Despite
investing in advanced security software and protecting themselves against the
latest threats, companies are still are extremely vulnerable to malicious attacks
that exploit their human element of security. Social engineering is the clever psychological
manipulation of people to perform actions or give up information. Social
engineering, coined "the art of human hacking," is now considered the
greatest to security, according to analyst firm Gartner.
This image, taken from home.mcafee.com, depicts 2 men manipulated by the strings of a puppeteer. Unlike computer software, humans can be carefully manipulated into divulging confidential information or performing actions. Like a puppeteer, social engineers manipulate the human elements of security into performing actions, or revealing confidential information. Social engineers play upon human nature, and have an acute understanding of the human mind. They know just the right strings to pull to get humans to act the way they want.
All
social engineering techniques prey upon human tendencies. Pretexting, a common
method used by social engineers to manipulate unsuspecting victims, targets the
human tendency to trust. By pretexting, or pretending to be someone or something
they aren’t, criminals can manipulate these victims into giving personal
information that could lead to identity theft and large amounts of money.
It is important to note that social
engineering is not all bad. In fact, it is applied every day by everyday
people. Every time you try to get someone to do something that is in your
interest, you are using social engineering. Everyone from children, to salesmen
to politicians engage in social engineering. If used maliciously however, social
engineering attacks could have catastrophic effects, potentially costing
companies and businesses millions of dollars. And with the rising number of
social engineering attacks daily, it is imperative that more businesses and
companies are made aware of social engineering threats and implement defenses
to protect themselves.
Works Cited
"Greatest Security Risk: Social Engineering, Says Gartner." - ZDNet.co.uk. N.p., n.d. Web. 02 Mar. 2014.
Kevin,
ReplyDeleteYour topic is very interesting, I have never really thought about how social engineering is used almost every day without us even knowing. Your post is informative and sheds light on a topic that most people do not know much about. In the final paragraph I like how you briefly touched on the benefits of social engineering, i wish you had added a little bit more so the reader could fully weigh the benefits and the dangers. The picture is really cool. You really have to read the post to understand how it relates to your topic but once you read it the picture fits perfectly into your argument.
I only have two suggestions, maybe you could have used a specific example of an actual social engineering attack, I think that would help the reader understand the topic a little bit better. Also some of your sentences seemed a little repetitive like ,"Social engineering is the clever psychological manipulation of people to perform actions or give up information" and "Unlike computer software, humans can be carefully manipulated into divulging confidential information or performing actions".
Overall I really liked your post and think your topic is very interesting!
I agree with Emily. The image is awesome, really cool. Your explanation of the image is a bit repetitive, but this might be the fault of the assignment rather than your analysis. Sometimes, there just isn't 400 words of analysis - or at least 400 words that relate to your paper topics. You will want to clean-up the writing in your first paragraph. Your writing gets stronger as you proceed. Also, you will want to avoid the sudden shift to the second person narrative perspective. That struck me as awkward, and in your research paper it will be inappropriate.
ReplyDelete