In order to understand how to protect your network from Social Engineering attacks, you first need to understand how a Social Engineer will attack your network.
The attack methods used will range from simple observation (Shoulder Surfing), to much more elaborate con-games (Impersonation). As much as possible, the Social Engineer will try to keep things simple and exploit people's desire to help others, or to simply not appear to be rude.
In a typical attack, more than one method will likely be used to collect enough information to allow the intruder entry into the system. Since intruders are often looking for soft targets, a failure at one level may be enough to turn away the intruder. However, good Social Engineers will push back at objections, so like with sales people or with your children, you may need to say NO a few times to the Social Engineer.
No comments:
Post a Comment