Cyber threats of various kinds are rising, but as businesses and individuals become aware of the lurking dangers, cybercriminals are coming up with increasingly sophisticated methods. In a recent cyber attack, threat actors accessed customer support systems and stole data, including names and emails of 2 million Robinhood customers. After the attack on Robinhood Markets was discovered, the platform admitted that the attacker stole the client data by tricking a customer support employee.
However, they played down the fears by mentioning that no financially sensitive information got exposed during the breach. The firm said that the attack was contained, and no bank account numbers, debit card numbers, or social security numbers were exposed. Furthermore, it concluded that none of the customers faced a financial loss resulting from the incident. It is possible that after the exposed email addresses in the breach, Robinhood customers can become targets of follow-up phishing attacks looking to extract more sensitive information from them.
The Culprit – Social engineering or Lack of Cyber Awareness and Training?
Robinhood Markets acknowledged that after detecting the intrusion, the cybercriminals attempted to obtain an exorbitant payment. The online brokerage firm rebuffed this request, promptly informed law enforcement, and called in help from incident response experts.
The breach was a repercussion of a customer support employee falling victim to a phishing attack. He further recommends that firms like Robinhood have multiple control layers and restrictions around who can access mission-critical data.
Furthermore, some third-party security firms said the breach highlighted the importance of employee training and measures like multi-factor authentication and ransomware protection. Chris Deverill of Orange Cyberdefense said that Robinhood’s systems were compromised when a hacker tricked a support desk worker, proving the importance of cybersecurity training and awareness.
What is Social Engineering?
Social engineering is a manipulation technique in which hackers exploit human error to gain private access, information, or valuables. The “human hacking” scams, like the one Robinhood Markets faced, lure unsuspecting users into spreading malware infections, exposing data, or gaining access to restricted systems. These attacks can take place in-person, online, and via other interactions. Attackers base social engineering scams around how people think and act and are especially useful for manipulating users’ behavior.
How Does Social Engineering Work?
The success of social engineering attacks depends on the communication between the threat actor and the victim. The cybercriminal motivates the user into a compromise rather than using a brute force method. In the Robinhood attack, the hackers established communication with the support staff, which led to compromised email security. Following are the steps for the social engineering attack cycle:
- Prepare: The attacker gathers background information on the target or the larger group they are a part of.
- Infiltrate: They establish a relationship or initiate an interaction, starting by building trust.
- Exploit: They advance the attack once trust and weakness get established.
- Disengage: once the user takes the desired action.
Steps Organizations Must Adopt to Prevent Security Breaches
While social engineering security-related compromises are not going to be eradicated any time soon, organizations need to take proactive steps by themselves to prevent them.
- The Importance of Multi-Factor Authentication: While passwords ensure security, they seem inadequate in the wake of increasingly sophisticated cyber threats. Malicious actors have enough measures at their disposal today to obtain passwords through techniques such as social engineering. Thus, multi-factor verification must be employed, which can include security questions, biometric access, OTPs or authenticator apps.
- Continuously Monitor Critical Systems: IT teams must ensure that the systems being used to house sensitive information are monitored 24×7. Besides, phishing simulations are an excellent way to assess if the employees will fall victim to a social engineering tactic.
- Check and Update the Security Patches: Cybercriminals generally look for weaknesses in the systems, applications, or software to attain unauthorized access to the data. Enterprises must maintain up-to-date security patches and keep their systems and web browsers updated with the latest versions as a preventive measure.
Importance of Cyber Awareness And Training
Human negligence remains one of the primary causes behind cybersecurity breaches, and firewalls are not enough to protect staff members from falling prey to phishing emails. Hence, it becomes crucial to invest in making the employees ready to prepare for cyber threats.
To combat issues regarding human error
Your organization can spend thousands on anti-phishing services, but it will not matter if your employees are not prepared to detect and respond to cyberattacks. It is easier for cybercriminals to create a spear-phishing email than spend months finding zero-day vulnerabilities. A dedicated training program can help raise knowledge and awareness about becoming more susceptible to threats, from simple phishing ones to more sophisticated ones that can jeopardize the organization’s email security at large.
To prevent monetary damages
When organizations invest in cybersecurity awareness and training of employees, they can report any incoming incidents by promptly tracing potential threats. Thus IT teams can prevent operational disruptions and quarantine threats before they escalate, which otherwise would cause substantial financial damages.
Although the security breach on Robinhood was one of the largest ones of this year, it was certainly not the first one on the platform. According to a report, hackers infiltrated over 2,000 accounts and siphoned off with customer funds in a breach last October. Robinhood Markets claim that attackers did not steal any financial information of its customers in the current breach. Still, the hackers can leverage the minimally impacted consumer info for secondary phishing attacks and gain access to accounts. Thus, email security service becomes critically important for their customers, who need to be vigilant and regularly check their accounts for signs of fraud.