Question

1. Provide a scenario depicting a man-in-the-middle attack.

2. What will always be the weakest link in any security implementation? Why?

3. Define the method and purpose of social engineering.

Answer 1

1. Provide a scenario depicting a man-in-the-middle attack.

Answer: A man-in-the-middle attack is a type of cyberattack where a malicious actor inserts him/herself into a conversation between two parties, impersonates both parties and gains access to information that the two parties were trying to send to each other.

A scenario of what might happen once the man in the middle has inserted him/herself.

Here the hacker is impersonating both sides of the conversation to gain access to funds. This example holds true for a conversation with a client and server as well as person-to-person conversations. In the example above, the attacker intercepts a public key and with that can transpose his own credentials to trick the people on either end into believing they are talking to one another securely.

2. What will always be the weakest link in any security implementation? Why?

Answer: In the People-Process-Technology triad, the weakest link is the People of an organization. According to a report, 78% of the security professional think the biggest threat to endpoint security is the negligence among employees for security practices. Malicious attackers generally use the means of social engineering to target various verticals like healthcare, consumer internet, telecom, cloud services and e-commerce. BFSI and Healthcare Industries are major targets of hackers to capitalize on the negligence of employees. Advanced technology and security practices, no matter how sophisticated, will always be constrained by this human factor. Often organization frequently forgets the menacing danger that insider threats can cause.

3. Define the method and purpose of social engineering.

Answer: Social engineering is a manipulation technique that exploits human error to gain private information, access, or valuables. In cybercrime, these “human hacking” scams tend to lure unsuspecting users into exposing data, spreading malware infections, or giving access to restricted systems. The most common methods of social engineering includes:

a. Phishing

Phishing attacks are the most common type of attacks leveraging social engineering techniques. Attackers use emails, social media, instant messaging and SMS to trick victims into providing sensitive information or visiting malicious URLs in the attempt to compromise their systems.

b. Watering hole

A watering hole attack consists of injecting malicious code into the public web pages of a site that the targets used to visit. The method of injection is not new and it is commonly used by cybercriminals and hackers. The attackers compromise websites within a specific sector that are ordinary visited by specific individuals of interest for the attacks.

c. Whaling attack

Whaling is another evolution of phishing attacks that uses sophisticated social engineering techniques to steal confidential information, personal data, access credentials to restricted services/resources and, specifically, information with relevant value from an economic and commercial perspective.

d. Pretexting

The term pretexting indicates the practice of presenting oneself as someone else to obtain private information. Usually, attackers create a fake identity and use it to manipulate the receipt of information.

Threat actors use social engineering techniques to conceal their true identities and motives and present themselves as a trusted individual or information source. The objective is to influence, manipulate or trick users into giving up privileged information or access within an organization.

Hope this answers your questions, please leave a upvote if you find this helpful.