LUCY Data Security Solution Acts as “Crash Test Dummy” to Emulate Cyberattacks

To find the weakest security link in your organization, you need to think like a hacker. Thanks to a new phishing solution called LUCY, companies can now measure and improve awareness towards phishing, malware and drive-by attacks by launching their own realistic phishing campaigns.

Malware and phishing attacks can be devastating for companies in terms of legal liability, reduced sales and bad publicity. Attacks that seem to make headlines daily highlight both the missing technical security precautions and lack of awareness that are a risk for any company.  With LUCY, organizations can run their own simulated attacks and find where their organization may be most vulnerable.

LUCY features a simple web-based user interface that includes pre-defined Mail and Web templates. LUCY has been designed so technical and non-technical persons can administrate the platform, and configure custom phishing attacks within minutes.

According to EMC/RSA, global phishing attacks approached 500,000 in 2013 with estimated losses of over $5.9 billion. A joint study by IDC and the National University of Singapore found the cost of data breaches and malware to be $491 billion in 2014, a staggering figure. Even worse, the same study shows that employees are the culprit in installing 20 percent of pirated software that gives attackers access to a company.

With its comprehensive approach to IT security, LUCY can emulate cyberattacks in your own network or in the cloud through four main modules:

Traditional Phishing Attack: LUCY runs different variations of phishing attacks to measure and improve awareness of your employees. All technical aspects, i.e. sending mail, starting the embedded webserver or generating statistical analysis are handled by the application. In a few clicks, entire websites can be copied to dupe users into leaking usernames, passwords or other sensitive data. Also included is a menu of attack scenario templates (pre-defined websites and mails).

Malware Attack: LUCY can simulate a malware attack, combining phishing with custom malware samples. You will see who, how far and what type of information can be exposed. LUCY’s malware simulation is non-intrusive and doesn’t interrupt your normal daily business operations.

Malware Protection Test: This feature allows users to perform security checks without involving employees outside your IT department. Determine your malware-related vulnerabilities on the network, system and application levels.

Training: An integrated eLearning module provides the necessary training to improve employee awareness.

LUCY can also be customized to allow users to create campaigns and templates that can be used again.

“As hackers become more creative, businesses need to analyze where they are most vulnerable,” said Oliver Muenchow, founder of LUCY. “Could your employees be fooled into entering sensitive data on a professionally appearing website; would they download/execute programs from unknown sources; can malware enter and affect your network without being detected? LUCY helps answer all those questions.”

Other features include:

  • Can run within private networks or on the Internet
  • Browser Analysis: detect if users access the campaign with vulnerable browsers (plugins)
  • Multi-user enabled. Web-based GUI to configure and run phishing campaigns against one or thousands of users
  • Website Copy feature: copy existing webpages and integrate them in your campaign
  • More than 40 professional designed, fully functional web- & mail templates
  • Statistical and comparative analysis in real time of each phishing campaign with custom report template
  • Automatic software updates
  • Ability to benchmark results
  • Backup and restoring campaigns, web & eLearning templates.
  • Login filters to check for complex passwords or custom domains required within the login

LUCY can be downloaded at http://phishing-server.com as a free limited community edition or as a commercial product.

Featured

Featured Cybersecurity

Webinars

New Products

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation. 3

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.” 3

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure. 3