4
Jun

What is Social Engineering and Insider Threats

What do you mean by social engineering?

Social engineering is a broad term given to a wide range of malicious activities that take advantage of the fallibility of human beings. Attackers use psychological tricks to manipulate users into giving away their sensitive information.

Hackers know the 90/10 principle of information security. The principle simply states that ninety percent of information security is dependent on humans and only ten percent is dependent upon computer infrastructure. A good example is a door lock. A lock on your door does not mean that your house is safe but remembering to lock the door and securing the keys ensures the safety of your house. As a result, it is easier to trick someone into giving you their password as opposed to hacking the system to get it. This article will focus on the three main types of social engineering used by hackers.

What are the types of social engineering? How can it be carried out?

Phishing

A phishing attack is a cybercrime in which an attacker impersonates a legitimate entity and contacts a user via email or text and then tricks them into giving away sensitive information. The attacker uses this information to access the user’s personal accounts resulting in identity theft or fraud. Phishing techniques include spear phishing, content injection, vishing, smishing, keyloggers, etc.

Baiting

As the name suggests, an attacker uses a reward as bait to entice a user into giving away sensitive information. The bait could be in the form of free music or free movie download after logging in to a fake website. Attackers steal these credentials and use them to commit identity theft.

Pretexting

In this technique, the attacker takes time to fabricate a scenario or a pretext. Most of these fake scenarios usually require the victim to confirm their identity. The victim is tricked into thinking that they are solving a certain problem while in actuality, the attacker records their credentials and uses them to commit fraud.

Insider Threats

CERT refers to insider threat as a largely unrecognized and underestimated problem. The traditional and more conventional security measures largely focus on external threats and are incapable of detecting internal threats making insider threats dangerous. Since social engineering takes advantage of human interactions, if a staff member’s lack of confidentiality and awareness leads to unauthorized access to the system, it is therefore classified as an insider threat. A foundational study conducted showed that over 40% of security professionals are concerned over employees with a low level of security awareness may unintentionally give malicious actors confidential information. If an employee unintentionally allowed a malicious software or websites to access company data causing a breach of data, it defines a type of insider threat referred to as Unintentional Insider Threat (UIT). This is the most common type of insider threat, though it is worth noting that the rate of intentional insider threat is also rising. Insider threats are classified into:

  • Malicious Insider: also known as a turn cloaks, they refer to malicious insider actors intentionally targeting systems and abuse privileges to gain access to sensitive information. A turncloak will have an upper hand as he or she is familiar with the system and can easily navigate through without detection. An example of a malicious insider incident occurred in Tesla motors whereby an insider sabotaged the system by sending proprietary information to unauthorized third parties as well as the data breach in SunTrust Bank.
  • Careless insider: This is an innocent unsuspecting pawn who unintentionally exposes the system to intruders mistakenly through exploitation through phishing emails or even leaving devices exposed.
  • A mole: This is technically an outsider but has an imposter in the organization and has access to the network and the system and uses this access to gain privileged information

How to Stop Social Engineering Attacks using AI

Social engineering and insider threats form one of the most relevant threats in cyber security in recent times and the most effective way to prevent against these is by educating end-users and creating cybersecurity awareness.Becoming a Certified Ethical Hacker (CEH) would put you on the front lines of being able to properly train employees of the importance of good cyber hygiene, along with setting up defenses to help prevent phishing attacks. You would learn all the techniques and tools hackers use to compromise systems, then use those same tools and techniques against the bad guys to help protect your clients.

FAQs

Why are insider threats particularly dangerous for organizations?
Insiders are particularly dangerous because unlike outsiders working to penetrate the organization, they typically have legitimate access to computer systems and the network, which they need in order to perform their daily jobs.
How do you mitigate insider threats?
  • Perform enterprise-wide risk assessments.
  • Clearly document and consistently enforce policies and controls.
  • Establish physical security in the work environment.
  • Implement security software and appliances.
  • Implement strict password and account management policies and practices.
What are insider threat indicators?
There are potential insider threat indicators that signal users are gathering valuable data without authorization: Unauthorized downloading or copying of sensitive data, particularly when conducted by employees that have received a notice of termination. Taking and keeping sensitive information at home.

get certified from ec-council
Write for Us