How can today’s cyber-aware businesses prevent social engineering attacks?
Social engineering is one of the most protolithic and effective tactics used by cybercriminals. It is also one of the most difficult to prevent because it is based on the manipulation of human behavior.
In earlier articles, we looked at how social engineering works and offered some examples of social engineering. In this article, we look at some techniques and measures that an enterprise can use to protect their network and resources against the scourge of social engineering-based cyber-attacks.
More often than not, a healthy cybersecurity posture is based on human behavior. Social engineering is all about manipulating behavior. Making sure your entire workforce understands the various tricks of cybercriminals can be your best defense against social engineering.
For example, phishing email campaigns are designed to encourage a recipient to click on a link or download an infected file. The fraudsters make the emails look like popular brands and use traits such as trust and a sense of urgency to disguise the nefarious nature of the email.
Other social engineering techniques (including surveillance) are used to carry out cyber-attacks such as Business Email Compromise (BEC). Teaching your workforce about the tell-tale signs of an attack can help to prevent a cyber-threat becoming a cybersecurity incident.
Phishing emails are still the number one way that malware infections occur.
A popular technique to train users to spot a phishing email is the use of phishing simulations. The simulation software is usually cloud-based and provided by a specialist vendor. The simulation sessions can therefore be used remotely and are often tailored to the specific needs of your organization.
Feedback and metrics help to show how successful a phishing campaign would be and what areas need to be focused on to improve detection and avoidance by your staff.
Related Post: Tips For Protecting Yourself From Phishing Attacks
Pretexting is a type of social engineering which often grooms a target then develops an environment of urgency to obtain sensitive data or encourage a transfer of money.
To avoid pre-texting and prevent social engineering attacks, you can use security awareness training that is augmented with clear security policies that deal specifically with the challenges of pre-texting and grooming.
Social engineers love to use email as the tool to execute a scam; email gateways are used to filter out spam emails.
There are around 14.5 billion spam emails sent every day. Within this is a mix of annoying as well as dangerous emails, the latter being socially engineered to steal data and/or infect your network with malware. Email gateways can be on premise or cloud based. Email gateways have been shown, when correctly configured, to reduce spam by up to 99.9%.
Social engineering is designed to trick human beings.
However, technological processes can only help so much in preventing these types of attacks. Whilst technology like anti-malware and firewalls are important, they cannot prevent social engineering-based attacks.
In the case of CEO Fraud and Business Email Compromise (BEC), it is useful to have processes in place for certain procedures. For example, in the case of money transfers, have a check and balance process in place, e.g. require a face-to-face or similar confirmation of a transfer if over a certain amount.
Social engineering techniques include the grooming of targets which requires intelligence to be collected about the victim.
Spear-phishing emails, too, are most successful when they have been created using personal details of the identified mark. Social media sites are often used to collect these personal data.
To prevent social engineering attacks, make sure your corporate security policy has a clear approach to employees posting on social media. Oversharing is a real issue and an enabler for social engineering. However, this can be a hard policy to enforce when social media is used in a private context.
People tend to open texts, which is evidenced by the 98% open rate for all texts. S
MShing is the mobile text version of the phishing email. It makes sense for cybercriminals to use mobile texts to deliver malware such as mobile banking trojans, which have increased by 58% in Q1 of 2019.
To avoid mobile phones becoming a mobile threat, ensure that your employees understand this vector. You should also put structures, such as policies, in place to prevent unauthorized mobile apps from being installed on work mobiles.
Social engineering often relies on escalating privileges to allow access to network resources. By adding in a layer of additional authentication, you can help mitigate the result of a social engineering attack.
Two-factor authentication, or 2FA, usually requires another factor to be used along with a username and password before access is allowed. This could be as simple as a mobile text code or could even be a biometric.
This extra credential makes phishing more difficult as the fraudster may be able to steal the password easily but getting at the second factor is harder. Also, ensure that roles are set so only certain users have access to privileged resources.
Cybercriminals are always looking to improve their chances of success. To do so, they update and modify the social engineering techniques they use. As technology such as deepfakes enter the landscape by using Artificial Intelligence to manipulate a voice or face, the techniques used in social engineering may also change.
Of course, it is vital that your security team keeps up to date with the latest tactics and techniques used by cybercriminals. They can then make sure they are applying the most relevant defenses against any type of scam.
At the same time, a cybersecurity posture assessment represents an insightful and useful first step for organizations looking to identify where they’re currently at, what is currently missing and what will need to be done to increase their cybersecurity maturity level. The objective of a cybersecurity posture assessment is to help organizations strengthen their cybersecurity defenses by developing a comprehensive cybersecurity roadmap.
Related Post: What is a Cybersecurity Posture Assessment?
Your security team’s vigilance can be enhanced and augmented using services that provide 24/7 monitoring.
Whether businesses need to comply with regulations, secure their environment against cyberthreats or data breaches, or guarantee maximum operational uptime, they will most likely need to find a way to monitor their environments 24/7 in a manner that is cost-efficient, effective and yields maximum ROI.
A Managed Security Service Provider (MSSP) can help to provide this level of intensive managed security services. They have the specialist security staff at hand, to carry out the operations needed to keep your network safe.
Monitoring usually involves the use of tools that can help detect problems on the network. These may include behavioral analysis and smart tools that help to spot anomalies. Monitoring also improves overall security by ensuring that software is up to date and misconfigurations of servers, etc., are addressed.
The ten measures shown above will help you to mitigate attempts to trick and cajole your employees into revealing data and/or transferring money. None of them stands alone. Protecting against the sophisticated tactics of cybercriminals to prevent social engineering attacks is a process.
When the human element of behavior manipulation is added via social engineering this process can have many moving parts. Cybersecurity involves layers of human-centric security as well as technological approaches such as 2FA. By using a socio-technological approach against social engineering, an enterprise has a powerful way to prevent this most insidious of cyber-threat tactics.
If you would like to evaluate the cybersecurity posture of your own organization, you may wish you download our free self-assessment checklist to find out more! For any questions, we are here to support you!