Recently the paradigm of cyber attacks is changing due to information security technology improvement. The cyber attack that uses social engineering and targets an end user has been increasing as organization''s systems and network security control have been tightened.
An APT(Advanced Persistent Threat) attack is a target oriented attack. The APT attack targets an enterprise or a government agency to get important data and disable critical services. According to related work, 91% of APT attacks starts with a spear phishing email that is geared to steal information more effectively. When a user opens an attachment embedded malicious code or a malicious URL link included in the spear phishing email, an invisible program is installed whose purpose is to make an entry point of the following attack.
In this thesis, I analyzed potential security threats and characteristics of spear phishing attacks in detail in order to raise security awareness and found out why technical solutions are not enough to prevent spear phishing attacks through the experts'' interview and literature review-research papers and white papers. I had interviewed 24 security experts in order to find out which proportion of administrative measures to technical security measures is more effective to prevent evolving spear phishing attacks and to get the idea of good countermeasures against the spear phishing attacks.
In this thesis, I proposed comprehensive administrative prevention methods against spear phishing attacks, which include the countermeasures for each stakeholder(end users, web server operator, operating system and application vendors, security manager), a guideline on distinguishing spear phishing emails for end users, security requirements when implementing a security control at an organization, and the requirements for compliance.