The internet is often a silly place where strangers trade memes and inside jokes become global phenomena. But not all jokes are safe for work. In fact, many hackers are foul pranksters who breach networks and launch cyberattacks just for the lulz Âù.
Even though their methods are shady at best, cyber pranksters can reveal how vulnerable businesses and web users really are.
That being said, you shouldn't have to learn your lesson the hard way. Instead, you can raise your cybersecurity awareness by visiting CyberPolicy for the latest cybersecurity news and tips and to compare free cyber insurance quotes!
Cyber pranks should be a wakeup call for private organizations across industries. Consider the following to learn how to avoid similar fates.
Perhaps the most notorious recent cyber prank has to do with Jared Kushner. It was revealed the senior advisor to the president used a private email re-routed through computers at the Trump Organization. This is controversial for a number of reasons, including security concerns, legal concerns, lack of accountability or disclosure and the apparent hypocrisy for condemning presidential candidate Hillary Clinton for the same actions.
So where does the prank come in? Well, earlier this year a hacktivist known as @SINON_REBORN sent phony email messages to several White House officials, just to see who would be naÃƒÂ¯ve enough to fall for his ruse.
The self-proclaimed "lazy anarchist snared Homeland Security Adviser Tom Bossert, then-White House Communications Director Anthony Scaramucci, then-White House Chief of Staff Reince Priebus, Ambassador to Russia-designate Jon Huntsman Jr., Donald Trump Jr. and Eric Trump through a series of spear phishing scams.
For his latest hijinx, Sinon targeted Kushner's lawyer Abbe Lowell, by using the fraudulent email address firstname.lastname@example.org to ask if he should remove some adult content from his computer. Lowell apparently took the email very seriously recommending his client neither share nor delete the materials.
Although Sinon's tactics are essentially the same as social engineering cons, he says he isn't interested in leveraging his skills for evil.
"I'm not looking for the keys to vault, he told The Washington Post. "I try to put an ethical and moral framework around what I do. If I went out there to expose huge lies, I'd be shut down quickly indeed. This way gives it longevity. It's throwaway stuff. The victim is likely to wake up the next day and not care. Âù
In the past, Sinon has allegedly pulled similar gags on members of Goldman Sachs, Citigroup and the Bank of England.
If you want to steer your company clear of an analogous practical joke, you'll need to train your employees to keep a sharp eye out for spear phishing and social engineering scams. You'll also need to remain wary of:
Website redirect attempts to steal sign-in credentials and passwords
Social media pranks damaging your brand reputation
Web attacks vandalizing your homepage or blocking legitimate traffic from reaching your site
Ransomware attacks locking your network and devices until an extortion fee is paid
These might seem like jokes to a hacker, but no one at your company will be laughing when you become the next victim. Do yourself a favor and invest in cybersecurity insurance from CyberPolicy. We can assist you with financial damages related to data breach, cyberattack, extortion, reputational damage and more.
Get your free cyber insurance quote today!