Military, agencies to phish their workers

The military and agencies such as the Homeland Security and Veterans Affairs Departments can now launch phishing attacks against their own workers.

Phishing is a technique where users are tricked or coerced into giving up personal information, revealing login names and passwords or visiting malware or virus-infected web sites. The attacks will be designed to test how well educated federal workers are about their agency's email security policies.

The attacks will be done with Core Security Technologies' CORE IMPACT penetration testing software. The software will send emails to and keep track of how many employees click on the 'malicious' links. This allows agencies to keep track of worker email use habits and gage the effectiveness of their IT security education program.

'Businesses are recognizing the severity of client-side attacks and are demanding solutions that help them more accurately evaluate their potential exposure,' said Paul Paget, CEO of Core Security, in a statement released today.

Agencies and companies can use the software to also engage in spear phishing, or highly targeted phishing attacks that contain information legitimate to the organization getting attacked.

Phishing attacks have become the favored method for attackers. According to the US-CERT's quarterly trends and analysis report, phishing accounts for nearly 84 percent of all attacks reported to the computer security agency.

Other agencies that will employ Core Security's software include the Departments of Labor, Energy and Agriculture as well as National Institute of Standards and Technology, the United States Agency for International Development, the U.S. Courts and the Postal Service.

Featured

  • business meeting (Monkey Business Images/Shutterstock.com)

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (Shutterstock.com)

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected