with our policyholders to provide assistance and a steady hand during a time of crisis. – Kirsten Mickelson, Claims Counsel
3. Customer feedback on ransomware payments
No one is immune from getting hit with ransomware. However, companies that provide proper disclosure, remediation, and messaging to their clients will keep their reputation intact, and in the long run, they’ll establish a better relationship with their consumers. At Coalition, part of the response to a ransomware event is not only the systems themselves but the company’s reputation as a whole. Companies that seek to hide or deny cyber incidents will likely suffer reputation loss and have difficulty recovering. – Ross Warren, Production Underwriter
4. Creating accurate cybersecurity metrics
Metrics are a helpful way to keep an eye on the status of an important process, but when they become more important than the process itself, you’ve got a problem. To steal a phrase, internally-managed metrics often consist of nothing more than “lies, damned lies, and statistics” and invite disingenuous activity to make the metrics look better regardless of the underlying process. An objective third-party monitoring service to compile statistics could, in theory, remove some incentives to manipulate statistics and give a clearer and more accurate picture of cybersecurity posture, maturity, and needed improvements. – Aaron Kraus, Security Engagement Manager
If you enjoyed this post be sure to check our blog weekly; the Risk Roundup runs Friday mornings in addition to more enlightening content we post related to the ever-evolving landscape of digital risk. Follow us on Twitter (@SolveCyberRisk), LinkedIn (Coalition Inc), and Youtube. If you have any suggestions for content that we should be adding to our reading list, let us know!