LUCY Data Security Solution Acts as “Crash Test Dummy” to Emulate Cyberattacks

To find the weakest security link in your organization, you need to think like a hacker. Thanks to a new phishing solution called LUCY, companies can now measure and improve awareness towards phishing, malware and drive-by attacks by launching their own realistic phishing campaigns.

Malware and phishing attacks can be devastating for companies in terms of legal liability, reduced sales and bad publicity. Attacks that seem to make headlines daily highlight both the missing technical security precautions and lack of awareness that are a risk for any company.  With LUCY, organizations can run their own simulated attacks and find where their organization may be most vulnerable.

LUCY features a simple web-based user interface that includes pre-defined Mail and Web templates. LUCY has been designed so technical and non-technical persons can administrate the platform, and configure custom phishing attacks within minutes.

According to EMC/RSA, global phishing attacks approached 500,000 in 2013 with estimated losses of over $5.9 billion. A joint study by IDC and the National University of Singapore found the cost of data breaches and malware to be $491 billion in 2014, a staggering figure. Even worse, the same study shows that employees are the culprit in installing 20 percent of pirated software that gives attackers access to a company.

With its comprehensive approach to IT security, LUCY can emulate cyberattacks in your own network or in the cloud through four main modules:

Traditional Phishing Attack: LUCY runs different variations of phishing attacks to measure and improve awareness of your employees. All technical aspects, i.e. sending mail, starting the embedded webserver or generating statistical analysis are handled by the application. In a few clicks, entire websites can be copied to dupe users into leaking usernames, passwords or other sensitive data. Also included is a menu of attack scenario templates (pre-defined websites and mails).

Malware Attack: LUCY can simulate a malware attack, combining phishing with custom malware samples. You will see who, how far and what type of information can be exposed. LUCY’s malware simulation is non-intrusive and doesn’t interrupt your normal daily business operations.

Malware Protection Test: This feature allows users to perform security checks without involving employees outside your IT department. Determine your malware-related vulnerabilities on the network, system and application levels.

Training: An integrated eLearning module provides the necessary training to improve employee awareness.

LUCY can also be customized to allow users to create campaigns and templates that can be used again.

“As hackers become more creative, businesses need to analyze where they are most vulnerable,” said Oliver Muenchow, founder of LUCY. “Could your employees be fooled into entering sensitive data on a professionally appearing website; would they download/execute programs from unknown sources; can malware enter and affect your network without being detected? LUCY helps answer all those questions.”

Other features include:

  • Can run within private networks or on the Internet
  • Browser Analysis: detect if users access the campaign with vulnerable browsers (plugins)
  • Multi-user enabled. Web-based GUI to configure and run phishing campaigns against one or thousands of users
  • Website Copy feature: copy existing webpages and integrate them in your campaign
  • More than 40 professional designed, fully functional web- & mail templates
  • Statistical and comparative analysis in real time of each phishing campaign with custom report template
  • Automatic software updates
  • Ability to benchmark results
  • Backup and restoring campaigns, web & eLearning templates.
  • Login filters to check for complex passwords or custom domains required within the login

LUCY can be downloaded at http://phishing-server.com as a free limited community edition or as a commercial product.

Featured

  • New Report Reveals Top Security Risks for U.S. Retail Chains

    Interface Systems, a provider of security, actionable insights, and purpose-built networks for multi-location businesses, has released its 2024 State of Remote Video Monitoring in Retail Chains report. The detailed study analyzed over 2 million monitoring requests across 4,156 retail locations in the United States from September 2023 to August 2024. Read Now

  • Gaining a Competitive Edge

    Ask most companies about their future technology plans and the answers will most likely include AI. Then ask how they plan to deploy it, and that is where the responses may start to vary. Every company has unique surveillance requirements that are based on market focus, scale, scope, risk tolerance, geographic area and, of course, budget. Those factors all play a role in deciding how to configure a surveillance system, and how to effectively implement technologies like AI. Read Now

  • 6 Ways Security Awareness Training Empowers Human Risk Management

    Organizations are realizing that their greatest vulnerability often comes from within – their own people. Human error remains a significant factor in cybersecurity breaches, making it imperative for organizations to address human risk effectively. As a result, security awareness training (SAT) has emerged as a cornerstone in this endeavor because it offers a multifaceted approach to managing human risk. Read Now

  • The Stage is Set

    The security industry spans the entire globe, with manufacturers, developers and suppliers on every continent (well, almost—sorry, Antarctica). That means when regulations pop up in one area, they often have a ripple effect that impacts the entire supply chain. Recent data privacy regulations like GDPR in Europe and CPRA in California made waves when they first went into effect, forcing businesses to change the way they approach data collection and storage to continue operating in those markets. Even highly specific regulations like the U.S.’s National Defense Authorization Act (NDAA) can have international reverberations – and this growing volume of legislation has continued to affect global supply chains in a variety of different ways. Read Now

Featured Cybersecurity

Webinars

New Products

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame. 3

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings. 3

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis. 3