LUCY Data Security Solution Acts as “Crash Test Dummy” to Emulate Cyberattacks

To find the weakest security link in your organization, you need to think like a hacker. Thanks to a new phishing solution called LUCY, companies can now measure and improve awareness towards phishing, malware and drive-by attacks by launching their own realistic phishing campaigns.

Malware and phishing attacks can be devastating for companies in terms of legal liability, reduced sales and bad publicity. Attacks that seem to make headlines daily highlight both the missing technical security precautions and lack of awareness that are a risk for any company.  With LUCY, organizations can run their own simulated attacks and find where their organization may be most vulnerable.

LUCY features a simple web-based user interface that includes pre-defined Mail and Web templates. LUCY has been designed so technical and non-technical persons can administrate the platform, and configure custom phishing attacks within minutes.

According to EMC/RSA, global phishing attacks approached 500,000 in 2013 with estimated losses of over $5.9 billion. A joint study by IDC and the National University of Singapore found the cost of data breaches and malware to be $491 billion in 2014, a staggering figure. Even worse, the same study shows that employees are the culprit in installing 20 percent of pirated software that gives attackers access to a company.

With its comprehensive approach to IT security, LUCY can emulate cyberattacks in your own network or in the cloud through four main modules:

Traditional Phishing Attack: LUCY runs different variations of phishing attacks to measure and improve awareness of your employees. All technical aspects, i.e. sending mail, starting the embedded webserver or generating statistical analysis are handled by the application. In a few clicks, entire websites can be copied to dupe users into leaking usernames, passwords or other sensitive data. Also included is a menu of attack scenario templates (pre-defined websites and mails).

Malware Attack: LUCY can simulate a malware attack, combining phishing with custom malware samples. You will see who, how far and what type of information can be exposed. LUCY’s malware simulation is non-intrusive and doesn’t interrupt your normal daily business operations.

Malware Protection Test: This feature allows users to perform security checks without involving employees outside your IT department. Determine your malware-related vulnerabilities on the network, system and application levels.

Training: An integrated eLearning module provides the necessary training to improve employee awareness.

LUCY can also be customized to allow users to create campaigns and templates that can be used again.

“As hackers become more creative, businesses need to analyze where they are most vulnerable,” said Oliver Muenchow, founder of LUCY. “Could your employees be fooled into entering sensitive data on a professionally appearing website; would they download/execute programs from unknown sources; can malware enter and affect your network without being detected? LUCY helps answer all those questions.”

Other features include:

  • Can run within private networks or on the Internet
  • Browser Analysis: detect if users access the campaign with vulnerable browsers (plugins)
  • Multi-user enabled. Web-based GUI to configure and run phishing campaigns against one or thousands of users
  • Website Copy feature: copy existing webpages and integrate them in your campaign
  • More than 40 professional designed, fully functional web- & mail templates
  • Statistical and comparative analysis in real time of each phishing campaign with custom report template
  • Automatic software updates
  • Ability to benchmark results
  • Backup and restoring campaigns, web & eLearning templates.
  • Login filters to check for complex passwords or custom domains required within the login

LUCY can be downloaded at http://phishing-server.com as a free limited community edition or as a commercial product.

Featured

New Products

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis.

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening.