Why are data breaches so commonplace? Whether the attacks are against the energy sector as reported July 2014[i] with over 1,000 energy companies in North America and Europe reported to have been compromised. To other attacks targeting other sectors (e.g. Operation Troy, Operation High Roller Nightdragon, etc.) it would appear that no sector is immune from data breaches. One common theme amongst these and other attacks is the initial infection vector, namely exploiting the subconscious of a trusted employee. The modus operandi for most of the common data breaches is to leverage some form of social engineering to coerce the user into an action facilitating malware infection.
The prevalence of social engineering in many publicly disclosed cyber-attacks demonstrates either an inherent weakness in the acumen of victims to distinguish malicious communications, or that cybercriminals are using more complex methods to bypass the ‘human firewall’. The answer of course likely lies somewhere in between these two statements, but regardless of the root case it does demonstrate that the first line of defense is evidently failing. The default position to blame users as the cause for breaches which is not entirely fair. Whilst there will be examples where clearly unsafe practices are being employed, our latest whitepaper “Hacking the Human Operating System” demonstrates the techniques used by attackers are to bypass the consciousness of their targets and attempt to manipulate victims through leveraging subconscious levers of influence.
The paper reviews the concept of social engineering; the techniques used within many of the recent cyber-attacks, levers used to influence victims, communication channels used, and suggested controls to reduce the risk.. Much has been written about social engineering. The content of these sources vary widely, from definitions, to mitigation. The purpose of the paper is to define the concepts, and introduce mitigations that go beyond simply suggesting that awareness is a panacea.
Unless we address the first line of defense, data breaches will continue to hog our Twitter timelines, and support the ever burgeoning cost of cybercrime.