Dynamic Technologies Europe recently joined RSA Security’s powerful webinar “Retail Under Siege”, which proved especially relevant in the wake of recent high-profile cyberattacks, including the Marks & Spencer breach.
A New Frontline: The Helpdesk
One of the webinar’s central themes was how attackers are now targeting IT helpdesks as a pathway to sensitive data. The Marks & Spencer incident starkly highlighted this — a hacker compromised the helpdesk system and manipulated it to gather internal information, ultimately breaching the organisation’s defences.
The attack model is evolving. Historically, attackers often impersonated helpdesk agents to phish users. However, with multi-factor authentication (MFA) becoming more common, adversaries are shifting tactics. Instead of going head-on against MFA systems, they now impersonate users to manipulate helpdesk staff — sidestepping technical controls by exploiting human factors.
Key Recommendations and take aways from the Webinar
- Evaluate Helpdesk Privileges:
Helpdesks often have broad access. It is worth considering whether organisations should limit these privileges, especially for high-risk changes, which crucially should always go through a proper change management process. - Automate Where Possible:
Automation reduces the workload on helpdesk staff — crucial, as it is reported that 65% of IT helpdesk teams report high stress and burnout. Automation can help reduce exposure to social engineering and create space for more secure and deliberate responses. - Adopt Zero Trust for Helpdesk:
RSA’s Help Desk Live Verify tool was showcased as an excellent solution here – instead of trusting a voice on the phone, users are redirected to authenticate through a secure, verified platform. This prevents attackers from easily impersonating users or helpdesk personnel. - Use Resilient MFA, Everywhere:
MFA should be consistent and enforced across all systems — including helpdesk tools and internal processes. - Build a Company-Wide Security Culture:
Security isn’t just IT’s responsibility. Cultivating a strong security culture ensures every employee — from customer service to the C-suite — understands their role in protecting company assets.
In today’s climate, no silver bullet exists to eliminate risk. However, RSA’s webinar made it clear that adapting to the new tactics of cybercriminals — particularly social engineering and helpdesk manipulation — is essential. The best defence combines technology, process, and people, all aligned under a shared commitment to security.
Contact our team today for a chat around how, with the help of RSA Security, we can support you with your IT Security strategies.
Email: [email protected]
Call: +44 (0) 845 658 8810
About this Webinar
Recent breaches at Marks & Spencer, Co-Op, Christian Dior, and MGM reveal how vulnerable Help Desks are to social engineering—and how costly the impact can be.
This RSA webinar explores why retail Help Desks are frequent targets, how attackers exploit them, and how identity-first strategies like RSA Help Desk Live Verify can close this security gap.
Agenda
- Insights from recent Help Desk breaches
- Why Help Desks are targeted and legacy IAM falls short
- How RSA Help Desk Live Verify stops impersonation attacks
- Identity security best practices for retail
- How to assess and strengthen identity posture