Computer Based Social Engineering?

What is Social Engineering?

Computer Based Social Engineering? – Following is a scenario regarding a computer-based social engineering incident that took place at a largee-business enterprise. An employee was asked to send his photograph through e-mail. Since he didn’t have one then, he persuaded the other party to send his snapshot instead. In the attachment (JPEG) file received from the other party, there wasn’t a photo. Instead, upon accessing the attachment, the hard drive began to spin.

Fortunately, the employee was sophisticated enough to understand the danger of a Trojan horse and immediately alerted the IT department, who terminated the Internet connection. A Trojan horse is a piece of malware that appears to be a normal, nondestructive program, but contains a virus hidden inside. Later investigations revealed that the computer was infected with SubSeven, the most powerful backdoor then in existence. A backdoor is a method of bypassing the usual authentication methods on a system, potentially allowing remote adminstration of the system. Eventually, the company reloaded the computer, rolled back to the day before with a backup tape (losing a full day of online orders), and stayed offline for three full days overall.
Computer-based social engineering uses software to retrieve information.

Computer Based Social Engineering

Pop-Up Windows

In this type of social engineering, a window appears on the screen informing the user that he or she has lost his or her network connection and needs to reenter his or her username and password. A program that the intruder had previously installed will then e-mail the information to a remote site.

Computer Based Social Engineering

Mail Attachments

This ploy involves using attachments bearing a title suggestive of a current love affair. There are two common forms that may be used. The first involves malicious code. This code is usually hidden within a file attached to an e-mail message. Here the expectation is that an unsuspecting user opens the file, allowing the virus code to replicate itself. Examples are the “I Love You” and “Anna Kournikova” worms.

The latter is also an example of how social engineers try to hide the file extension by giving the attachment a long file name. In this case, the attachment is named AnnaKournikova.jpg.vbs. If the name is truncated, it will look like a jpeg file and the user may not notice the .vbs extension. Another more recent example is the Vote.A e-mail worm. The second, equally effective approach involves sending a hoax e-mail asking users to delete legitimate files (usually system files such as jdbgmgr.exe). Another method is clogging e-mail systems by sending false warning e-mail regarding a virus and asking targeted users to forward the mail messages to friends and acquaintances. Such an attempt can be dangerous to the e-mail system of an organization.

Computer Based Social Engineering

Web Sites

Attackers can use Web sites to perform social engineering. This involves a ruse to get an unwitting user to disclose potentially sensitive data, such as a password used at work. Some methods include using advertisements that display messages offering free gifts and holiday trips, and then asking for a respondent’s contact e-mail address, as well as asking the person to create a password. This password may be one that is similar to, if not the same as, the one that the target user utilizes at work. Many employees enter the same password that they use at work, so the social engineer now has a valid username and password to enter into an organization’s network.

Instant Messenger

Using this method, an attacker chats with a selected online user to gather personal information such as birth dates and maiden names. The attacker then uses the acquired data to crack the user’s accounts.

Phishing

Phishing is a technique in which an attacker sends an e-mail or provides a link falsely claiming to be from a legitimate site in an attempt to acquire a user’s personal or account information.

Phishing e-mails lure online users with statements concerning topics such as the following:

  • Verifying an account
  • Updating personal information
  • Suspension of a user’s account

Spam filters and the antiphishing tools integrated into Web browsers can protect users against phishing attacks.

Insider Attack

A competitor can cause damage to an organization, steal sensitive data, and eventually bring down an organization by gaining access to a company through a job opening. The competitor sends a malicious person as a candidate to be interviewed and—with luck—hired.

Other attacks may come from unhappy employees or contract workers. It takes only one disgruntled person to take revenge on a company by compromising its computer system. Approximately 60% of attacks occur from behind the firewall. An inside attack is easy to launch and difficult to prevent. Once an attack has succeeded, employers may find it difficult to identify the perpetrator

Preventing Insider Threat

An organization can prevent insider threat by following these recommendations:

  • Separation of duties: Responsibilities must be divided among various employees, so that if a single employee attempts to commit fraud, the result will be limited in scope.
  • Rotation of duties: A single duty must be allotted to different employees at different times so that a malicious employee cannot damage an entire system.
  • Restricting privileges: The least number of privileges must be assigned to the most critical assets of an organization. Privileges must be assigned based on hierarchy.
  • Controlling access: Access controls must be implemented in various parts of an organization to restrict unauthorized users from gaining access to critical assets and resources.
  • Logging and auditing: Logging and auditing must be performed periodically to check if any company resources are being misused.
  • Legal policies: Legal policies must be enforced to prevent employees from misusing the resources of an organization, and for preventing the theft of sensitive data.
  • Archiving critical data: A record of an organization’s critical data must be maintained in the form of archives to be used as backup resources, if needed.

Hope You Like This Post and for more content suggestion please Comment down and for more hacking content click here

Related posts

Leave a Comment