Many companies and organizations fell victims to targeted email attacks and ransomware such as "WannaCry". Our Targeted Email Tolerance Diagnosis Service aims to confirm the correspondence of employees upon receiving these menaces, and to reinforce the company's security incident tolerance.
Repel Rampaging Ransomware Such as “WannaCry”
The numbers of incidents triggered by ransomware are rapidly increasing since 2016.
When ransomware is introduced to a computer, it “locks” significant data and prevents the users’ access.
On the other hand, however, many people are still unaware of the threats this malware can pose.
Targeted Email Tolerance Diagnosis Service, which NTT-AT offer, provides e-learning courses in which users can pseudo experience the behaviors of ransomware.
Please consider the implementation of NTT-AT’s Targeted Email Tolerance Diagnosis Service, in order to properly understand the menace of ransomware.
Menace of ransomware experienced by e-learning
Why does Information Security Incidents Continue to Occur?
As a matter of fact, large enterprises and public organizations have fallen victims.
“Not us. We take measures by in-house systems, and our employees are well-trained.”
This carefreeness may trigger incidents. If even “only one person” failed to follow the rules, the risk cannot be eliminated. Moreover, even if correspondence manual exists, employees may not be able to act calmly when attacked under unexpected situations.
Indeed, information security incidents continue to occur without a pause.
Most victims insist that they did not notice being attacked. The emails used for these attacks are continuously improving their skillful disguise, and thus lectures and manuals are insufficient to prevent incidents.
An effective means of measure is to execute surprise inspections on a regular basis, using replicated targeted emails. Through these trainings, employees can undergo the sequence of events that lead to the occurrence of incidents. NTT-AT has extensive accumulation of expertise on the mechanisms and countermeasures through handling actual cases of targeted email attacks in our information security field, and therefore, can provide practical and effective tolerance diagnosis.
Your Organization may be at Risk: Know the Characteristics and Tendencies of Targeted Email Attacks
Malicious targeted emails lure victims to open themselves easily.
NTT-AT analyzes their characteristics and tendencies from past incidences, and integrate them into our tolerance diagnosis.
Targeted attacks assaults predetermined users. Therefore, their deception technique has increased their guilefulness than what have been known before.
For example, offenders create emails with contents and file attachments that mimic those of their target organizations, and persuade their victims to believe that they are relevant to their business, and therefore should be opened.
As a fact, the number of targeted attacks has been rapidly increasing in recent years. In 2015, 3828 cases were confirmed, which is more than double the number from the previous year.*
Moreover, amongst the email addresses that were attacked, 89% of them were not open to the public.*
*From the Japan National Police Agency
Many and various companies and organizations fell victim to these menaces. In most of these cases, however, anti-virus measures were already implemented.
Consequently, preventing targeted attacks is eminently difficult through only implementing hitherto anti-virus measures.
Why is Targeted Email Tolerance Diagnosis Necessary?
In this corcumstance, why is tolerance diagnosis necessary?
Although varieties of security measures exist, implementation of them all would be excessive and be an unrealistic option in many cases.
In order to utilize limited resources effectively, it is critical to determine the essential measures through the execution of tolerance diagnosis.
The result of diagnosis will reveal information such as listed below, which would enable the users to consider implementing security measures from those that are expected to have the most effect.
- Visualization of employees’ security awareness against targeted attacks
- Determination of divisions and positions that are more likely to open received suspicious files
- Confirm that the employees’ disposition and reporting action sequence is up to manuals
Besides the above, sending the simulated email to employees themselves will amend their assumptions that they would not be chosen as targets, and help them to understand the guilefulness of targeted attacks.
Please consult us if there is any concern about countermeasures for targeted attacks, or employees’ literacy on information security.
Replication of realistic targeted emails based on actual attack cases
Victims of targeted email attacks claim as following:
- The targeted email is not distinguishable by only looking at the content in a glance.
- Even after opening the malicious file, the email did not seem suspicious until pointed out by others.
NTT-AT’s training service is not like other obsolete or reused armchair theorized testing.
NTT-AT has abundant solutions and coping experiences against targeted attacks, since we are ordinarily the side that defend against them. Therefore, we are able to offer training using realistic replicated emails that contributes to your company’s incident tolerance enhancement.
Realistic and Plausible Email Contents that Brings Greater Effects of surprise Inspections
The email below is a past example of targeted email attack. Do you recognize the four suspicious characteristics that can be seen from targeted attacks?
The answer is the four points below.
Since targeted emails are becoming more sophisticated as seen above, even engineers who are versed in the security field cannot easily distinguish them from general emails.
No need for complex change of systems. Diagnosis can be completed as soon as one week from request.
The strength of our diagnosis is its effortlessness and short period of time until implementation.
Diagnosis can be completed as soon as one week from request, which includes confirmation of opening methods and email contents by customers.
Simulation email is sent by NTT-AT, thus we do not require customers change of systems, or any other burdens or operations.
We also offer multiple diagnosis methods depending on our customers’ network environments. We can flexibly customize our offer to meet the demands of customers, including arranging the email transmission timing and proposing contents related to duties.
Examples of customization of diagnosis methods:
Examples of customization od transmission methods:
- Sending emails considering the occupations and working hours of departments.
- Assigning transmission time and intervals is possible. (Sending email in xx seconds interval considering network traffics, starting the diagnosis from 8 p.m. in departments with night shifts, etc.)
Implementation od truly necessary security measures from the result of diagnosis
We offer analytic results from various aspects concluded from diagnosis reports, such as “distinction of security awareness between departments”, “alertness towards the latest security threats among different positions”, and “correlation between attendance rates of trainings and improvement of awareness”.
Example of diagnosis reports
From analyzing the issues comprehensively, we can offer and support the implementation of security measures that are truly essential for customers.
Many security vendors offer similar services.
NTT-AT is distinct form those services, where we can support the whole sequence of consulting, equipment introduction, operation, maintenance, and analytics.
Please utilize our option services of Targeted Email Tolerance Diagnosis to enhance your company’s security levels.
- Training period is two weeks from the transmission of training emails.
- Educational contents are available for two weeks.
- Transmission time of training emails is generally 9 a.m. – 5 p.m. weekdays (time change is negotiable)
- Training emails are sent from domains that NTT-AT arranges
Overview of our Standard Diagnosis Service
(1)Transmission of replicated