• Treffer 7 von 1081
Zurück zur Trefferliste

Plenty of Phish in the Sea: Analyzing Potential Pre-Attack Surfaces

  • Advanced Persistent Threats (APTs) are one of the main challenges in modern computer security. They are planned and performed by well-funded, highly-trained and often state-based actors. The first step of such an attack is the reconnaissance of the target. In this phase, the adversary tries to gather as much intelligence on the victim as possible to prepare further actions. An essential part of this initial data collection phase is the identification of possible gateways to intrude the target. In this paper, we aim to analyze the data that threat actors can use to plan their attacks. To do so, we analyze in a first step 93 APT reports and find that most (80 %) of them begin by sending phishing emails to their victims. Based on this analysis, we measure the extent of data openly available of 30 entities to understand if and how much data they leak that can potentially be used by an adversary to craft sophisticated spear phishing emails. We then use this data to quantify how many employees are potential targets for such attacks. We show that 83 % of the analyzed entities leak several attributes of uses, which can all be used to craft sophisticated phishing emails.

Metadaten exportieren

Weitere Dienste

Teilen auf Twitter Suche bei Google Scholar
Metadaten
Verfasserangaben:Tobias Urban, Matteo Große-Kampmann, Dennis Tatang, Thorsten Holz, Norbert Pohlmann
URL:https://norbert-pohlmann.com/wp-content/uploads/2019/08/414-Plenty-of-Phish-in-the-Sea-Analyzing-Potential-Pre-Attack-Surface-Prof.-Norbert-Pohlmann.pdf
Titel des übergeordneten Werkes (Deutsch):European Symposium on Research in Computer Security - ESORICS '20
Dokumentart:Wissenschaftlicher Artikel
Sprache:Englisch
Jahr der Fertigstellung:2020
Jahr der Erstveröffentlichung:2020
Veröffentlichende Institution:Westfälische Hochschule Gelsenkirchen Bocholt Recklinghausen
Datum der Freischaltung:23.02.2024
Freies Schlagwort / Tag:MITRE; OSINT; advanced persistent threats; cyber kill chain; measurement study; phishing; reconnaissance
Erste Seite:272
Letzte Seite:291
Lizenz (Deutsch):License LogoEs gilt das Urheberrechtsgesetz

$Rev: 13159 $