Social engineering, for hackers, is generally the most effective weapon to obtain key data to access people’s private information, perhaps it is the simplest and most effective method of all. Which consists of data theft and user manipulation which is a risk and threat.
Information Security is vital
Many think that computer security is something inherent in a computer program they are 100% safe but the reality is different, it is very important to bear in mind that all computer software is not 100% safe and that at some point a method will be discovered to violate it, Not even the most encrypted and complex systems will be reliable in the near future due to the increase in the processing capacity of super computers, servers, and personal computers in a not so distant future, the encryption systems currently being the most secure will cease to be since a simple brute force attack in a matter of a few drinks hours or maybe just minutes will be cracked.
Why do you have to go further in computer security?
Why we must generate a culture that our personal data is something valuable that others cannot have in their hands, adding to this we must generate measures to protect our information in the safest way possible.
This article seeks to raise awareness regarding information security, and that in each country there is a legal framework to deal with such a sensitive issue as computer crimes, copyrights, licenses, among others.
It is not easy in a computerized world where the Internet within the reach of a click you can get any type of information not incur in an infringement of copyright, license or even handle information stolen from a company or institution, taking into account that we have the same responsibility for the information we handle whether or not we are aware of the laws that govern them.
For this reason, every user or follower is always recommended trying that when handling information, verify its source, or if it is your personal data, not make it public on the Internet as this can lead to all kinds of legal problems.
What is the recommendation?
First, be aware of security problems of software or tools, how they can be solved, and always be aware of news from the world of technology in general, new security methods among others, at least dedicate about 20 per day minutes of learning and learning about it can make all the difference in the proper implementation of security measures in your work environment or home.
Types of Social Engineering
- They are based on their techniques in human interaction to take advantage of some data and information that they can obtain through a weakness that a user may present.
- Refers only to the proper use that a user must have on their devices through the use of the internet and not allow computer programs to access private information.
Social engineering the deadliest weapon for a hacker
An experienced social engineer is a deadly double-edged sword and it might seem impossible to defend against him. Taking into account that computer attacks have challenging components since their social security allows them to acquire knowledge of users using their information. They take advantage of this deadly human-based weapon to manipulate and exploit human emotions to achieve their mission. This is why each document and applications on the devices must be meticulously analyzed. Without allowing intruders to access them.
There are means such as:
- Pretexts: Where an invented scenario is created to force the victim to reveal personal information or act in a way that would be unusual under normal circumstances.
- Social networks: This is the MOST dangerous factor mainly for young people by constantly posting personal and sensitive information.
- Phishing: It may be the simplest but most effective attack using deception to compromise the user into thinking that a system administrator is requesting a password for various legitimate purposes trying to obtain credit card information or emails and more.
- Vishing: This method uses telephone calls where the caller poses as technical support or representative of the company or bank in order to obtain access data or key information.
- Baiting: This method is a bit more elaborate since it requires a removable storage device (CD, DVD, BR, USB, SD) infected with a generally Trojan virus which infects the victim’s computer, collects information and it sends it over the internet to the attacker.
- Quid pro quo: its meaning is “something for something”, the attacker calls random numbers in a company, claiming to be calling again from technical support. This person will inform someone of a legitimate problem and offer to help, in the process they will get the login details and launch a malware.
Social engineering techniques for hacking humans
We currently have a wide range of systems that are available in the market, focused on computer security such as antivirus, firewall, IDS, WAF, etc. All these measures are essential and have become a priority for every company or organization. The truth is that social engineering plays with the advantage that it can resort to techniques against the same vulnerabilities inherent in humans and as they know there is no patch or update that offers effective and safe protection against this type of attack.
Social Engineering weapons with which to fight in cyberspace (XXI century)
One of the weapons is Stuxnet, its discovery was in 2010, which gave evidence regarding cyber crimes that could go beyond espionage and the theft of personal data, which was confirmed that they could cause physical damage due to political motivation. Which aims to control a series of industrial processes. So it can be added that this is very lethal and sophisticated, being so precise that these cybernetic weapons can be.
Social Engineering and Cyber Terror
These attacks are so dangerous that they can cause irreparable damage to the functioning of the equipment or infrastructure, as soon as the most dangerous cyber attack has occurred. It is totally a physical loss that occurs when the equipment is damaged, however, there is another damage which is psychological and individual and that is why I cite cyber-terrorism in this article, which is defined as a great fear that generates fear and anxiety. Although later you think you have everything under control, the terror will always be present as soon as it can happen to you again and you feel the constant need to protect yourself, for this reason cyberspace is important to recognize that it exists since physical distance is not relevant to this danger of being hacked even if you are far away.
In short, all these warnings must be taken into account, which do not allow our system to be vulnerable on the network or psychological. In these days in which there are many wars of words, surveillance must be kept on record because recently a series of complaints and warnings have been registered in which they are focused on cyber-attacks to manipulate all kinds of information with political objectives. In fact, there is detailed information that has even had the purpose of intervening in electoral processes in other countries.