The broad objective of this study is to evaluate the vulnerabilities of an organization's information technology infrastructure, which include hardware and software systems, transmission media, local area networks, wide area networks, enterprise networks, intranets, and its use of the internet to cyber intrusions. To achieve this objective, the chapter explains the importance of social engineering in network intrusions and cyber-theft and the reasons for the rapid expansion of cybercrime. The chapter also includes a complete description and definition of social engineering, the role it plays in network intrusion and cyber identity theft, a discussion of the reasons for the rise in cybercrimes, and their impact on organizations. In closing the authors recommend some preventive measures and possible solutions to the threats and vulnerabilities of social engineering. The chapter concludes that while technology has a role to play in reducing the impact of social engineering attacks, the vulnerability resides with human behavior, human impulses, and psychological predispositions.
Social engineering attacks have emerged to become one of the most problematic tactics used against businesses today. Social engineers employ both human-based and computer-based tactics to successfully compromise their targeted networks. This chapter will discuss the basics of social engineering and what it means today. It will explain some common attack methods like baiting, phishing, pretexting, quid pro quo, tailgating, and dumpster diving. It will then highlight the impact social engineering has had on the rise in cybercrime and why threat actors have grown more innovative. Finally, this chapter will discuss what multi-layer defense or defense in depth is and offer countermeasures that can be enforced to defend against social engineering attacks.
This chapter is primarily intended to firstly define and review the literature in cybersecurity and vividly shed light on the mechanisms involved in the social engineering phenomenon. It will discuss the various attempts at network intrusion and the steps typically taken in the implementation of cyber-thefts. The chapter will provide the rationale behind the justification of why humans are considered to be the weakest link in these attacks. The study will also explain the reasons for the rise in cybercrimes and their impact on organizations. In closing, the chapter will put forward some recommendations to serve as preventative measures and solutions to the threats and vulnerabilities posed by cyber-attacks. Finally, measures, such as conducting regular, thorough, and relevant awareness training, frequent drills, and realistic tests, will be addressed with a view to maintaining a steady focus on the overall discipline of the organization, thereby hardening the component of the network that is the softest by nature—the human vulnerability factor.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.