Freely subscribe to our NEWSLETTER

Kudos to the IMF for disclosing that a recent cybersecurity breach compromised several email accounts. While specific details of the compromise are scant, this has the makings of a successful phishing attack, given that the IMF reminded its employees to adhere to their cyber hygiene policies. Today, persistent threat actors will eventually hack any organisation they want, making it critical for organisations to have an assumed breach mindset. The famous bank robber Willie Sutton was once asked why he robbed banks, and he said it was because that’s where the money was. So why do hackers still use phishing attacks to compromise the companies they are attacking? It’s because employees keep clicking on links in their emails that can be malicious.

Having an assumed breach mindset will help organisations recover much faster from compromise. I encourage organisations to prepare now for the inevitable cyberattacks because peacetime planning enables organisations to assess which systems are most critical to their business and give them a chance to lock them down. Also, by preparing in peacetime, organisations can reduce their most glaring vulnerabilities and make it sufficiently difficult to compromise that hackers will look for softer targets. Companies should also monitor for unauthorized changes occurring in their Active Directory environment, which threat actors use in most attacks, and have real time visibility to changes to elevated network accounts and groups.