With the constant evolution of cyber threats, it is all too easy for businesses to get lost in the sea of terms used to describe different types of attacks.
'Drift Netting' is a new term coined by the Australian Federal Police to describe the latest mode of phishing attack targeting human resources and payroll.
At the recent Australian Cyber Security Centre conference in Canberra, AFP cybercrime operations team leader Scott Mellis said, "Drift netting refers to the process where a crook changes something, waits for the natural process to run on the platform, and then cashes out. We saw this against payroll systems especially towards the end of last year."
While most people think of cybersecurity as an IT issue, the rapidly evolving nature of these attacks demonstrate that it’s a wider business issue.
Drawing on their patience and stealth, these attackers use credentials that they have gained through attacks like spear phishing, whaling and command-and-control type malware to target human resources and payroll platforms.
Even businesses whose employees are aware of, and up to date with, cyber security can get caught in the net of these new techniques. By impersonating staff members, hackers change the payroll details and sit back while normal automatic business processes continue, thereby cashing out when employees are paid.
No business is immune to these types of attacks, and the costs involved are extensive. These cyber criminals are experienced in navigating rough waters and each employee is a potential point of weakness.
In order to stay afloat, companies need to recognise that phishing, spear phishing and other targeted attacks are a wider business issue. Their reach extends to every facet of the business, beyond IT, particularly with the continued evolution of drift netting. The payroll system is the hub of all business activity and once this system is breached, the responsibility to remain aware and sceptical of any unusual movements falls on the shoulders of all business units, and every employee.
The key to mitigating drift netting is to employ a multi-layered approach to security. By establishing and following a well tested security strategy, companies can put forward the strongest possible wall of defence. This means looking at security from all sides, with the most ideal approaches involving a combination of the following:
When you assess your controls against the security controls above, ask yourself how secure are your human resources, payroll systems and processes against attack?
Craig McDonald is the CEO and founder of MailGuard, a leading Australian technological innovator providing complete enterprise-grade protection against email and web security threats such as phishing and malware, spyware, viruses and spam
Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update or follow us on social media.