Tuesday 14 August 2012

Shut Up and Be Secure - Power of Social Engineering


Human is the most weakest part of the Information Security chain. Psychologists have identified many benefits people receive when they help others. Helping can make us feel empowered. It can get us out of a bad mood. It can make us feel good about ourselves.Hackers find many ways of taking advantage of our inclination to be helpful.

Because Hackers often target people who don’t know the value of the information they are giving away, the help may be seen as carrying little cost to the helper. Most of Humans tend to explain their behavior and of others, while doing this we give away alot of information about us.

Security is too often merely an illusion, an illusion sometimes made even worse when gullibility, naivety, or ignorance come into play. The world’s most respected scientist of the twentieth century, Albert Einstein, is quoted as saying, “Only two things are infinite, the universe and human stupidity, and I’m not sure about the former.” In the end, socialengineering attacks can succeed when people are stupid or, more commonly, simply ignorant about good security practices.

With the same attitude as our security-conscious homeowner, many information technology(IT) professionals hold to the misconception that they’ve made their companies largely immune to attack because they’ve deployed standard security products – firewallsintrusion detection systems, or stronger authentication devices such as time-based tokens or biometricsmart cards.

Anyone who thinks that security products alone offer true security is settling for. the illusion of security. It’s a case of living in a world of fantasy: They will inevitably, later if not sooner, suffer a security incident.

No comments:

Post a Comment