Maintain your old Siemens Hipath system

Social Engineering - The Real E-Terrorism?

One evening, during the graveyard shift, an AOL technical support operator took a call from a hacker. During the hour long conversation the hacker mentioned he had a car for sale. The technical support operator expressed an interest so the hacker sent him an e-mail with a photo of the car attached. When the operator opened the attachment it created a back door that opened a connection out of AOL's network, through the firewall, allowing the hacker full access to the entire internal network of AOL with very little effort on the hacker's part.

The above is a true story and it is an excellent example of one of the biggest threats to an organisation's security - social engineering. It has been described as people hacking and it generally means persuading someone inside a company to volunteer information or assistance.

Examples of techniques employed by hackers include:

  • Unobtrusively observing over your shoulder as you key in your password or PIN.

  • Calling helpdesks with questions or being overly friendly

  • Pretending to be someone in authority.

Social engineering attacks can have devastating consequences for the businesses involved. Accounts can be lost, sensitive information can be compromised, competitive advantage can be wiped out and reputation can be destroyed.

By implementing some simple techniques you can reduce the risk of your organisation becoming a victim or, in the event that you are targeted, keep the consequences to a minimum.

  • Make sure that all staff, especially non-IT staff, are aware of the risk of social engineering and what to do in the event of such an attack.

  • Conduct regular security awareness training so that all staff are kept up to date with security related issues.

  • Implement a formal incident reporting mechanism for all security related incidents to ensure there is a rapid response to any breaches.

  • Ensure that the company has security policies and procedures in place, that all staff are aware of them and that they are followed.

  • Put an information classification system in place to protect sensitive information.

Conduct regular audits, not only on IT systems but also on policies, procedures and personnel so that any potential weaknesses can be addressed as soon as possible.

About The Author

Rhona Aylward has extensive experience in the area of Quality Management and more recently in Information Security Management. She is a qualified Lead Auditor for BS7799 and CEO for Alpha Squared Solutions Ltd.

www.a2solutions.co.uk, raylward@a2solutions.co.uk

In The News:

Protesters catapult petrol bombs at police in stand-off at Hong Kong university
Sun, 17 Nov 2019 16:55:00 +0000
Protesters in Hong Kong have fired arrows and used catapults to hurl petrol bombs at police who deployed tear gas and water cannon.

At least seven killed in gas explosion in Bangladesh
Sun, 17 Nov 2019 06:00:00 +0000
At least seven people have been killed after a gas pipeline exploded in the Bangladeshi port city of Chittagong.

Former defence chief set to become Sri Lanka's new president
Sun, 17 Nov 2019 08:23:00 +0000
Sri Lanka's former wartime defence chief is set to become the country's new president.

Russia 'to return three captured ships to Ukraine'
Sun, 17 Nov 2019 13:29:00 +0000
Russia will return three captured ships to Ukraine, it has been reported, a year after it captured the vessels off the coast of Crimea.

Emmanuel Macron says 'non' to Dry January in France
Sun, 17 Nov 2019 15:13:00 +0000
French President Emmanuel Macron is opposed to promoting a Dry January equivalent in France, according to the president of the champagne makers' union.



tikatoshop.it

Erfahrungen mit Pallhuber Wein
Agen Bola SBOBET Terpercaya

Travel in comfort and at your leisure with CT Airlink Limousine & Car Service for top quality private transportation and exceptional customer service. We operate Sedans, SUVs & Vans for CT Car Services to covering all Connecticut airports including Car Service from CT to Newark Airport , Mohegan Casino Uncasville CT, Foxwoods Casino Mashantucket CT, Manhattan Cruise Terminal NYC, Brooklyn Cruise Terminal NYC and Bayonne Cruise Terminal NJ. CT Airlink hire licensed and friendly chauffeurs who have in-depth knowledge of the Areas.

Internet Small Business and Fraud

Be careful of sites that promise to send you "instant... Read More

6 Ways To Prevent Identity Theft

These six ways to prevent identity theft offer you valuable... Read More

Internet Privacy

Over the past few years as the internet has become... Read More

Cybercriminals Trick: Targeted Trojan-Containing Emails

Threats we ordinary Web users face online leave us no... Read More

8 Surefire Ways to Spot an E-Mail Identity Theft Scam!

The E-Mail Identity Theft Scam is running Rampant. These E-Mail... Read More

Web Conferencing Readers - So What Do We Do with the PAYPAL SPAMMER

From: "Paypal Security" Subject: New Security Requirements Date: Tue, 26... Read More

Email Scams ? Ten Simple Steps To Avoiding Them

According to the Anti-Phishing Working Group (APWG) email scams also... Read More

Click Here To Defeat Evil

Microsoft routinely releases new security updates, many of which are... Read More

Why Malicious Programs Spread So Quickly?

It seems that nowadays cybercriminals prefer cash to fun. That... Read More

Just Whos Computer is this Anyway?

Well, this is an article I never thought I would... Read More

Watching the Watchers: Detection and Removal of Spyware

If spyware were a person and he set himself up... Read More

Firewalls: What They Are And Why You MUST Have One!

A firewall is a system or gateway that prevents unauthorized... Read More

The Important Steps To Protect Your Kids on the Internet

Internet is the ocean of knowledge. In this ocean you... Read More

Online Shoppers, Beware of a New Scam

Beware of a New Scam Aimed at Bargain-HuntersTrying to buy... Read More

Viruses and Worms, Protection from Disaster

Virus damage estimated at $55 billion in 2003. "SINGAPORE -... Read More

From Spyware with Love!

It's late. You've been scouring the web for that perfect... Read More

Internet/Network Security

Abstract Homogeneous symmetries and congestion control have garnered limited interest... Read More

Online Shopping: 10 Tips For Safe Online Shopping

Have you ever bought a product or service from the... Read More

How Free Scripts Can Create Security Problems

With the Internet entering our lives in such an explosive... Read More

The Attack of the Advertiser - Spy Mother Spy

The menacing campaigns that drive the corporate spyware and adware... Read More

Keeping Worms Out of Your Network...

No auntie Sookie, not earth worms, computer virus worms that... Read More

Spyware Programs Are Out To Get You!

The average computer is packed with hidden software that can... Read More

How To Give Away Your Personal Information

Identity Theft and Your Personal Information -------------------------------------------- Identity theft is... Read More

Spyware, What It Is, What It Does, And How To Stop It

Spyware is software that runs on a personal computer without... Read More

Top Ten Spyware and Adware Threats Identified

On December 8, 2004 Webroot, an award winning anti-spyware solution... Read More