Sharing the right information is a powerful enabler, but sharing the wrong information can give an attacker a foothold, which can lead to a successful compromise of your network. Read more below about the different types of threats posed.
A highly-targeted communication, usually an email with a malware-infected attachment or hyperlink, is sent to one or a small group of specific individuals at the target organisation. When the payload is activated the attacker gains access to the target network.
1. Hostile reconnaissance
Attacker mines the internet for information to assist a cyber attack.
2. Network intrusion
Attacker constructs a tailored email and payload, then sends to employees.
3. Data exfiltration
Employee opens email attachment. Payload is executed and data exfiltrated.
The attacker uses the information gained to pose as a legitimate member of staff and dupe IT staff into granting access. Similarly attackers can impersonate the IT staff and target users to obtain sensitive information.
Having understood the layout of an organisation's network and software versions, the attacker is able to inject malware with increased chances of success in bypassing security measures..
Targeted personal attacks
Those who would do harm to high-risk individuals use hostile reconnaissance to help understand the target's acquaintances, family life and likely location.
Reconnaissance that reveals the layout of IT infrastructure helps focus efforts at the weakest points the organisation's defences.
Having used the information gathered to understand the organisation's security processes in detail, the attacker is able to bypass them.
Social media impersonation
The attacker breaches the social media account of an associate of a targeted individual or impersonates an apparently legitimate identity. The attacker can then post infected hyperlinks, masquerading as the associate. When the targeted individual follows the links, the attacker gains access to the network.