Feeds

Social engineering - where the user is the weakest link

Human nature causes security holes

  • alert
  • submit to reddit

Beginner's guide to SSL certificates

Anyone who has been hit by a computer virus will be doubly wary of unexpected emails in the future that may contain viruses. So why do people still keep clicking on attachments? However much security technology a company deploys, human nature will always be the weakest link in the chain.

With the problem of spam growing daily, accounting for around 90 per cent of email traffic in the US by some estimates, companies are fighting an uphill battle to purge spam from their networks. But what is spam to one user is a legitimate communication to another. For example, a low-price mortgage offer might be just what one user had been waiting for, whereas another will find this an unwanted intrusion.

Many vendors offer technology that looks at emails to see if they contain code associated with known attacks and will block these from entering the system. However, many companies have a policy of quarantining suspicious emails so that users can decide for themselves whether or not to open them.

This situation grows worse considering that most of us have private email accounts and a great many people work at least some of the time from home, often connecting directly to the internet, bypassing the security controls put in place by companies. This leads to the phenomenon of walk-in worms, where viruses are picked up on unprotected computers and propagate rapidly when they are reconnected to the corporate network.

With the security technologies that are available today, this sounds like a problem that companies should be on top of. But they are fighting a tough battle as the number and type of communications devices, such as instant messaging systems and wireless networks, expands, increasing the number of ways that users can be targeted.

Technology is not enough. For security technologies to be effective, users must be trained as to what the dangers are and what standard of behaviour is expected from them. For example, strict sanctions should be applied to individuals who bypass security controls by plugging their computer modems directly into a network connection or to those who store their account names and passwords in clear text on their computer or on a note left next to the computer.

Most people today would realise that such behaviour would leave them vulnerable to attack, but hackers are adept at finding new vulnerabilities in human nature. This is what people call social engineering and it is nothing new. People have long tried to con unsuspecting members of the public into giving away personal information that can be used to steal their identity. But the widespread use of computers ups the ante. This is something that can be seen in the exponential rise in identity theft, where computer users are tricked into giving away personal information via emails or spoofed web sites, as well as the number of people tricked into opening email attachments from messages that appear to be interesting and relevant to them.

Deploying security technology is a good start, but hackers are becoming increasingly sophisticated in the way that they target users and virus writers are focusing their efforts on designing messages so that they appear to be relevant and from trusted sources. For example, they are starting to use more benign attachment types, such as the recent virus that was contained in JPEG files. Many users are used to receiving images in email messages from their friends and colleagues and will not think twice about opening up such attachments. Increasingly they are spoofing email addresses to make them appear to come from a trusted source, such as from their ISP.

Technology vendors are bringing out increasingly sophisticated solutions, but hackers and virus writers are staying one step ahead in their efforts to con users. This is something that will not go away any time soon, with social engineering predicted to be one of the most important and fast growing trends over the next few years. In order to prevent the problem growing, users need to be educated about the value of the information contained in computer networks, the measures they should take to protect it from being compromised and of how social engineers operate.

Copyright © 2004, IT-Analysis.com

Related stories

Yahoo! - the thinking corporate's email solution
Fraudsters recruit phishing middlemen
Sober worm speaks with forked tongue

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
Oi, Europe! Tell US feds to GTFO of our servers, say Microsoft and pals
By writing a really angry letter about how it's harming our cloud business, ta
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
5 critical considerations for enterprise cloud backup
Key considerations when evaluating cloud backup solutions to ensure adequate protection security and availability of enterprise data.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Managing SSL certificates with ease
The lack of operational efficiencies and compliance pitfalls associated with poor SSL certificate management, and how the right SSL certificate management tool can help.