A gathering of Wall Street executives were given a first-hand explanation today on how to secure their companies against phishing attacks by a former hacker.
Famed hacker, turned consultant and chief hacking officer at the cybersecurity training firm Knowbe4, Kevin Mitnick said Tuesday the best methods to guard against “ransomworms” like WannaCry include inoculating employees and partners against phishing.
The best way to build this immunity, Mitnick told the audience at the 2017 Cyber Investing Summit at the New York Stock Exchange, is to “attack your employees,” but he warned give them notice so the exercise doesn't ruin morale. When the nibble at a phishing attempt, a splash screen should appear to show, they made a mistake.
“You've got a teachable moment,” he said.
Mitnick said, in addition, to engaging in awareness and training efforts, organizations must keep their third-party software up to date, applying patches as they are available.
During his presentation, Mitnick gave a demonstration of WannaCry in action to the audience.