Phishing Top Cyber Risk: Law Enforcement

Monday, April 25, 2016 @ 02:04 PM gHale


Phishing attacks are the top priority for law enforcement and government agencies from the U.S. and UK.

The Global Cyber Alliance (GCA), founded at the start of January this year, held its first Strategic Advisory Committee (SAC) meeting last month in New York and decided to target phishing attacks.

RELATED STORIES
DHS’ Risk Analysis Tool Licensed
Phishing Attacks Prevented by SCAM
Rapid Address Change Aids Security
Teaching Systems to Forget Data

Founding members included representatives from the City of London Police, The New York County District Attorney’s Office and the Center for Internet Security agreed on a list of today’s top cyber risks, in order to develop joint strategies to counter their effects.

Based on their expertise, these three organizations ranked phishing attacks as today’s greatest cyber threat, followed in order by risks arising from weak identity and authentication mechanisms, risks arising from vulnerable and compromised websites, and Distributed Denial of Service (DDoS) attacks.

Phishing remains ineffective against a security expert, however, against a typical end user, it is very effective.

In order to stop, or at least cut down the number of phishing attacks, the GCA plans to promote the usage of the DMARC protocol that makes it harder to spoof original domains. Further plans include the GCA promoting the usage of secure DNS practices, which will also impede basic spear-phishing attacks.

The FBI reported phishing-related wire fraud attacks beat businesses out of $2.3 billion since 2013.

Phishing all falls back on having a program and having workers be aware of that program while also training employees against common phishing practices.