Download - Leone ct#1 presentation 1
![Page 1: Leone ct#1 presentation 1](https://reader033.vdocuments.us/reader033/viewer/2022052905/5587a154d8b42a2a368b4627/html5/thumbnails/1.jpg)
INFO 644 CRITICAL THINKING
#1
Vincent Leone
![Page 2: Leone ct#1 presentation 1](https://reader033.vdocuments.us/reader033/viewer/2022052905/5587a154d8b42a2a368b4627/html5/thumbnails/2.jpg)
CRITICAL THINKING #1
AGENDA
• What is Social Engineering?• Implications for Social Engineering attacks• Social Engineering Examples• How do perpetrators breech security? • Technical & Social Vulnerabilities• Preventing Social Engineering Attacks
![Page 3: Leone ct#1 presentation 1](https://reader033.vdocuments.us/reader033/viewer/2022052905/5587a154d8b42a2a368b4627/html5/thumbnails/3.jpg)
CRITICAL THINKING #1
Social Engineering (SE) – The gaining of information from legitimate users for illegitimate access.
Social Engineering is nothing more than an old-fashioned con game in a high tech world!
![Page 4: Leone ct#1 presentation 1](https://reader033.vdocuments.us/reader033/viewer/2022052905/5587a154d8b42a2a368b4627/html5/thumbnails/4.jpg)
CRITICAL THINKING #1
Social Engineering attacks can result in the theft of:
• Intellectual property• Client lists• Account details• Organization finances• Government classified information• Customer data: SSNs, birthdates, credit card numbers
![Page 5: Leone ct#1 presentation 1](https://reader033.vdocuments.us/reader033/viewer/2022052905/5587a154d8b42a2a368b4627/html5/thumbnails/5.jpg)
CRITICAL THINKING #1
Social Engineering Examples:• Phishing• Piggy backing• Shoulder surfing• Computer technician• Customer service• Blackmail• Bribery
![Page 6: Leone ct#1 presentation 1](https://reader033.vdocuments.us/reader033/viewer/2022052905/5587a154d8b42a2a368b4627/html5/thumbnails/6.jpg)
CRITICAL THINKING #1
Who are the perpetrators responsible for breeching information systems security?
• Hackers• Identity thiefs• Foreign governments - espionage• Corporate competitors • Disgruntled employees – internal threat
![Page 7: Leone ct#1 presentation 1](https://reader033.vdocuments.us/reader033/viewer/2022052905/5587a154d8b42a2a368b4627/html5/thumbnails/7.jpg)
CRITICAL THINKING #1
Technical Vulnerabilities:• Weak Passwords• Remote access• Poor firewalls • Civilian e-mail• Systems are interconnected (VCU Portal)
Social Vulnerabilities:• Over confident personalities• Trusting people who want to help others• Employees who do not follow policies
People are the largest vulnerability in any system!!
![Page 8: Leone ct#1 presentation 1](https://reader033.vdocuments.us/reader033/viewer/2022052905/5587a154d8b42a2a368b4627/html5/thumbnails/8.jpg)
CRITICAL THINKING #1
Preventing Social Engineering Attacks:• Provide Awareness training• Conduct social engineering penetration attacks.• Mandate strict adherence to organization information security policies. • Make social engineering part of an organization’s defense strategy.
![Page 9: Leone ct#1 presentation 1](https://reader033.vdocuments.us/reader033/viewer/2022052905/5587a154d8b42a2a368b4627/html5/thumbnails/9.jpg)
CRITICAL THINKING #1
FINAL QUESTION
What is the single best way to combat social engineering attacks?