Social engineering is the practice of obtaining confidential information by manipulating people. In contrast, hacking is typically compromising a computer system in order to control or otherwise access sensitive information. Social engineering is getting people to do something they wouldn’t do normally. In short, social engineering is hacking people rather than computer systems.
Social engineering has been an effective method of committing fraud for centuries. Recently, however, it has been used more and more to assist criminals in perpetrating crimes that can net large sums of money. Without one social engineering method or another, most current attacks would not be successful.
Employees are an organization’s weakest link and social engineering attacks are only limited by the creativity of the perpetrator. Although there is no way to stop social engineering attacks entirely, we can do much more than we are today to reduce our exposure to them. Strictly enforced policies and procedures combined with training, testing and technology can reduce your risk from these types of attacks.
Here, Perimeter‘s Chief Technology Officer Kevin Prince offers five actions that can be taken to reduce your exposure.
Be sure to check out other slideshows from Perimeter:
- Top 10 Pitfalls of Traditional Data Backup Methods
- 8 Elements of Complete Vulnerability Management
- Data Breach Trends of 2009
- Tracking Data Breaches by Industry
- Top Security Treats for 2010
Click through for five ways you can protect your company from socially engineered threats.
When certain tactics are employed,such as Trojans, these sometimes rely on systems being vulnerable. Testing bothexternal and internal systems for vulnerabilities can help you identify weakareas of your network. Additionally, you should perform an annual socialengineering engagement. This is when you contract with an organization to testyour employees to see if they would fall victim to a social engineering attack.This is a great way to raise the awareness level within an organization.
Employee security training is critical for any organization that wants to protect itself from social engineering attacks. Because end users are the weakest link in your security, training them on what policies and procedures they should follow and then testing them is critical. A content filtering system is also a great way to reduce exposure. Content filtering allows you to block employees’ access to malicious websites that can lead to system compromise. A Web content filtering solution can block access to a website if an unsuspecting employee clicks on a phishing e-mail link or other lure that can lead to system compromise.
Identifying vulnerable systems is not enough. You must keep them up-to-date with a patch management system. Be sure your patch management system updates all operating systems in your environment including Linux, Microsoft, UNIX, Mac, etc. Also, be sure that all your most popular third-party applications are updated. Typically, an OS patch management system, such as Microsoft’s SUS (system update service) only patches Microsoft programs, while all your other software is left vulnerable. But sure to cover all your bases.
Be sure your systems are being monitoring 24×7. In particular, you need ensure that the systems that house sensitive information are protected with a host-based intrusion detection system. This is very different from most IDSs that companies deploy. A HIDS can monitor an individual system for misbehavior and anomalous activity. It has a defined set of polices and rules and when the system attempts to behave outside of those parameters, it can block attacks and escalate alerts. A HIDS is one of the best ways to increase protection of your critical systems.
Have a phishing incident response program in place prepared to take false websites offline as quickly as possible. This will protect your customers from being lured to false websites that look like yours in an attempt to compromise their personal information. Remember, this type of attack will also erode your brand and customer confidence. Implement monitors to ensure your website has not been modified or tampered with. A pharming defense program can monitor your website for unauthorized changes and ensure your customers are being routed properly to you and not a malicious site.