Speaker
Description
Social Engineering has become the go-to attack methodology in the 21 st Century. Organisations and governments have a vested interest in securing sensitive information as well as the trust of clients or citizens. Technology on its own is no longer a sufficient safeguard against information theft. Employees, often the weak link in an information security system, could be influenced or manipulated by the attacker to divulge sensitive information, thus allowing unauthorised individuals to gain access to protected systems. As technology developed, social engineering became commonly used for technology related crimes. This is no longer the case as we see it reverting back to its original use of mobilising communities to perform or act in ways assumed to be ‘optimal’ or ‘correct’. This is typically either for personal gain of the attacker or to influence people to subscribe to the attacker’s societal belief system.
Through the utilisation of real-life social engineering examples, the formal process of social engineering and techniques utilised to abuse the inherent trust of individuals is explored. This particular discussion focuses on the psyche of an individual and discusses the basic human instinct of trust. The concept of trust is something that differs based on environmental conditions and socio-economic upbringing. Trust will however, always remain a basic human instinct. A ‘functioning’ society relies on the fact that individuals have inherent trust. For example, most people inherently ‘trust’ institutions to manage financial aspects of life, similarly, they “trust” that other people in turn will obey those same institutions. Not having this basic form of trust could send society into a state of chaos. As a result, this discussion examines the extent to which
scepticism can aid society and in turn allow individuals to protect themselves. In the end, everyone has a need of being accepted and ultimately, all of us just want to belong…