Around 20% of Kaspersky staff fell for phishing emails in an internal test at the antivirus firm, according to its regional MD, as he reveals its plans to target the enterprise security market.
“We had a test recently inside Kaspersky: we sent phishing emails to our employees, as an internal test – emails about Gitex Shopper. And people were clicking – 20% of Kaspersky employees. It means we are always under attack,” said Ovanes Mikhaylov, managing director in the Middle East at Kaspersky.
He said while a lot of attention in security had moved to very advanced threats, basic attacks were still very common: “One of our recent discoveries is ‘Gaza cybergang’, a group of hackers from North Africa who are using Arabic file-names, and attractive titles about Sheikh Mohammed – and people were clicking. This is the sort of APT we’re seeing – a simple entrance, but a complicated, world-wide infrastructure.
“Security moved on, but it doesn’t mean we can just forget about everything that was an issue before. The crypto-locker has been around for 10 years already, and there are a lot of infections from crypto-lockers still, which needs a normal signature-based approach,” added Mikhaylov.
He said Kaspersky was now targeting the enterprise sector, and was beefing up its encryption, mobile and cyber-intelligence offerings, along with an increased focus on critical infrastructure and virtualisation, to be more appealing to larger companies.
“Security has always been part of our DNA – all our products have been designed with very deep security thinking. And actually, our products have been working in corporations around the world for many years. But we definitely need to go to another level, and open a new portfolio to be really relevant to the enterprise,” Mikhaylov said.