DOI QR코드

DOI QR Code

스피어 피싱 대응을 위한 관리적 보안대책에 의한 접근

On the administrative security approaches against spear phishing attacks

  • 투고 : 2013.10.20
  • 심사 : 2013.12.03
  • 발행 : 2013.12.31

초록

최근 정보보호 기술의 발전으로 사이버 공격의 패러다임이 변화하고 있다. 조직의 시스템이나 네트워크에 대한 보호 대책이 강화되면서 최종 사용자를 대상으로 사회공학적 기법을 이용하는 사이버 공격이 증가하고 있다. 기업이나 정부기관을 대상으로 중요한 기밀 데이터를 절취하거나 중요 서비스를 무력화하는 지능형지속위협(APT, Advanced Persistent Threat) 공격의 약 91%가 스피어 피싱 이메일을 사용하는 것으로 알려졌다. 본 논문에서는 스피어 피싱 공격의 특성과 보안 위협을 자세히 분석하여 기술적인 통제항목만으로 스피어 피싱 공격에 대응하는 것에 한계가 있음을 설명하고 이를 보완할 수 있는 스피어 피싱 공격에 대한 관리적 대응방안을 제안하였다.

Recently the paradigm of cyber attacks is changing due to the information security technology improvement. The cyber attack that uses the social engineering and targets the end users has been increasing as the organization's systems and networks security controls have been tightened. The 91% of APT(Advanced Persistent Threat) which targets an enterprise or a government agency to get the important data and disable the critical service starts with the spear phishing email. In this paper, we analysed the security threats and characteristics of the spear phishing in detail and explained why the technical solutions are not enough to prevent spear phishing attacks. Therefore, we proposed the administrative prevention methods for the spear phishing attack.

키워드

참고문헌

  1. Herndon, Va. Ponemon Institute Discovers Majority of Business Leaders Underestimate Risk of Advanced Cyber Threats. http://www.prnewswire.com/news-releases
  2. Trend Micro Inc., "Spear-Phishing Email: Most Favored APT Attack Bait", Trend Micro Incorporated Research Paper, 2012
  3. Larry Seltzer. How the RSA SecurID Hack Worked. http://www.pcmag.com/article2/0,2817,2382970,00.asp
  4. FireEye, Inc. "Spear Phishing Attacks Why They are Successful and How to Stop Them", White Paper, 2012
  5. John H.Sawyer. How Attackers Target and Exploit Social Networking Users. http://www.darkreading.com/end-user/how-attakers-target-and-exploit-social/240160011
  6. IBM Software Thought Leadership, "Proactive response to today's advanced persistent threats", White Paper, 2013
  7. Cyveillance, (August 2010). Malware Detection Rates for Leading AV Solutions. http://www.cyveillance.com/web/
  8. Patrik Runald. What is Scaring Business the Most? Spear-phishing. http://community.websense.com/blogs/we bsense-insights/archive/2012/10/08/what-is-scaring-business-the-most-spear-phishing.aspx
  9. Dave Shackleford. Social engineering penetration testing: Four effective techniques. http://searchsecurity.techtarget.com/tip/Social-engineering-penetration-testing-Four-effective-techniques
  10. AhnLab Inc. TrusWatcher Brochure. http://download.ahnlab.com/kr/site/brochure/TrusWatcher_Brochure.pdf
  11. Trend Micro Inc. Deep Scan Brochure. http://www.trendmicro.co.kr/cloud-content/kr/pdfs/business/datasheets/deepscan.pdf
  12. FireEye Inc. Email Malware Protection System Brochure. http://www.fireeye.com/ko/resources/pdfs/fireeye-email-malware-protection.pdf
  13. Websense Inc. TRITON Web Security Gateway Anywhere. http://www.websense.com/assets/reports/websense-miercom-report.pdf
  14. Micor Plus Co. Symantec Endpoint Protection 12. http://www.mplsoft.co.kr/entry/
  15. Arun Vishwanath, Tejaswini Herath, Rui Chen, Jingguo Wang, H.Raghav Rao, "Why do people get phished? Testing individual differences in phishing vulnerability within an integrated, information processing model", Decision Support System 51, pp. 576-586, 2011 https://doi.org/10.1016/j.dss.2011.03.002
  16. Boannews Inc. The shadow of Webshell behind hacking incident. http://www.boannews.com/media/view.asp?idx=37444
  17. Bimal Parmar, "Protecting against spear-phishing", Computer Fraud & Security, pp. 8-11, Jan. 2012
  18. Tracey Caldwell, "Spear-phishing: how to spot and mitigate the menace", Computer Fraud & Security, pp. 11-16, Jan. 2013
  19. Rebecca Greenfield. How to Avoid Getting Spear Phished by China's Hackers Who Cracked Apple. http://www.theatlanticwire.com/technology/2013/02/spear-phishing-security-advice/62304/
  20. Yu-seung Sohn, Kil-hyun Nam, Seung-chul Goh, "A spear phishing threat and the prevention method for the end user", KIICE Conference in Mokpo, May, 2013.