Cybersecurity: Social Engineering, Attacks, and Defenses Report

Verified

Added on 2022/11/18

AI Summary

This report delves into the realm of social engineering within cybersecurity, examining its implications and applications. It highlights how social engineering techniques are used to manipulate individuals, leading to breaches in security protocols and the release of confidential data. The report discusses the legal aspects of social engineering, particularly in the context of security testing and data privacy, while also addressing the regulations that govern its use in the commercial sector to prevent fraudulent practices. It references relevant academic sources to support the analysis of cybercrimes, including how law enforcers utilize social engineering to combat cyber threats and the methods employed to analyze cyber data for security purposes. The report covers the types of social engineering attacks, and the importance of security measures.

SOCIAL ENGINEERING 1
Social Engineering
Student’s Name
Institution Affiliate
Date

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

SOCIAL ENGINEERING 2
Introduction.
Social engineering refers to designing and applying deceitful techniques to manipulate
human targets. Social engineering primarily induces its victims towards revealing confidential
data or into doing actions that breach security protocols, thereby infecting systems or releasing
information that is classified. In most cases, cybercriminals use social engineering for malicious
reasons. Law enforcers are leading the fight against cyber-crimes as they also use social
engineering to curb hacktivist, cyber espionage, and cybercriminal behavior (Conteh & Schmick
2016). They usually analyze raw cyber data accumulated from news, blogs, and social media,
submissions from partner and end users, vulnerability data feeds, threat and security information,
as well as industry-specific data, feeds. The raw cyber data is then taken through a process of
standardization and transformation into Cyber Facts which can tell who the attacker is, the
attacker's target, the impact and how the attack is to be or being done.
Social engineering may be used to access information from a legal standpoint given the
nature of the information that is being accessed for security testing. Especially where the security
procedures and systems of an institution is tested to maintain the confidentiality of customer
information. This may require a letter of authorization (Krombholz, et.al, 2015). In the
commercial sector, social engineering is heavily regulated to prevent fraudulent, unfair business
practices and deception in the market place. Social engineering being legal depends on its use,
and there are laws in place with respect to privacy, financial and telecom information as well as
cyber.

SOCIAL ENGINEERING 3
References
Conteh, N. Y., & Schmick, P. J. (2016). Cybersecurity: risks, vulnerabilities and
countermeasures to prevent social engineering attacks. International Journal of
Advanced Computer Research, 6(23), 31.
Krombholz, K., Hobel, H., Huber, M., & Weippl, E. (2015). Advanced social engineering
attacks. Journal of Information Security and applications, 22, 113-122.