As cybersecurity measures and training makes advances, online hazards evolve along with them to continue penetrating newer and better systems of defense. One of these new aspects of cybersecurity are social engineering cyberattacks, which take phishing avenues but give them a more sophisticated and individualized approach to increase their likelihood of success. Organizations have to prepare for this and train their employees to prevent compromise of their systems.
What is social engineering?
Social engineering is, according to the European Union Agency for Cybersecurity (ENISA), an approach that uses psychological manipulation to try and either gain access to protected systems or trick individuals into divulging sensitive information. In the case of the former, this can take the form of phishing attacks (in this case known more specifically as spear phishing) – but can also be done in the form of telephone calls or other forms of contact. The ENISA outlines several different kinds of malicious social engineering:
This technique the use of a pretext – a false justification for a specific course of action – to gain trust and trick the victim. Proper identification and authentication processes, policies and trainings should be in place to circumvent such attacks, which generally rely on impersonating a trusted figure.
Baiting involves luring the victim into performing a specific task by providing easy access to something the victim wants. Baiting with infected USB drives or SD cards is relatively common, for example. The most crucial way to prevent successful baiting is via an air gap and the blocking of non-authorized software and hardware, but as with all social engineering the most key aspect of prevention is educating employees on threats and how to think critically about risk.
Quid pro quo
Quid Pro Quo, “something for something” in Latin, involves a request for information in exchange for a compensation. The example given is that the attacker asks the victim’s password claiming to be a researcher doing an experiment, in exchange for money.
Cybersecurity, social engineering and how they interact
One of the core issues with social engineering is the ease at which surface level information becomes available. A cursory look at a company LinkedIn page, for example, will give you an initial roster of employees and their respective roles. In the case of smaller firms, this will be enough to guess at an org chart and send personalized spear phishing attempts using your name and manager’s name – immediately boosting likelihood of success.
The cure for this is repeated training for employees and setting out clear rules for how certain tasks are achieved. The success of social engineering attacks is entirely reliant on building trust and rapport between the attacker and victim, or impersonating someone the victim already has established trust with. The best way to prevent this is by setting up orders of operations that make it clear when a seemingly trusted request is out of pattern and requires more scrutiny.
However, sometimes this is not good enough and an attack will get through. In this case, it becomes imperative that your organization has a set of good backup plans for how to prevent the attack from passing through and hitting multiple layers of protected systems. A good first step is insuring you have so-called air gaps between your individual systems – but also that your data is preserved in an archive and backup.
Protect your data through archiving
While a good set of preventative measures and a disaster mitigation plan can help, a disaster recovery plan is the next required step to get your organization back on their feet. Even if the breach has been isolated, restoring access to any compromised, corrupted or deleted data is going to be a top priority.
With our contentACCESS Archive and Backup, you don’t have to wait! With your data placed in our archive and backup unified solution, you have constant access through our Outlook and Teams plug-ins, our mobile apps, and our online web access, without requiring a time exhaustive full restore of your data.
With our team’s help, ensure that your organization is backstopped in the case of your preventative measures being breached. Leverage our combined decades of archiving and cybersecurity experiences to improve and bring your systems into the future. If you’re interested in learning more, contact us and schedule a meeting where our experts can show you our solutions and discuss how best they can meet your needs.
Take the best steps to protect your data – with TECH-ARROW.
Archive all your O365 data with contentACCESS