Biggest Cyber Security Threat 2017

What is the Biggest Cyber Security Threat this Year?

When Artficial Intelligence becomes Criminal or your Fingerprint gets Hacked and eighty other Nightmares in (cyber)crime.

In his blog post “Cyber Security Threat 2017” Deepak Kumar has published the answers of his survey on possible cyberspace threats. Nearly 90 answers read like a template for Mr. Robot’s next season. Here are a few examples:

1984 – Governments around the world are finally turning into “Big Brother”

US companies are now legally required to provide the US government with any data it requires. Similar legislation may follow in other countries as governments, highly sensitive to risks such as terrorism, try to get ‘control’ over the data that resides in their multi-national corporations. This is a huge risk to businesses, as it puts them at the mercy of government policy.

2001 – When artificial intelligence becomes evil

Criminal AI :“Because of its potentially catastrophic ability to learn and adapt without re-programming, making an AI criminal attack very difficult to trace and deflect and to stop criminals who use this software.”

0 confidence – If your fingerprint is no longer safe

Biometric authentication: “A password can be changed, but a face, fingerprint or voice isn’t so easy to change if that data is breached and replicated. As an industry we need watertight methods of storing this data securely before we play with people’s identities.”

In the original contribution, many professionals have shared their reflections and fears. We are not the friend of “FUD” (Fear, uncertainty and doubt), but the possible threats described in the blog are, according to our opinion, quite realistic and give us to think….

 

Read more possible (cyber) horror scenarios in the future:

Register for LUCYs Spear Phishing and Malware Setup Webinar on April 11th 2017

Register for our Spear Phishing and Malware Webinar on April-11th!

The current phishing attacks are now becoming more sophisticated and personal. Our experience has shown that the employees of an organization, with appropriate training and phishing simulations can better deal with such threats and this can significantly increase the company’s security. Join our webinar and experience live how to set up, implement and evaluate a personalized […]

The ultimate Phishing Tool and even more – LUCY V 3.3 out now!

A completely redeveloped PhishButton, Reports in Microsoft Word format, improved learning management system (LMS) functionalities: LUCY had become the ultimate Phishing Tool (and even more)! And it’s still free for up to 50 Users! Download it now.

New Version: The Phishing Tool and its training functionalities

Again, we put lot of efforts into our baby. With the feedback from our customers and we improved many existing features. Here’s the list:

Completely new Outlook Plugin / Phish Button: Starting with LUCY 3.3 the plugin is a signed MSI file and programmed as a C++/COM object. The loading time of the plugin is around 10 Milliseconds.

Reports in Microsoft Word Format – Docx: Within each campaign you will find a button that allows you to create a PDF, HTML, raw CSV and now in Version 3.3 a Word report based on a predefined *.docx template report format

New CSV reports. Export the insights you got in raw CSV format

Embedded java exploit: The JavaExploiter is a signed applet that will execute one or multiple commands and report back to LUCY

Recipient stats page improvement: http://www.lucysecurity.com/PS/doc/dokuwiki/doku.php?id=monitor_a_campaign_statistics#see_advanced_recipient_statistics

Alternative dashboard views & actions: You can select different default views for your dashboard and starting with LUCY 3.3 you can export the dashboard info (overall stats, campaign names etc.): Ability to reschedule awareness training: Starting with LUCY 3.3 the recipient will be able to re-schedule an awareness training.

The ultimate Phishing Tool Dashboard - LUCY V 3.3 is out

New Dashboard Style available – LUCY – Phishing Tool and more

Comparison improvement: Starting with LUCY 3.3 you have advanced comparison statistics that allow you to make also trend analysis

Scheduling improvement (Timezones)  Now you have the ability to create scheduling rules based on different time zones. If you specify a longer time range you can also ensure, that mails are not sent out on weekends by selecting the according checkbox

Victim reminder: The victim reminder is a new feature that can be configured within a campaign. It allows the administrator to define, that recipients who did not click on a link, did not start a training or did not finish a training, get a reminder message send after X days (to be specified).

Automated awareness link delay (LMS): Now you can set a delay for the automated awareness email. This setting will ensure, that people within the same office will not all be informed immediately that a phishing simulation took place.

Recipient list custom fields:  You can create custom recipient fields now. You can add any new recipient attribute you want (e.g. city, gender, education etc.). Those attributes can be used for using customized statistics in LUCY (dashboard filters or raw exports).

Linking a custom Wiki / Optional manual view: By default the LUCY admin or view only user will have access to the LUCY WIKI. If you don’t want to expose the WIKI or create your own web based manual with your corporate design, you can go to the advanced settings and define a link to your manual

Even more new or improved Features in LUCY V 3.3 – The ultimate Phishing Tool:

  • Ability to install all available patches at once
  • Improved charts in reports
  • Time-based variables in message templates
  • Website copying improvement
  • Campaign recipients page improvement
  • Victim side optimizations
  • License purchase improvement
  • Improved statistics
  • Campaign blocking improvements
  • Benchmark statistics improvement
  • Ability to detect clients behind proxy
  • Awareness scheduler improvement
  • Possibility to rename fields in report
  • Timeline improvements
  • Closed JS files from unauthenticated access
  • Setup tool improvement
  • Optional custom 404 for domains
  • OpenDKIM improvements
  • Optional let’s encrypt domain check
  • IDN improvements
  • Limited view account
  • Menu adjustments

Upgrade now to the ultimate Phishing Tool (and it’s even more ) ! Or download below:

Robert Bosch uses LUCY for Phishing Simulations

Customer Story – Experiences with the use of the LUCY Phishing Awareness Training Server at Robert Bosch

An interview with Patrick Zeller, Senior Manager Enterprise Security, Robert Bosch LLC.

Robert Bosch uses LUCY for Phishing SimulationsMarch 2017 – “Bosch” is one of LUCY Security’s first major customers. Thanks to its support, the LUCY Phishing and Awareness Training Server was able to develop rapidly. At the beginning of the year 2017, we interviewed Mr. Zeller on the use and experiences with the products.

Mr. Zeller, how and to what extent does Robert Bosch use the LUCY server?

Patrick Zeller: We use Lucy to educate our employees around the world, on the dangers and risks of phishing and to raise awareness about this. Our employees are given the opportunity to gain experience on this topic, within a safe environment.

And since when is the product been used by Bosch? Can you tell us something about the volume of the already-conducted campaigns?

P.Z.: After an initial evaluation in autumn 2015, we have been using the LUCY Phishing Awareness Training Server since spring 2016. We have conducted various campaigns in more than 10 different languages, with up to 300,000 recipients. Also, since the end of 2016 we have been using the new function of “USB phishing”.

Can you now say something on the benefits of the phishing simulations; has the awareness against cyber risks actually increased among the employees?

We have not yet performed enough campaigns to have proving evidence, with regard to the “click-through rates”. We expect the first KPIs by the middle of the year. However, the feedback of our employees on the respective campaigns is very positive. What we can say with certainty is that we have noticed a significant increase in the notification rates / reports on phishing emails to our internal CERT, as a result of the phishing campaigns carried out so far. This indicates an increasing general awareness of our employees.

Do you remember the incidents; have there been fewer breaches, infections, or something similar?

These are internal data on which I unfortunately cannot comment on. However, since security have always been a top priority for Bosch, we have traditionally been very well positioned here. We see the topic “Security Awareness Phishing” as a complementary tool and measure in our IT security portfolio.

Thank you, Mr. Zeller. Let’s now get to the product itself: why did Robert Bosch GmbH opt for LUCY?

In addition to its excellent price / performance ratio, the decisive factor was the fact that we could completely run the LUCY Phishing Awareness Training Server in-house or on-premise. This is important to us, as it ensures that no sensitive data from our employees leaves the company. Overall, this equally helped us to obtain approval from our worker`s council, since we could convincingly demonstrate and ensure that no employees are monitored. LUCY gives us the flexibility to individually design campaigns and to execute them completely anonymously. It is our goal to train our employees and not to carry out performance checks on them!

And how were the experiences so far?

Overall, it is very positive; as such, we’ve decided to continue with the LUCY Phishing Awareness Training Server. We appreciate the close contact with LUCY’s developers, who can directly support us in case of problems and who are always open for new feature requests. With the version 2.x, we had some performance issues at the beginning, but since the version 3.0, the product has significantly matured and it runs reliably. Unfortunately, the report generator can only be used to a limited extent, because we have very specific requirements, which is due to the size and complexity of our organization. Fortunately however, we can solve this by exporting the results, which we then appropriately prepare for ourselves, through our database applications.

Can you tell us about your favorite features or templates and how are you satisfied with the product?

To be honest, we rarely used pre-made templates in the past. We have too much fun in implementing our own ideas. In general, LUCY’s flexibility is certainly a feature which we greatly appreciate. Also, the “Randomized Phishing” and the “Double Barrel Attacks[1]” are among our favorite features, since they are very efficient and easy to configure. Currently we are looking at the new Phishing Incident Plugin for Microsoft Outlook (Note: Phishing alert button). Overall I can say that LUCY is a very efficient tool for my team, for creating awareness amongst our employees and it meets all our requirements!

Thank you very much for this interview, Mr. Zeller.

[1] In a double barrel attack, the system first sends the user a lure email with a teaser text. The system then waits for some time, before the actual phishing email is sent to the user.

About the LUCY Phishing Awareness Training Server

The LUCY Phishing Awareness Training Server is used for the simulation of technical social engineering attacks and it is universally applicable from SMEs (Small Application Areas Phishing LUCY Server Robert Boschand Medium size Enterprises) right up to large customers. The product can locally be installed at the customer’s location; a cloud variant is also available. The Swiss solution provides dozens of preconfigured phishing templates and training modules, which can be independently used by the end user. Through the “Phishing Incident Plugin” for Microsoft Outlook, the user is opportune by his/her quick reception of an alert, in the event of an attack; this thus reduces the work put in by the security team in the analysis of the threat.

For further information please contact LUCY Security at +41 44 557 19 37 or at http://www.lucysecurity.com/contact-team/.

You want to copy an existing Website for a Social Engineering Scam? (Simulation) – We show you how it’s done

After 2 (two!) minutes you have a cloned website for your Phishing Scenario. LUCY Social Engineering Simulation Server empowers you when you set up an IT-Security Awareness Campaign [Screencast].

Advanced Phishing Simulations: Clone a Website and add your own Login Form – Do you want to create a phishing simulation and you want to use an social engineering simulation with LUCY - Cloning an existing Website and inserting a login form for data capturealready existing website as a landing page? This 2 minute video shows you quickly how to create a custom landing page with the website copy feature and adding a custom login form for data capture.

Just create a new scenario and select an empty Web based scenario. You can also select any other Web based scenario template for the social engineering simulation you want to customize, because the “Website Copy Feature” overwrites the default Landing Page of the template.

The steps described in the webcast are

  1. In LUCY, create a new campaign, edit the basic settings and save it
  2. Create a new scenario by selecting a Web based attack template (or chose an empty one), populate all mandatory fields and save it.
  3. Go to the Landing Page Menu Item of the scenario you created just before
  4. Push the “Copy Website Button”, the ‘WebSiteCopy’ dialogue appears
  5. Fill out the fields:
    • URL – The source website you want to copy
    • Language – With that you’re defining your language version (LUCY allows multiple languages in the same campaign)
    • File – Select the appropriate value in the poplist, choose f.e. index.html
  6. Push the “Start” Button and the Website Copy is executed. Even really big sites can be copied. And it’s fast!
  7. After the copy is finished, use the Back Button of the dialoge (not of the browser)
  8. Go into the editor, place the cursor where you want to add the login form, push the button “Insert Login Form”
  9. The System provides you three predefined login forms. Select an appropriate one and press OK. If you want to modify it later on, you can do that manually.
  10. The login form appears on the landing page from you social engineering simulation / phishing scenario. Save your setup of the landing page and you’re done with it!

 

Thank you for using LUCY. If you want to see the full end-to-end process from setting up the campaign until sending out and tracking the phishing simulation messages, the just watch the longer webcast below.

Watch the full and more detailed Scenario: Social Engineering Simulation Webcast

 

 

Phishing Reports: How to read and analyze Stats of a Ransomware Simulation or a File based Phishing Attack

How do you read the results of a Phishing Campaign containing an file attachment or even of a Ransomware Simulation? A hands-on example explains how to get campaign insights and how to read LUCY Phishing Reports.

The initial situation and the question

You prepared a file based phishing scenario. The attachement is a word file containing a ‘malicious’ macro. And now you want to track the results.

Say you sent 50 messages, 20 were clicked (good campaign!), vou got 2 file downloads and 1 user activated the macros.

The Question: How can you list the users who downloaded the file, but didn’t activate the macros? For example you’re should have a list of 2 users somewhere for this but you can’t find it.

The Answers: Analyzing the Phishing Reports

1. Who downloaded the File and who did activate the macros? You can see who clicked, and who executed the file (success) in CSV for example (here’s an example of mixed scenario with macro) and the success condition set to “Data Submit”. As you can see it’s only the last user who downloaded AND executed the file has a ‘success entry’. The user who only accessed the file has only a success entry at link click (column ‘clicked):

Who clicked on the File Link? Who even activated the Word Macro in the File - Analyzing Campaign Reports generated by LUCY Anti-Phishing Server

2. Download summaries are visible in overall stats:

Summary Report on the amount of people who downloaded a attachement from a LUCY Phishing Simulation / Attack

3. See in detail how downloaded what and how was the success: But if you want to see in detail who downloaded a file you can sort the phishing report list by a variable that only appears if the user accessed the webpage (e.g. plugins) and then you can see in the details if the user downloaded the file and executed the file (= The check mark at “Successful Attack”)…

details if the user downloaded the file and executed the file. This is a success event of a file based phishing simulation

…or only accessed the link, downloaded the file, but did not execute the file (no success check mark):

A user downloaded the file but he didn't activate the word macro. This means that this particular phishing attack was not successful. Success Checkmark is empty - Antiphishing Simulation with LUCY Server

5. Alternative: Analyze transmitted Data back to LUCY – Another possibility to track only users who executed the simulation is to actually see under “Collected Data”. Such an event when a user is clicking a link/file is reported back to LUCY: 

When a user clicks on a link or a file, this information is send back to LUCY Phishing Server and is available for further analysis under the Menu "Collected Data"

Happy Reporting with LUCY Anti-Phishing and Awareness Training Server!

LUCY is Winner of the Cyber Security Excellence Awards 2017 - Category Awareness Platform

Yes! – LUCY won it’s Second Award!

Phishing Campaigns with hundred of thousands of users - Robert Bosch is a LUCY Customer

Phishing Campaigns with up to 300,000 recipients – Robert Bosch LLC is a LUCY Customer

New certified Phishing Simulation and Anti-Phishing Consulting Partners in Amerca, Africa, South-East Europe and Switzerland - Certified LUCY Partners

New certified LUCY Partners in North America, Nigeria, Slovenia and Switzerland

Big Update: Awareness Training and Phishing Attack Templates 02/2017 – IT Security Training reloaded!