In: Computer Science
What specific concepts from below do you find the most interesting and/or impactful to Cybersecurity? Explain the concept thoroughly, explain your position (e.g. why is it impactful to the field of Cybersecurity and/or so interesting to you) and provide several examples that support your argument.
Threats and Adversaries (threat actors, malware, natural phenomena)
Common Attacks
Malicious activity detection / forms of attack
Appropriate Countermeasures
Legal issues
Attack Timing (within x minutes of being attached to the net)
Covert Channels
Social Engineering
State, US and international standards / jurisdictions
Understand the interaction between security and system usability and the importance for minimizing the effects of security mechanisms.
For me Social Engineering concept find the most interesting and/or impactful to Cybersecurity
Social
Engineering:
When a person’s privacy is compromised using non-technical means—including something as normal as receiving a telephone call while at the office—hackers can quickly acquire sensitive information. Hackers might pretend they work in the IT department when in reality they’re attempting to gain access to the company’s network through one of its employees.
Definition: This social engineering, as it is called, is defined by Webroot as “the art of manipulating people so they give up confidential information.”
In Detail: Social engineering is the term used for a broad range of malicious activities accomplished through human interactions. It uses psychological manipulation to trick users into making security mistakes or giving away sensitive information.
This is social engineering, and it can have a devastating impact on your organisation.
How it impact on Cyber Security
Employees could be tricked into anything, from allowing someone to physically follow them into your data centre, to give up their passwords or user IDs over the phone. Social engineers go to great lengths to gain access to data they can exploit, including:
Main important thing into preventing is to define and implement a thorough security policy. This is the type of policy that is worth investing in, because it can have a huge impact on the organization and prevent cyber attacks from happening and leading to serious consequences.
Examples of these are:
1.Phishing: tactics include deceptive emails,
websites, and text messages to steal information.
2. Spear Phishing: email is used to carry out
targeted attacks against individuals or businesses.
3. Baiting: an online and physical social
engineering attack that promises the victim a reward.
4. Malware: victims are tricked into believing
that malware is installed on their computer and that if they pay,
the malware will be removed.
5. Pretexting: uses false identity to trick
victims into giving up information.
The below examples of
social engineering emphasize how emotion is used to commit cyber
attacks:
1. Fear
2. Greed
3. Curiosity
4. Helpfulness
5. Urgency
Ways to Protect Yourself: