With spring arriving, “winter is coming” as the new season of the critically-acclaimed television series Game of Thrones returns to millions of viewers worldwide. Ironically, there’s also a type of malware gaining traction in the online community that matches its bark with its bite, aptly dubbed Dyre Wolf. This threat has the potential to cost businesses as much as $1.5 million per hack, and takes advantage of the ever-common spear phishing tactic.
The threat, which was discovered last October by John Kuhn of IBM, reports that Dyre Wolf follows the recent trend in which hackers turn to sophisticated social engineering attacks to get what they want. ZDNet reports that this threat uses the Dyre banking trojan to infiltrate IT infrastructures and steal immense amounts of cash.
To keep your business from arriving at the same fate as Ned Stark from Game of Thrones (and Sean Bean’s characters in general), you need to understand just how dangerous Dyre Wolf really is. Just like a bite from Ghost the Dire Wolf, this malware can leave your business crippled, if not finished completely.
Normally, trojans only go after individual bank accounts held by unsuspecting individuals; however, Dyre Wolf targets the accounts of big business to leave them hurting. This is why it’s always best to make sure your team knows how to identify and avoid social engineering threats that take advantage of coercion of the human mind. To accomplish this goal, Dyre Wolf uses a seven step process:
Knowing how the threat executes its attack is the first step to protecting your business, but the heart of this problem (and of any phishing attack) lies in how your team responds to the potential threat. Social engineering takes advantage of people not knowing how to identify scams. Therefore, the best thing you can teach your team is how to identify and prevent phishing attacks before it’s too late.
IBM suggests the following steps be taken to make sure your team is as prepared as possible to deal with phishing scams:
For more best practices on how to optimize security, give Tektonic a call at (416) 256-9928.