Question

"Social engineering attacks are not only becoming more common against enterprises and SMBs, but they're also increasingly sophisticated. With hackers devising ever-more clever methods for fooling employees and individuals into handing over valuable company data, enterprises must use due diligence in an effort to stay two steps ahead of cybercriminals." Digital Guardian (Links to an external site.) Read the article "Social Engineering Attacks: Common Techniques & How to Prevent an Attack (Links to an external site.)" on the Digital Guardian web site. Summarize the advice given by the practitioners included in the article to recommend the process or procedure you would use to prevent the social engineering attacks you included in the Discussion of this lesson.

Answer 1

Summary of the advice recommending the process or procedure we should use to prevent the social engineering attacks:
* The very first in the process or procedure of preventing the social engineering attacks is the recognition and identification of such attacks, knowing how they behave, their activities, their patterns, etc.
As an individual or an employee of a company one should take the below measures:
* The employee, individual, or staff must not open emails in the spam or junk folder or emails whose recipients are strangers or the users do not know.
* The attachments in emails of unknown origin must not be download, opened, installed, or run.
* Users or employees must use reputable antivirus software such as Kaspersky or Symantec.
* Employees must regularly back up their data or office data to an external medium such as an external hard disk or drive or the cloud such as DropBox, or Google Drive.
* When they have backed up their data, they must disconnect their drive. The ransomware that is created these days is also known for encrypting the users' backup drive too.
* Users or employees must not pay the ransom. The only reason why the criminals, thieves, or hackers keep using this form of blackmailing attacks is people keep paying them ransoms. To try to regain access to the users' data back, they should consult a professional in their area.
* Individuals should think twice and take time in case someone asks him/her to give information or send an electronic form of money, and when it is a bit out of the ordinary or unusual. The user should slow down and check with them using a secondary method.
* One could use phishing simulators as a measure to help people or employees to recognize malicious attempts.
* Employees should use a powerful email filter.
* LinkedIn and Facebook ought to be used by the employees to connect and communicate only to those the employees know or do business with.
* If the employee is not sure, he/she should pick up the phone and call a trusted resource.

What companies must do to prevent these social engineering attacks:
* Companies should educate their employees and staff to use complex and strong passwords and not log in to third-party websites with their corporate email addresses.
* Companies should provide staff training regularly as it is more important for employees for learning social engineering attack methods and make sure they always follow security best practices.
* Companies can and should outsource their Information Technology (IT) operations to a third-party provider called managed service providers with a strong reputation for security. This is an option that can be considered by the company to help prevent social engineering attacks.
* The IT operations when outsourced to managed service providers, offer a hardware protection layer to business IT systems and proactively monitor for suspicious activity, anomalies, and indulge threat detection.
* When companies provide their employees access to new software or system, they should also train the users and not just on how to use it the first time. It should be a continual training. Education is the best way in keeping these criminals from playing into the fear of technology.
* There should be open lines of communication with the company's IT help desk, or the company has a provider on an hourly fee, it might stop users or employees from picking up the phone.
* Businesses or companies need good password controls and security.
* There are several sophisticated tools that are able to aid companies in minimizing the impact of such attacks.
* Continuous education to be provided to the employees.
* Training should be provided to end-users will help in the reduction of overall successful attacks.
* The back up of data will serve as an insurance in case an attack succeeded.
* The level of access should be segmented.
* Company should use a Mobile Device Management (MDM) system for their employees' computers and mobile devices, with the MDM carrying the same strong level of security everywhere.
* Company should have implement Identity and Access Management (IAM).
* Security incident and event management system.
* Malware technology based on non-signature.
* Proxy, blocking white and blacklisting.
* Monitoring of inbound and outbound communications.
* Setting up handling guidelines or policies for the data that is critical.
* Company should carry out random and scheduled tests against all employees using social engineering techniques.
* Results of the company's social engineering tests- positive and negative should be reported to the executive level.