The popular internet forum, Reddit, revealed that hackers gained access to some of the platform’s internal systems and documents, using “a sophisticated and highly-targeted phishing attack,” which targeted its employees.
A statement revealed, “As in most phishing campaigns, the attacker sent out plausible-sounding prompts pointing employees to a website that cloned the behavior [sic] of our intranet gateway, in an attempt to steal credentials and second-factor tokens. After successfully obtaining a single employee’s credentials, the attacker gained access to some internal docs, code, as well as some internal dashboards and business systems.”
Reddit added, “We’re continuing to investigate and monitor the situation closely and working with our employees to fortify our security skills. As we all know, the human is often the weakest part of the security chain.”
While Reddit said it had no evidence that user passwords, accounts or the site’s primary production systems had been compromised, the incident is another timely reminder that the threat of cyber-attack is only too present. Data breaches are skyrocketing, as cyber-crime continues its relentless surge, and employees are often targeted in phishing campaigns.
“Cyber-criminals are experts at what they do,” says expert Andrew James. “It is frightening how easy it can be for them to hack into a company, regardless of its size.”
So, how do data breaches commonly succeed? “Cyber criminals will assess an organisation’s patching for vulnerabilities, and they will scope out any potential routes in,” explains Andrew, who is head of business development at IT support firm Mintivo. “They often target a business using a multi-pronged attack, part of which will be automated. If they are successful, it can take them less than five minutes to access a system.”
Andrew adds that a successful data breach often starts with a phishing attack – when criminals attempt to trick people into revealing sensitive information or click on a bad link that will install malware.
“Your weakest link is often your employees,” he explains. “A common tactic may involve hackers emailing a link to your staff, saying their Office-365 password has expired. The email will seemingly come from the IT department or Microsoft, and it will take your employee to what looks like a genuine Microsoft website, where they have to input their details.
“If they unwittingly follow the prompt, hackers can then harvest their existing password, which means they can log on to their Office-365. From there, they can see what information is stored in their email and access shared files. Of course, people often reuse passwords too, which means they could end up gaining entry to other systems like Sage, or even the remote desktop server. From there they can extract data from the system, and even encrypt your files too.”
Andrew adds that protecting your business isn’t simply a case of installing a firewall and thinking your job is done. It is vital to continuously take a series of defensive measures, including rigorously adhering to updates, employing two-factor authentication, segmenting your network and educating your team.
“Smaller businesses in particular often underestimate the risk of a cyber-attack,” he says. “They may not have access to the right advice, and cybersecurity investment tends to be an afterthought – often when it’s too late.
“Many businesses prioritise investing in sales and marketing, because they want to grow the business. However, if you really want to grow your business you need to invest in protecting it. Security measures need to be continuously monitored and updated. The risk of cyber-attack is relevant for every organisation, and it isn’t going to go away.”