Question

In: Computer Science

"Today’s Attacks and Defenses at the beginning of this chapter illustrated how a security researcher could...

"Today’s Attacks and Defenses at the beginning of this chapter illustrated how a security researcher could manipulate a help desk support technician into compromising security. If you were to create your own social engineering attack, what would it be? Using your place of employment or school, first determine exactly what your goal would be in the attack, and then craft a detailed description of how you would carry out the attack using only social engineering to achieve your goal. You might want to search the Internet for examples of previously successful attacks that used social engineering. Why do you think your attack would be successful? Who would be involved? What would be the problems in achieving your goal? Why? Write a one-page paper on your research"
(Ciampa 93).

As instructed, write a one-page paper on your research. Make sure that your paper is double-spaced and has an introduction, conclusion and any appropriate citations and references.

Solutions

Expert Solution

Foreigner social engineering act attack to be successful I would need to impersonate a person that holds significant power in an organisation or another setting my first step would be to research about a person that can be the head of a department or or having a menu managerial position at an organisation I would gather information about that person such as where he lives where they spent their vacation who their spouses of they have kids or what special interest to the have with that particular set of information I can then call help the service assistant pretending to them and ask them to change my user ID or password aur grant me access to system that would require a password access I would use the above gathered information to to convince the hell does a system that I am actually the person who they think they are and persuade them to change my passwords or grant me access main problem in this approach is gathering the initial information that is required to complete the task nowadays most people aware of the situation and hence tend to hide their information from public sources so gathering such information will be taxing process another approach that can be used is to the search or gather information about the help desk employee gather their interests and their choices from the social profiles and then create official email That seems that would that would have originated from inside the organisation and attach a Malware in that email such that when a person Clicks on that email will grant me e remote access or will hamper their systems and will give me some sort of Access on leverage on their systems this approach is more likely to be successful as it does not require any sort of verbal communication it only exploits the interests of the person in question and this approach does not require impersonating any high level official it only requires me to gather the interests of help desk employee which will be rather simple and then send them an email phishing email send the email seems to have been notation at from inside the organisation a person is is more likely to trust the email and since the email contains are related to the persons interest a person is more than likely to click on the links are provided in and that email giving this attack very high chance of successfully being executed in this approach less number of people are involved as compared to the previous month and similarly to the above approach this approach also has a major problem of Catering Intel as stated earlier people are now more aware of the situation and tend to hide their information on public sources.


Related Solutions

How did the September 11 attacks transform America’s understanding of their security? What does the war...
How did the September 11 attacks transform America’s understanding of their security? What does the war on terrorism suggest about the tension between freedom and security as priorities of the United States?
3. Name two types of common attacks on security and explain how we can test them.
3. Name two types of common attacks on security and explain how we can test them.
A researcher wants to know how many security cameras are on average in stores located in...
A researcher wants to know how many security cameras are on average in stores located in a large shopping mall. He randomly selects a sample of 9 stores and finds that on average there are 2.7 security cameras per store with a standard deviation equal to 1.27. a. Calculate and interpret the 95% confidence interval for the average number of security cameras per store b. Test the hypothesis that the mean number of cameras per store is 4 at p...
Network Security: Explain in detail how a hash function could be used for each of the...
Network Security: Explain in detail how a hash function could be used for each of the following applications. Indicate which property or properties of the hash function are being used (one-way property, fixed length output, collision resistance, etc...). 1. to detect unauthorized modification of software program code 2. to identify the same files with different names on a peer-to-peer sharing network
Identify Information Security threats for “Autonomous vehicles” and how a business could mitigate these?
Identify Information Security threats for “Autonomous vehicles” and how a business could mitigate these?
A researcher was interested in seeing how many names a class of 38 students could remember...
A researcher was interested in seeing how many names a class of 38 students could remember after playing a name game After playing the name game, the students were asked to recall as many first names of fellow students as possible. The mean number of names recalled was 19.41 with a standard deviation of 3.17. Use this information to solve the following problem. What proportion of the students recalled less than 15 names? a. .0823 b. .5823 c. .4177 d....
What are the threats to external validity? How could each threat affect you as a researcher?...
What are the threats to external validity? How could each threat affect you as a researcher? Come up with a research sample for each threat to external validity. What are some methods to increase external validity?
discuss how business culture, technological inertia, and security could be detrimental to communication and collaboration using...
discuss how business culture, technological inertia, and security could be detrimental to communication and collaboration using social media for an organization. Examples for each would be great!
Explain how deficit spending could be a burden to future generations. (Three reasons) Chapter 14
Explain how deficit spending could be a burden to future generations. (Three reasons) Chapter 14
What do you feel the main benefit of an AUP is and how could it help prevent information security breaches at an organization?
What do you feel the main benefit of an AUP is and how could it help prevent information security breaches at an organization? List two "must haves" to include if you are creating an AUP from scratch.
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT