country
$20 Bonus + 25% OFF
Securing Higher Grades Costing Your Pocket? Book Your Assignment at The Lowest Price Now!

Question:

Discuss about Cyber Security ?
 
 

Answer :

Introduction

In the term of information security, social engineering refers to the psychological manipulation of people in divulging the confidential information of them or performance of their actions. It is considered as the art of manipulating people so that they give away their confidential information. In today’s era many people become victim of the internet attacks where the attacker does a theft of the victim’s useful data. This assignment consists the overview of social engineering with the description of social engineering strategies, which are used to engage the targeted victim. It consists a detailed analysis of the environment in which the attack is done on the victim. The strategies, which can be implemented to prevent those attacks, are mentioned.

First of all a brief description of social engineering is provided followed by the terms of attack and rescue.

Social Engineering

The attack is based totally on the interaction of human and it indulges humans in breaking down the security measures. The act of social engineering can also be said as the con game.  The techniques involved in the procedure are appeal to vanity, appeal to legal greed and appeal to authority. Social attacks are done effectively only when the victim is willingly helpful to the attacker. The attacker pretends to be a co-worker or a friend of the victim and performs the theft (Krombholz et al. 2015).

Social engineering strategies

There are many strategies, which the attacker adopts in order to manipulate peoples to get  any type of confidential information. The information, which is given by the people willingly to the attacker is used for various illegal purposes. The data which the persons (criminals) doing these attacks are looking for may be different in each and every case. Whenever any person in particular is at target by the Social Engineering Criminals, then these criminals usually try to manipulate them into giving the passwords or the bank account details. The attackers even try to get an access to their computer so that they could install any software, which will thereafter run on the victim’s computer and store the passwords and the bank account details and also these software gains control over the victim’s computer (Bullée et al. 2015). There are various processes to do social engineering attacks, some of them are mentioned below :

 

Phishing

This is the most common attack process. In this attack, the attacker copies the whole look of your website and sends you a request to login or even give you a password reset form, which contains old password and new password thus the attacker getting your original password, which is what they were looking for (Heartfield and Loukas 2016).

Vishing

In this process a attacker calls a victim with some pre-recorded clip, simulating that they are calling from his company or from the company’s bank. After doing this they will tell the victim to call on a number, and when the victim calls, attacker will ask all the details about the debit or credit card, registered number, pin, first four or last four or even full digits of the victim’s social security number and all other important details (Greitzer et al. 2014). After enquiring about these things the attacker will tell the victim about some transactions, which would be fake but the victim, will think them as real and the attacker will promise to cancel all the transaction so that the victim has hiss full faith upon the attacker and thereafter the attacker will use the debit or credit card.

Botnet

It is a group of conciliated computers, which are designated as “zombies”.  They are corrupted by some malware, which gives the attacker an access to have a control over the people’s data (Heartfield and Loukas 2016). The Botnet is mainly used to send fake mails, which are spam in general or even used to transfer any malicious software or any virus and also used in many types of cybercrimes.

 

Tailgating

It is also knows as piggybacking. In this type of attack, the attacker dresses up like a delivery person and they wait outside of the company’s building. When any employee passes through the security, the attacker follows the employee to skip to security or when then employee opens a security door, the attacker requests the employee to hold on to the door so that they can get the delivery boxes through them (Mouton et al. 2014).

Rootkit

It is fraudulent computer software or a simple program. It is created to give continuous authorized access to a particular computer and at the same time this program hides the existence of the computer (Tetri and Vuorinen 2013).

Social networks

Social networks are in trend these days. Almost everybody uses Websites like LinkedIn, Twitter and Facebook today and their users are increasing day by day. These offer a great source to the users to remain in touch with each other. The dark side of social media is that the attackers or the spammers to get close to the victim use it. The social networks help the scammer to send fraudent mails to the victim. The attacker may ask the victim to click on a video or image which contain the malicious software (Krombholz et al. 2013).

Analysis of the environment

The First step taken by the attackers in the process of social engineering is creating an environment suitable for the theft. The social engineers to get the passwords and the data use a wide variety of ways. First of all, the attacker starts looking for the information which ca be used to penetrate the organization. The attacker approaches the employee who is supposed to have all the information related to the company.  The attacker takes the form of a technician or a co-worker who can be easily trusted by the victim employee. There are certain other environments created by the attackers in order to get in touch with the victim. The ways are trawling the parking lot for goodies as the vehicles may contain security badges, smartphones, and confidential paperworks (Watson, Mason and Ackroyd 2014). The other method used is spending time with the victim in order to create a friendly relation and implementing the theft. Sometimes, it takes large amount if time to get familiar with the victim and get the information. If the attacker is impatient enough, he/she gets in acquaintance with the bar or public place which is visited most frequently by the victim. There, the attacker gets in touch with the victim and becomes familiar to him/her. The other technique used is visiting the company building often, thus becoming a familiar face, which can be trusted by the employees, and then implementing the theft (Kearney and Kruger 2014). The attacker can also create a hostile environment with the attacker and thus taking advantage of the employee’s trust.

 

Hypotheses/approaches for addressing security threats

There are many ways by which the social engineering attack can be recognized and prevented. Hackers use clever method to fool the employees and individuals (Beckers, Krautsevich and Yautsiukhin 2015). These attack mainly involve some type of psychological manipulation and fooling the employees. The tips to prevent attacks are-

The confidential information of the employee must never be provided to anyone.  The employee must never give their personal data credentials such as phone number or email address. These must be provided especially with unknown persons and suspicious sources.

If the employee receives an email which has the link of an unknown site, the mail must be avoided by the employee. The person must look at the Uniform Resource Locator (URL) and check whether it is suspicious. At times, the mail may seem to come from a known contact but still the employee must check the link for any phishing process involved in the mail. Before clicking on the mail, the misspells must b e checked such as @ signs and suspicious sub domains (Algarni et al.  2013).

While clicking on the links, the person must take care of the uninitiated automated downloads as it can be malware piggybacking on the individual’s system (Algarni and Xu  2013). Such activities must be reported immediately to the security manager of the organization.

The USB devices must be blocked in order to reduce the risk of Baiting. The process of Baiting is the digital equivalent of a real-world Trojan horse where the attempt is done by the attacker in order to temp the user with found or free physical media. The attacker relies on the curiosity of the greed of victim (Applegate 2013. If the victim plugs in the USB to the system, the victim is hacked that particular moment.  

The organization must run a ATE-AWARENESS, TRAINING and EDUCATION security concept for all the employees. The C-level employees of the organization are most prone of becoming the victim and thus they must be made aware about all the situations and the methods to deal with them.

2-factor authentication must be used by the organization in order to ensure the safety of data in the organization. Full care must be taken to protect the data as the theft of data can pose great harm to the organization.

 

Conclusion

From the above discussion, it can be concluded that social engineering attacks are increasing day by day in today’s era. The attack is based totally on the interaction of human and it indulges humans in breaking down the security measures. The act of social engineering can also be said as the con game.  The techniques involved in the procedure are appeal to vanity, appeal to legal greed and appeal to authority. There are many strategies, which the attacker adopts in order to manipulate peoples to get any type of confidential information. The information, which is given by the people willingly to the attacker is used for various illegal purposes. The data which the persons (criminals) doing these attacks are looking for may be different in each and every case. Whenever any person in particular is at target by the Social Engineering Criminals, then these criminals usually try to manipulate them into giving the passwords or the bank account details. The First step taken by the attackers in the process of social engineering is creating an environment suitable for the theft. A wide variety of ways are used by the social engineers to get the passwords and the data. First of all, the attacker starts looking for the information which ca be used to penetrate the organization. The attacker approaches the employee who is supposed to have all the information related to the company. Proper care must be taken by the organization in order to save its data and remain secure from the attacks.

 

References

Algarni, A. and Xu, Y., 2013. Social engineering in social networking sites: Phase-based and source-based models. International Journal of e-Education, e-Business, e-Management and e-Learning, 3(6), p.456.

Algarni, A., Xu, Y., Chan, T. and Tian, Y.C., 2013, December. Social engineering in social networking sites: Affect-based model. In Internet Technology and Secured Transactions (ICITST), 2013 8th International Conference for (pp. 508-515). IEEE.

Applegate, S.D., 2013. Social engineering: hacking the wetware!. Information Security Journal: A Global Perspective, 18(1), pp.40-46.

Beckers, K., Krautsevich, L. and Yautsiukhin, A., 2015. Analysis of social engineering threats with attack graphs. In Data privacy management, autonomous spontaneous security, and security assurance (pp. 216-232). Springer International Publishing.

Bierschenk, T., 2014. From the anthropology of development to the anthropology of global social engineering. Zeitschrift für Ethnologie, pp.73-97.

Bullée, J.W.H., Montoya, L., Pieters, W., Junger, M. and Hartel, P.H., 2015. The persuasion and security awareness experiment: reducing the success of social engineering attacks. Journal of experimental criminology, 11(1), pp.97-115.

Greitzer, F.L., Strozer, J.R., Cohen, S., Moore, A.P., Mundie, D. and Cowley, J., 2014, May. Analysis of unintentional insider threats deriving from social engineering exploits. In Security and Privacy Workshops (SPW), 2014 IEEE (pp. 236-250). IEEE.

Heartfield, R. and Loukas, G., 2016. A taxonomy of attacks and a survey of defence mechanisms for semantic social engineering attacks. ACM Computing Surveys (CSUR), 48(3), p.37.

Kearney, W.D. and Kruger, H.A., 2014, August. Considering the influence of human trust in practical social engineering exercises. In Information Security for South Africa (ISSA), 2014 (pp. 1-6). IEEE.

Krombholz, K., Hobel, H., Huber, M. and Weippl, E., 2013, November. Social engineering attacks on the knowledge worker. In Proceedings of the 6th International Conference on Security of Information and Networks (pp. 28-35). ACM.

Krombholz, K., Hobel, H., Huber, M. and Weippl, E., 2015. Advanced social engineering attacks. Journal of Information Security and applications, 22, pp.113-122.

Mouton, F., Malan, M.M., Leenen, L. and Venter, H.S., 2014, August. Social engineering attack framework. In Information Security for South Africa (ISSA), 2014 (pp. 1-9). IEEE.

Tetri, P. and Vuorinen, J., 2013. Dissecting social engineering. Behaviour & Information Technology, 32(10), pp.1014-1023.

Watson, G., Mason, A. and Ackroyd, R., 2014. Social engineering penetration testing: executing social engineering pen tests, assessments and defense. Syngress.

Download Sample

Get 100% money back after download, simply upload your unique content* of similar no. of pages or more. We verify your content and once successfully verified 100% value credited to your wallet within 7 days.

Upload Unique Document

Document Under Evaluation

Get Credits into Your Wallet

*The content must not be available online or in our existing Database to qualify as unique.

Cite This Work

To export a reference to this article please select a referencing stye below:

My Assignment Help. (2018). Cyber Security. Retrieved from https://myassignmenthelp.com/free-samples/cyber-security.

"Cyber Security." My Assignment Help, 2018, https://myassignmenthelp.com/free-samples/cyber-security.

My Assignment Help (2018) Cyber Security [Online]. Available from: https://myassignmenthelp.com/free-samples/cyber-security
[Accessed 13 July 2020].

My Assignment Help. 'Cyber Security' (My Assignment Help, 2018) <https://myassignmenthelp.com/free-samples/cyber-security> accessed 13 July 2020.

My Assignment Help. Cyber Security [Internet]. My Assignment Help. 2018 [cited 13 July 2020]. Available from: https://myassignmenthelp.com/free-samples/cyber-security.


MyAssignmenthelp.com is the perfect solution to render quality solution for all sort of academic issues. We have hired professionals from different fields of study to provide assistance with different subjects. We successfully have provided different types of assignment solutions on 100+ subjects. We have hired industry experts to deliver nursing assignment, hr assignment and finance assignment help. To offer quality content with IT assignments, we have hired IT professionals to render programming language assignment help and IT assignment help for other types of IT assignments as well.

Latest It Write Up Samples

ITC306 Project Preparation 2

Download : 0 | Pages : 8
  • Course Code: ITC306
  • University: Charles Sturt University
  • Country: Australia

Answer: Introduction Globex organization is looking forward to upgrade their network by cloud based network. Sharing of files, services of directory, running of desktop application, and others are possible through the common platform of cloud computing architecture which helps in speeding up the business operational working (Alonso, & et.al., 2013). Project steering committee has identified complexities associated with the current working...

Read More arrow Tags: Australia 7 Project Preparation Charles Sturt University 

HI5019 Strategic Information Systems For Business And Enterprise 3

Download : 0 | Pages : 18

Answer: Introduction  Cybersecurity issues can have a direct influence on both business sakes as well as on the reputation of the business (Chhetri, Canedo and Al Faruque 2016). There are numerous Information Systems (IS) which are deployed across commercial establishments to optimize their business operations (Perlroth, Scott and Frenkel 2017). The role of the accountants of the system development projects is very much crucial to mainta...

Read More arrow Tags: Australia Brisbane 7 Strategic Information Systems for Business and Enterprise Holmes Institute 

ICT710 ICT Professional Practice And Ethics

Download : 0 | Pages : 13

Answer: Introduction Information and communications technology or ICT could be referred to as the extension term form information technology, which majorly focuses on the role of different unified communication and overall integration of the telecommunication or telephone lines and wireless signals or computers (Dutta, Geiger and Lanvin 2015, p. 1). Large economic incentives are required for merging different telephone networks with the respe...

Read More arrow Tags: Australia Rochedale 7 ict profesional practice and ethics University of the Sunshine Coast 

BUS5WB Data Warehousing And Big Data 2

Download : 0 | Pages : 2
  • Course Code: BUS5WB
  • University: La Trobe University
  • Country: Australia

Answer: Agile Data Warehouse Development Creation of data warehouse is multi quarter, monolithic and large effort subject to waterfall process. In modern age, that is no longer norm as several organizations are selecting to adopt more iterative and flexible design approach. With needs of business changing faster as well as new businesses requiring to adapt as well as leverage the inputs rapidly and concisely. Agile development approach is the...

Read More arrow Tags: Australia Bundoora 7 Data Warehousing and Big Data La Trobe University 

ITECH7401 Leadership In IT Project Management

Download : 0 | Pages : 3
  • Course Code: ITECH7401
  • University: Federation University
  • Country: Australia

Answer: Budget Estimate and Financial Analysis The Return on Investment (ROI) is 125.10%, which is higher than the required ROI of twenty-five per cent. Thus, the report concludes that this project will be beneficial Port Fairy Caravan and Camping Park Pty Ltd. Year 0 1 2 3 Total Inflows (Income) 0 90000 130000 150000 370000 Outflows (Expenses) -90000 -2000...

Read More arrow Tags: Australia Riverwood 7 Leadership in IT Project Management Federation University 
Next
watch

Save Time & improve Grade

Just share Requriment and get customize Solution.

question
We will use e-mail only for:

arrow Communication regarding your orders

arrow To send you invoices, and other billing info

arrow To provide you with information of offers and other benefits

1,360,695

Orders

4.9/5

Overall Rating

5,081

Experts

Our Amazing Features

delivery

On Time Delivery

Our writers make sure that all orders are submitted, prior to the deadline.

work

Plagiarism Free Work

Using reliable plagiarism detection software, Turnitin.com.We only provide customized 100 percent original papers.

time

24 X 7 Live Help

Feel free to contact our assignment writing services any time via phone, email or live chat.

subject

Services For All Subjects

Our writers can provide you professional writing assistance on any subject at any level.

price

Best Price Guarantee

Our best price guarantee ensures that the features we offer cannot be matched by any of the competitors.

Our Experts

Assignment writing guide
student rating student rating student rating student rating student rating 5/5

2109 Order Completed

99% Response Time

Emma Zhong

Ph.D in Project Management with Specialization in Project Communications Management

Singapore, Singapore

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

285 Order Completed

99% Response Time

Eugene Baranowski

MBA in Supply Chain

London, United Kingdom

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

752 Order Completed

100% Response Time

Hugh Cleave

Masters in Human Resource Management (MMgt, HRM)

Wellington, New Zealand

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

154 Order Completed

97% Response Time

Harold Alderete

PhD in Economics

London, United Kingdom

Hire Me

FREE Tools

plagiarism

Plagiarism Checker

Get all your documents checked for plagiarism or duplicacy with us.

essay

Essay Typer

Get different kinds of essays typed in minutes with clicks.

edit

GPA Calculator

Calculate your semester grades and cumulative GPa with our GPA Calculator.

referencing

Chemical Equation Balancer

Balance any chemical equation in minutes just by entering the formula.

calculator

Word Counter & Page Calculator

Calculate the number of words and number of pages of all your academic documents.

Refer Just 5 Friends to Earn More than $2000

Check your estimated earning as per your ability

1

1

1

Your Approx Earning

Live Review

Our Mission Client Satisfaction

The paper was well written, although there some changes needed to be made , overall im satisfied.

flag

User Id: 438520 - 13 Jul 2020

Australia

student rating student rating student rating student rating student rating

It was a perfect work. Nice analysis and organized. I also appreciate that they were very fast.

flag

User Id: 341163 - 13 Jul 2020

Australia

student rating student rating student rating student rating student rating

THIS WAS HANDS DOWN THE BEST PAPER I\'VE EVER RECEIVED FROM A STAFF/TUTOR ON THIS SITE. IT WAS VERY WELL WRITTEN - GRAMMAR ERRORS WERE VERY MINOR & NOT NOTICEABLE. I DIDN\'T HAVE TO EDIT MUCH TO SUBMIT THE WORK. I DEFINITELY WOULD LOVE FOR THE PERSON...

flag

User Id: 234292 - 12 Jul 2020

Australia

student rating student rating student rating student rating student rating

Always fast and efficient. They seem to care about delivering good work to the students. My powerpoint was nice and well put. I will continue to use your services.

flag

User Id: 451381 - 12 Jul 2020

Australia

student rating student rating student rating student rating student rating
callback request mobile
Have any Query?