In: Computer Science
"Social engineering attacks are not only becoming more common against enterprises and SMBs, but they're also increasingly sophisticated. With hackers devising ever-more clever methods for fooling employees and individuals into handing over valuable company data, enterprises must use due diligence in an effort to stay two steps ahead of cybercriminals." Digital Guardian (Links to an external site.) Read the article "Social Engineering Attacks: Common Techniques & How to Prevent an Attack (Links to an external site.)" on the Digital Guardian web site. Summarize the advice given by the practitioners included in the article to recommend the process or procedure you would use to prevent the social engineering attacks you included in the Discussion of this lesson.
Summary of the advice recommending the process or
procedure we should use to prevent the social engineering
attacks:
* The very first in the process or procedure of preventing the
social engineering attacks is the recognition and identification of
such attacks, knowing how they behave, their activities, their
patterns, etc.
As an individual or an employee of a company one should take the
below measures:
* The employee, individual, or staff must not open emails in the
spam or junk folder or emails whose recipients are strangers or the
users do not know.
* The attachments in emails of unknown origin must not be download,
opened, installed, or run.
* Users or employees must use reputable antivirus software such as
Kaspersky or Symantec.
* Employees must regularly back up their data or office data to an
external medium such as an external hard disk or drive or the cloud
such as DropBox, or Google Drive.
* When they have backed up their data, they must disconnect their
drive. The ransomware that is created these days is also known for
encrypting the users' backup drive too.
* Users or employees must not pay the ransom. The only reason why
the criminals, thieves, or hackers keep using this form of
blackmailing attacks is people keep paying them ransoms. To try to
regain access to the users' data back, they should consult a
professional in their area.
* Individuals should think twice and take time in case someone asks
him/her to give information or send an electronic form of money,
and when it is a bit out of the ordinary or unusual. The user
should slow down and check with them using a secondary
method.
* One could use phishing simulators as a measure to help people or
employees to recognize malicious attempts.
* Employees should use a powerful email filter.
* LinkedIn and Facebook ought to be used by the employees to
connect and communicate only to those the employees know or do
business with.
* If the employee is not sure, he/she should pick up the phone and
call a trusted resource.
What companies must do to prevent these social
engineering attacks:
* Companies should educate their employees and staff to use complex
and strong passwords and not log in to third-party websites with
their corporate email addresses.
* Companies should provide staff training regularly as it is more
important for employees for learning social engineering attack
methods and make sure they always follow security best
practices.
* Companies can and should outsource their Information Technology
(IT) operations to a third-party provider called managed service
providers with a strong reputation for security. This is an option
that can be considered by the company to help prevent social
engineering attacks.
* The IT operations when outsourced to managed service providers,
offer a hardware protection layer to business IT systems and
proactively monitor for suspicious activity, anomalies, and indulge
threat detection.
* When companies provide their employees access to new software or
system, they should also train the users and not just on how to use
it the first time. It should be a continual training. Education is
the best way in keeping these criminals from playing into the fear
of technology.
* There should be open lines of communication with the company's IT
help desk, or the company has a provider on an hourly fee, it might
stop users or employees from picking up the phone.
* Businesses or companies need good password controls and
security.
* There are several sophisticated tools that are able to aid
companies in minimizing the impact of such attacks.
* Continuous education to be provided to the employees.
* Training should be provided to end-users will help in the
reduction of overall successful attacks.
* The back up of data will serve as an insurance in case an attack
succeeded.
* The level of access should be segmented.
* Company should use a Mobile Device Management (MDM) system for
their employees' computers and mobile devices, with the MDM
carrying the same strong level of security everywhere.
* Company should have implement Identity and Access Management
(IAM).
* Security incident and event management system.
* Malware technology based on non-signature.
* Proxy, blocking white and blacklisting.
* Monitoring of inbound and outbound communications.
* Setting up handling guidelines or policies for the data that is
critical.
* Company should carry out random and scheduled tests against all
employees using social engineering techniques.
* Results of the company's social engineering tests- positive and
negative should be reported to the executive level.