Visible to the public Tools and Techniques for Improving Cyber Situational Awareness of Targeted Phishing Attacks

TitleTools and Techniques for Improving Cyber Situational Awareness of Targeted Phishing Attacks
Publication TypeConference Paper
Year of Publication2019
AuthorsLegg, Phil, Blackman, Tim
Conference Name2019 International Conference on Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA)
Date Publishedjun
PublisherIEEE
ISBN Number978-1-7281-0232-0
Keywordsauthorisation, composability, Computer crime, cyber situational awareness, data visualisation, Information security, Internet, Metrics, phishing, phishing attacks, pubcrawl, resilience, Resiliency, security awareness, situational awareness, targeted phishing attacks, targeted phishing campaigns, unauthorised access, unsolicited e-mail, user experience, visualisation, visualisation tools
Abstract

Phishing attacks continue to be one of the most common attack vectors used online today to deceive users, such that attackers can obtain unauthorised access or steal sensitive information. Phishing campaigns often vary in their level of sophistication, from mass distribution of generic content, such as delivery notifications, online purchase orders, and claims of winning the lottery, through to bespoke and highly-personalised messages that convincingly impersonate genuine communications (e.g., spearphishing attacks). There is a distinct trade-off here between the scale of an attack versus the effort required to curate content that is likely to convince an individual to carry out an action (typically, clicking a malicious hyperlink). In this short paper, we conduct a preliminary study on a recent realworld incident that strikes a balance between attacking at scale and personalised content. We adopt different visualisation tools and techniques for better assessing the scale and impact of the attack, that can be used both by security professionals to analyse the security incident, but could also be used to inform employees as a form of security awareness and training. We pitched the approach to IT professionals working in information security, who believe this may provide improved awareness of how targeted phishing campaigns can impact an organisation, and could contribute towards a pro-active step of how analysts will examine and mitigate the impact of future attacks across the organisation.

URLhttps://ieeexplore.ieee.org/document/8899406
DOI10.1109/CyberSA.2019.8899406
Citation Keylegg_tools_2019