Social Engineering and Cybersecurity

Verified

Added on  2022/11/26

|7
|3161
|211
AI Summary
This research study focuses on social engineering and cyber security and discusses the security risks linked with cyber security. The report shows the significance of cyber security in the organization and reviews the cyber-attacks and threats occurred due to social engineering and cyber security.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
SOCIAL ENGINEERING AND CYBERSECURITY 0
Social engineering and cyber
security

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
SOCIAL ENGINEERING AND CYBERSECURITY 1
ABSTRACT
Social engineering is a term which is utilized for a broad
range of malicious activities accomplished through individual
communication. Mainly, social engineering uses
psychological manipulation to trick consumers into making
privacy issues. Cyber security is an approach that provides a
way to users for protecting peripheral devices from the
attackers. This research study focuses on social engineering
and cyber security and discusses the security risks linked with
cyber security. The relevant facts and information obtained
from the previous studies and papers and identified the risk
factors linked with cyber security. This report shows the
significance of cyber security in the organization and
reviewed the cyber-attacks and threats occurred due to social
engineering and cyber security. Therefore, it is commended
that users should ensure that they use only authentic networks
while accessing their private accounts and enable antivirus,
firewall and encryption techniques in their computer devices.
All these techniques can help companies and users for
protecting sensitive data from hackers and criminals.
Keywords: social engineering, cyber security, encryption,
cyber-attacks, firewall and computer devices.
Social engineering and cyber security
Document Page
SOCIAL ENGINEERING AND CYBERSECURITY 2
Introduction
The term social engineering is a part of engineering which is
used for a broad range of malicious activities accomplished
through individual communication. Mainly, social engineering
uses psychological manipulation to trick consumers into
making security mistakes [1]. Cyber security is a process
which is used in the field of information technologies for
protecting networks and servers for attack or unauthentic
servers. The purpose of this report is to examine the concept
of social engineering and cyber security and evaluate the
cyber-security risks occurred in computer devices. In this
modern era, security issues and social engineering attacks are
very common problems which occur in the computer networks
and devices. This study is divided into several steps which
include social engineering and cyber security, the importance
of cyber security, cyber security issues, and methods to
address security issues.
Social engineering and cyber security
Social engineering is defined as the psychological
manipulation of consumers into performing actions and
controlling confidential data. The key idea behind social
engineering is to take benefits of a potential consumer’s
tendencies and emotional reactions. In order to access the
computer devices of users, the attackers use advanced
computer software and tools. Below figure shows the Impact
of social engineering attack in various countries and locations.
Figure: social engineering data
(Source: Saini, Rao and, Panda)
A social engineer helps consumers to trick an employee into
divulging their login ID and password more credential [2]. A
recent study identified that social engineering attacks happen
in mainly one or more stages. In which hackers first identify
and collect the necessary information of users and their
devices after that they develop an advanced algorithm for
reducing the performance of user’s devices. Moreover, the
attackers transfer unwanted links and signals to the computer
servers in order to collect the personal information of users
[3]. Such kind of steps help criminals for obtaining the
account details of users and they may be lost their private
details like user name, pictures, bank details and so on. It is
observed that the social engineering life cycle contain major
four steps which are described below:
Preparing the ground for the attack
Deceiving the consumers to gain a foothold
Collecting the data and information of consumers
Closing the communication and removing all traces
of malware
Cyber security refers to a set of techniques and methods used
for protecting data and information of users along with
computer networks from attackers. In this modern era, the use
of computer devices and the internet is growing rapidly due to
which most of the hackers attack physical devices used by
consumers. It is estimated that the market of cyber security is
expected to reach 170 billion by 2020 and cyber security
provide a platform to the companies and users for
understanding the risks factors liked with the computer
devices [4].
Figure: cyber security
(Source: Saini, Rao and, Panda)
Document Page
SOCIAL ENGINEERING AND CYBERSECURITY 3
It is observed that cyber security us the practice of securing
computer networks, systems, and hardware from digital
attacks. The major aim of the cyber security process is to
control and manage the personal data or information of users
in an effective manner. Developing and implementing the
effective cyber security system is one of the complex tasks for
companies because there are more devices rather than people
and hackers are becoming more innovative which can be
easily entered into their servers [5]. Below figure shows the
impact of cyber security attacks on Australia and other
countries:
Figure: figures about cyber security attacks
(Source: Sood and, Enbody)
The importance of cyber security
In this advanced generation, every company uses various
kinds of information technologies and computer devices for
growing their business but they also increase the rate of cyber-
attacks and data breach. For which cyber security provides a
way to the companies for controlling and managing their
computer networks and data in an effective manner and
addresses the issue of security. It is analysed that the core
functionality of cyber security includes protection data and
system from major cybercrimes and attacks [6]. It is observed
that cyber security play a major role in the field of information
technology where it helps consumers to protect their physical
devices from the hackers and unauthentic networks. There are
major five reasons why cyber security is important for an
organization such as the increasing numbers of breaches,
increasing sophisticated hackers, widely available hacking
tools, lack of security, and tighter regulations. However, such
kind of process provides a way to the companies for
improving their performance and manages computer networks
in an effective manner.
It is identified that the cyber security help consumers in
identifying the risk factors linked with the physical devices
and protect the private information of users from hackers and
unwanted signals. There are major three principles of cyber
security such as confidentiality, integrity and availability
which are used in the information technology for managing
the performance of computer devices [7]. Therefore, cyber
security significantly protects and secures the data or
computer devices of consumers from hackers.
Social engineering and cyber security threats
It is analysed that security is a very serious problem for
companies and cyber security is also linked with the cyber-
crimes which directly affect the personal data of users. This
section focus on the security threats and risks faced by social
engineering and cyber security and identify the risk factors
which increase the rate of cybercrimes in the field of
information technology [8]. There are various kinds of risks
and issues occurred in the field of social engineering and
cyber security which are described below:
Batting attack
It is a common security attack which occurs in the social
engineering that uses a false promise to pique a consumer’s
greed. Mainly, hackers lure consumers into a trap which steal
their private data and inflict their computer devices with
malware. It is observed that hackers leaver the bait like
malware and attack on the user’s peripheral devices in order to
obtain their data files and information without their
permission [9]. Moreover, criminals produce batting attack
when they leave a malicious infected system for example CD,
and USB flash drive in a place where users likely will find it.
Once the user installed the device in to their system, the
malware provides a platform to the hackers for obtaining the
accessibility of user’s accounts.
Phishing
Such kind of security risk occurs in the computer device and
organizations where consumers receive unwanted signals and
linked from the hackers. It is analysed that phishing attack
occurs when a criminal develops fraud communication with
the consumer which are disguised as legitimate [10]. In such
kind of cyber-attack, the hackers allow users to install the
malware in their system by sending the spam mails in their
computer networks. Moreover, email is the most common
communication platform for phishing attack but hackers also

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
SOCIAL ENGINEERING AND CYBERSECURITY 4
use several chat applications and social media networks to
produce hacking or data breach related issues.
Figure: cyber security statistics in 2019
(Source: Sood and, Enbody)
Pretexting
Such kind of problem occurs when a hacker fabricates false
circumstances to compel a user into their computer devices
and collect their sensitive data. It is identified that the
pretexting attack involves a scammer pretending to need
financial data for confirming the identity of the users [11].
Ransom ware attack
It is very common cyber-attack which occurs in the field of
information technology and many companies are facing such
kind of issues while using information technologies. In such
kind of attack hackers first, reduce the performance of
computer networks and servers by sending unwanted signals
or traffic after that they enter into the personal devices and
encrypt the data or information of users [12]. Mainly, hackers
attack the largest business industries for earning more money
and they demand some ransom for decrypting their private
data files. The increment in crypto currencies such as bitcoin
is one of the common ways used by hackers for obtaining
money from the users and companies.
Crypto jacking
It is another part of the cyber security attack which includes
cyber criminals in high jacking third party applications. In
such kind of Data breach attack, criminals attack the
computers and block the data of users and demand money. By
using such kind of process attackers can earn money and
access the private details of consumers without their
permission [11].
Quid Pro Quo
It is observed that quid pro quo attacks on the user’s computer
networks and technically it detect the facts and data of
consumers from their computer devices. It is identified that
fraudsters is one of the common quid pro quo crime which
impersonate IT services and collect the data of users by
attacking on VPNs, wireless networks and computer devices.
Tailgating
It is defined as the physical engineering process which occurs
when consumers use unauthentic networks while transferring
data from one location to another over internet connectivity
[13]. Mainly, hackers design and implement unauthorized
servers and third party application for accessing the accounts
of consumers. The major objective of this attack is to collect
valuable data and confidential information of users.
Spear phishing attack
Such kind of cyber risk is defined to attack data of consumers
and companies and produce data breach related issues. It often
uses private information of users to produce trust before
stealing information and installing malware tools in their
computer devices. It is identified that attackers who utilize
spear phishing are well versed in scarping data of consumers
from social media networks and email networking sites [14].
Scareware
It is an effective and successful cyber-attack which is used by
attackers for collecting the financial details of consumers
along with their bank accounts. Scare ware does not involve
private threats but it directly impacts on the bank accounts
such as debit card and credit cards [15]. In which hackers
develop free access software and tools and users access such
kind of applications in their system which increase the rate of
hacking and data breach.
Document Page
SOCIAL ENGINEERING AND CYBERSECURITY 5
Prevention techniques
There are following techniques and methods can be used for
protecting data from hackers and improving the security of
devices in the organizations:
Do not open fraud mails and attachments
It is identified that most hackers use email as a platform for
hacking the data of users where they transfer the unwanted
signals and links to the users. So, consumers should focus on
their email accounts and avoid fraud mails along with the
attachments [4]. Moreover, they can use the robust technology
for blocking and deleting fraud message and mails from the
networks. Such kind of process can help consumers for
controlling and managing the rate of cyber-attacks and
protecting private details.
Use authentic servers and networks
It is very important for consumers to use only authentic
networks because there are many hackers they use unauthentic
networks for collecting the private details of users. Therefore,
consumers should use properly configured networks and
authentic servers while transferring data or information from
one location to another and access their private accounts [6].
Adopt antivirus and firewall techniques
It is identified that the hackers send viruses and traffic signals
to the user’s device which also impact on the performance of
the computer systems. In order to control and manage the rate
of cybercrimes and traffic signals, consumers should ensure
that they install firewall and antivirus in their computer [7]. A
firewall is a type of software that has the ability for detecting
and managing the unwanted signals from the networks and
blocks the malware from the servers.
Use encryption technology
It is a very common security system which is used by many
companies while communicating with the consumers. Such
kind of system provides a platform to the users for securing
the message or information transferred from one location to
another [5]. Encryption technique encrypts the data or signals
of consumers and provides a private to the users that help
them for reducing the rate of cyber security threats and risks.
Conclusion
From the above discussion, it is concluded that cyber security
plays a crucial role in the field of information technology
where it protects physical devices from hackers and malware.
This report identified the importance of cyber security and
evaluated the security risks linked with social engineering and
cyber security. It is identified that lack of security and use of
unauthentic servers both are very common risks factors which
increase the rate of security threats and cybercrimes in an
organization. Therefore, it is recommended that users and
companies should ensure that they use only authorized severs
and avoid fraud mails from the system using robust
technology and adopt encryption technology for protecting
data from hackers.
Document Page
SOCIAL ENGINEERING AND CYBERSECURITY 6
References
[1]. N.Y. Conteh and, P.J., Schmick, “Cybersecurity:
risks, vulnerabilities and countermeasures to prevent
social engineering attacks,” International Journal of
Advanced Computer Research, vol. 6, no. 23, p.31,
2016.
[2]. F.A., Aloul, “The need for effective information
security awareness,” Journal of Advances in
Information Technology, vol. 3, no. 3, pp.176-183,
2012.
[3]. A.K. Sood and, R.J., Enbody, “Targeted
cyberattacks: a superset of advanced persistent
threats,” IEEE security & privacy, vol. 11, no. 1,
pp.54-61, 2013.
[4]. H., Saini, Y.S. Rao and, T.C., Panda, “Cyber-
crimes and their impacts: A review,” International
Journal of Engineering Research and
Applications, vol. 2, no. 2, pp.202-209, 2012.
[5]. J.W.H., Bullée, L., Montoya, W., Pieters, M. Junger
and, P.H., Hartel, “The persuasion and security
awareness experiment: reducing the success of
social engineering attacks,” Journal of experimental
criminology, vol. 11, no. 1, pp.97-115, 2015.
[6]. I., Ghafir, V., Prenosil, A. Alhejailan and, M.,
Hammoudeh, ‘Social engineering attack strategies
and defence approaches,” In 2016 IEEE 4th
International Conference on Future Internet of
Things and Cloud (FiCloud), vol. 12, no. 7, pp. 145-
149, 2016.
[7]. N.A.G. Arachchilage and, S., Love, “Security
awareness of computer users: A phishing threat
avoidance perspective,” Computers in Human
Behavior, vol. 38, no. 4, pp.304-312, 2014.
[8]. W.R. Flores and, M., Ekstedt, “Shaping intention to
resist social engineering through transformational
leadership, information security culture and
awareness,” computers & security, vol. 59, no. 8,
pp.26-44, 2016.
[9]. A., Chitrey, D. Singh and, V., Singh, “A
comprehensive study of social engineering based
attacks in india to develop a conceptual
model,” International Journal of Information and
Network Security, vol. 1, no. 2, p.45, 2012.
[10].M., Abomhara, “Cyber security and the internet of
things: vulnerabilities, threats, intruders and
attacks,” Journal of Cyber Security and
Mobility, vol. 4, no. 1, pp.65-88, 2015.
[11].A., Bendovschi, “Cyber-attacks–trends, patterns and
security countermeasures,” Procedia Economics
and Finance, vol. 28, no. 7, pp.24-31, 2015.
[12].A., Kumar, M. Chaudhary and, N., Kumar, “Social
engineering threats and awareness: a
survey,” European Journal of Advances in
Engineering and Technology, vol. 2, no. 11, pp.15-
19, 2015.
[13].H. Wilcox and, M., Bhattacharya, “Countering
social engineering through social media: An
enterprise security perspective,” In Computational
Collective Intelligence, vol. 7, no. 8, pp. 54-64,
2015.
[14].A.Y., Javaid, W., Sun, V.K. Devabhaktuni and, M.,
Alam, “Cyber security threat analysis and modelling
of an unmanned aerial vehicle system,” In 2012
IEEE Conference on Technologies for Homeland
Security (HST), vol. 4, no. 6, pp. 585-590, 2012.
[15].S. Uebelacker and, S., Quiel, “The social
engineering personality framework,” In 2014
Workshop on Socio-Technical Aspects in Security
and Trust, vol. 12, no. 9, pp. 24-30, 2014.
1 out of 7
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]