Pro+ Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
May 2011

Gaining awareness to prevent social engineering techniques, attacks

On the surface, the email looked completely legitimate. It appeared to come from an employee within the U.S.-based Fortune 500 manufacturing firm and talked about a corporate initiative the CEO was pushing. Four high-level executives received the email; one clicked on a link embedded in the message. That was all the attackers needed. The unwitting click unleashed malware that infected the executive’s computer and gave them a foothold into the company’s network, where they sniffed for passwords and gained access to multiple systems. Until the FBI notified it, the manufacturing firm -- which was negotiating to acquire a Chinese company -- had no idea the intruders were stealing data on a weekly basis. The stolen data was highly sensitive – critical emails with details of the negotiations. In the end, the company scuttled its acquisition plans, says Frank Nagle, senior consultant at MANDIANT, an Alexandria, Va.-based information security firm that investigated the case. The attack, which happened two years ago, is a stark example ...

Access this Pro+ Content for Free!

By submitting you agree to recieve email from TechTarget and its partners. If you reside outside of the United States you consent to having your personal data transferred and processed in the United States. Privacy Policy

Features in this issue

Columns in this issue

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

-ADS BY GOOGLE

Close