PricingBlogAbout Us

IT NE 2005: Modern Network Security Threats - Social Engineering Lab

Verified

Added on  2023/06/13

|6
|779
|218
Homework Assignment
AI Summary
This assignment focuses on social engineering attacks and methods to prevent them, referencing the Ubiquiti Networks case, RSA secure ID breach, and Hidden Lynx Watering Hole attack on Bit9 as examples of successful social engineering exploits. It highlights the importance of being wary of unscheduled inspections, false urgency requests, and tactics that exploit fear of authority. The assignment also emphasizes the need for companies to implement proper procedures and policies to safeguard against social engineering attacks, such as verifying requests for money, carefully examining links to avoid phishing, and purchasing products only from official e-commerce websites. This document is available on Desklib, a platform offering study tools and solved assignments for students.
Document Page
Running head: IT NETWORKING DESIGNING
IT NETWORKING DESIGNING
Name of Student
Name of University
Author Note
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
1IT NETWORKING DESIGNING
TASK 1
Ubiquiti Networks case
A famous case of social engineering is the Ubiquiti networks case which is a USA
based company dealing with high performance networks. The company lost 39.1 million
dollars due to social engineering attack. Cybercriminals sent some emails to the company’s
employees claiming themselves to be executive members of the organization and asked them
to send huge amount of money to a particular bank account of the cybercriminals. Social
engineering takes advantages of human weakness to execute the hacking attempt.
RSA secure ID breach
The RSA secureID breach occurred in the year 2011 when cybercriminals sent a
couple of phishing type of emails to some small groups of employees. The emails contained
a MS excel sheets type of document named “2011 recruitment plan” which had a zero-day
exploit that installed a backdoor foot-printing mechanism through an Adobe Flash related
vulnerability. The two factor authentication of RSA was compromised and the company lost
$66 million dollars to recover from the social engineering attack.
Hidden Lynx Watering Hole on Bit9
The attack occurred in the year 2013 when a Chinese hacker group named “Hidden
lynx” used hacking technique named “water holing technique” to attack the security firm Bit9
and compromised their digital code signing certificates which, at later stage targeted some
Bit9 customers. By the water hole technique malware was injected within the legitimate
website which was used by the organization. The cybercriminal group accessed the Bit9’s file
signing infrastructure so that they could sign malware and make it appear authenticated.
Document Page
2IT NETWORKING DESIGNING
Task 2
Ways to prevent social engineering
Beware of unscheduled inspections
The social engineers often pretend to be inspectors at first place to gain access to enter
any restricted place(Krombholz et al., 2015). They install software such as key loggers onto
computers to gain data from the computer. To prevent this cross checking should be done by
employees to authenticate identity of the outsider.
Do not follow false urgency request
Any type of urgency request should be first verified and then replied. The scammers
use this to gain private data or passwords and steal money(Bullée et al., 2015). This is a
common process of credit card information stealing.
Beware of the tactics of “Boss might get angry”
This is a case where the fraudstars take advantage of the fear factor of any employee
related to their boss and gains crucial information from them. Fear coupled with false
urgency is the reason behind this(Mouton et al., 2014).
Ways to prevent social engineering
My company has proper procedure and policy to stay safe from social engineering
attack.
One of the most common attack is email from a friend in which a social engineer
hacks email id of a friend and sends request to send money to an account of the
hacker(Krombholz et al., 2013). This type of request can be verified first before acting.
Phishing attack can be stopped by carefully seeing the link before entering any personal data.

This is a preview!

Do you want full access?

icon

Trusted by 1+ million students worldwide

Document Page
3IT NETWORKING DESIGNING
Baiting schemes is another type which can be stopped by only buying a product from official
website of an e commerce site.
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
4IT NETWORKING DESIGNING
Reference
Bullée, J.W.H., Montoya, L., Pieters, W., Junger, M. and Hartel, P.H., 2015. The persuasion
and security awareness experiment: reducing the success of social engineering
attacks. Journal of experimental criminology, 11(1), pp.97-115.
Krombholz, K., Hobel, H., Huber, M. and Weippl, E., 2013, November. Social engineering
attacks on the knowledge worker. In Proceedings of the 6th International Conference on
Security of Information and Networks (pp. 28-35). ACM.
Krombholz, K., Hobel, H., Huber, M. and Weippl, E., 2015. Advanced social engineering
attacks. Journal of Information Security and applications, 22, pp.113-122.
Mouton, F., Malan, M.M., Leenen, L. and Venter, H.S., 2014, August. Social engineering
attack framework. In Information Security for South Africa (ISSA), 2014 (pp. 1-9). IEEE.
Document Page
5IT NETWORKING DESIGNING

This is a preview!

Do you want full access?

icon

Trusted by 1+ million students worldwide

chevron_up_icon
1 out of 6
circle_padding
hide_on_mobile
zoom_out_icon
logo.png

Your All-in-One AI-Powered Toolkit for Academic Success.

  +13062052269
info@desklib.com

Available 24*7 on WhatsApp / Email

[object Object]
Unlock your academic potential

Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.