The language of Cybersecurity can be filled with acronyms, abbreviations and multiple meanings for the same or similar phrases. If you are new or just embracing Cybersecurity as a company, understanding these can be very confusing. To help you develop your cybersecurity vocabulary, we will do our best to simplify trending terms, phrases, or topics. October is National Cybersecurity Awareness Month so we thought it would be a good time to discuss one of the largest threats to Cybersecurity – Social Engineering. We will get into what it is, how it is used, and how you can protect against it.
What is Social Engineering?
The Cybersecurity & Infrastructure Security Agency (CISA) defines Social Engineering within Cybersecurity as when “an attacker uses human interaction (social skills) to obtain or compromise information about an organization or its computer systems. An attacker may seem unassuming and respectable, possibly claiming to be a new employee, repair person, or researcher and even offering credentials to support that identity. However, by asking questions, he or she may be able to piece together enough information to infiltrate an organization’s network. If an attacker is not able to gather enough information from one source, he or she may contact another source within the same organization and rely on the information from the first source to add to his or her credibility.”
How do attackers use Social Engineering?
Social Engineering is used for many things. The most dangerous and immediate risk involves attackers masquerading as a technician and gaining access to your system. Once they gain access, the attacker can either elevate themselves to gain administrative access or create a back door for access later. The back doors are very hard to detect because they are created from within the security boundaries and by a valid user. Another way Social Engineering is used is less direct but can be just as dangerous if the attacker is patient and able to trick other users within the same company. The attacker can get little bits of information from multiple people and aggregate all the data to gain a better understanding of the environment to help them plan for a larger, more lucrative attack. Those are just a couple of examples of how Social Engineering is used by attackers.
How do you Protect against Social Engineering Attacks?
Just as with Insider Threat, protecting against Social Engineering starts with education. Security Awareness Training helps with understanding what to watch out for but making sure you are aware of your company’s policies and procedures can really put a damper on these types of attacks. If you are aware of how something should happen, and someone is asking you to do something different, you know this might be an attacker. If you suspect a Social Engineering attack, notify your Cybersecurity Team as soon as possible. As you can see, Social Engineering can be very tricky to spot. Be vigilant and never be afraid to ask questions. Until next time…