Network Midlands

What is social engineering?

What is social engineering?

We’re constantly hearing the term “Social Engineering” in relation to cybersecurity and cyber-attacks, but what is social engineering?

Lexico’s Oxford English dictionary defines it as:

The use of centralized planning in an attempt to manage social change and regulate the future development and behaviour of a society

(in the context of information security) the use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes.

Lexico

TechTarget’s Security Search defines it as:

… an attack vector that relies heavily on human interaction and often involves manipulating people into breaking normal security procedures and best practices in order to gain access to systems, networks or physical locations, or for financial gain.

TechTarget Search Security

I particularly like

The clever manipulation of the natural human tendency to trust
From Information Security 201

First documented account of social engineering?

Perhaps the first recorded account of social engineering is in the Hebraic creation story, where Adam and Eve were told by God not to eat the fruit of a certain tree. The devil, in the guise of a snake, persuaded Eve to eat the fruit, and then used her to get Adam to also eat the fruit. Read the full story in Genesis chapter 3 of the bible.

The snake starts by questioning what God said to Eve, raising doubt in her mind. It then told a bold lie – the opposite of what Eve had been told. Finally, it twisted the truth, appealing to Eve’s fear of missing out

Eve tempted by the serpent to eat the apple

Eve in the garden of Eden

  • Did God really say…
  • You will not die
  • You will be like God
  • Missing out on something good

Another famous example, this time from Greek Myth, is the story of the Trojan Horse

Trojan Horse
  • Odysseus built a wooden horse
  • Persuaded the Trojans that it was a gift from Athena
  • Actually contained soldiers
  • Taken into Troy where the soldiers then attacked

Which is where we get the concept of Trojan software from.

In future blog posts, I will look at different types of social engineering attacks, why we are vulnerable to them and some ways we can detect and prevent them. Next up “What is phishing?

Do you want to learn more?

Network Midlands runs seminars to help you detect and defeat social engineering attacks. Find out more at “The Art of Deception“.

Summary
What is social engineering?
Article Name
What is social engineering?
Description
We're constantly hearing the term "Social Engineering" in relation to cybersecurity and cyber-attacks, but what is social engineering?
Author
Publisher Name
Network Midlands Ltd
Publisher Logo
Share

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.