StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Social Engineering Attacks and Counter Intelligence - Case Study Example

Cite this document
Summary
The paper "Social Engineering Attacks and Counter Intelligence" discusses that a relatively large number of various suspicious events tend to occur within most computer systems and enterprise networks nearly every day and successfully manage to go undetected…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER91.6% of users find it useful
Social Engineering Attacks and Counter Intelligence
Read Text Preview

Extract of sample "Social Engineering Attacks and Counter Intelligence"

? Social Engineering Attacks and Counter Intelligence What is Social Engineering? Social engineering is seen to essentially describe the non-technical intrusion that is seen to primarily rely on human interaction with the prime objective of essentially ticking other persons to break the established normal security procedures and provide them with either the confidential information its self or access to it (Mann, 2010). To achieve their objectives, social engineers run con games on other individuals by relying on these people’s weaknesses and natural helpfulness. Social engineering is seen to comprise of a collection of various techniques and tools that are seen to range from psychology, ethical hacking and negotiation. Social engineering is seen to mostly rely on people’s innate inability to effectively keep up with the current culture that heavily relies on information technology, this essentially refers to the fact that most persons happen to not be well aware of the actual value of the information that they happen to possess and are therefore rather careless about its protection (Rouse, 2006). It is not uncommon for most social engineers to try and search dumpsters in a bid to try and obtain valuable information, engage in the memorizing of access codes by essentially looking over someone else’s shoulder in a technique that is commonly referred to as shoulder surfing, or taking full advantage of people’s natural inclination to constantly choose passwords that happen to be meaningful to them and can be easily guessed (Rouse, 2006). Most Security experts have taken to proposing that as the modern day culture continues to become ever more dependent on information, it is increasingly evident that social engineering will ultimately remain as the greatest threat to any possible security system. What is Counterintelligence? According to Hawkins (1997), counterintelligence has actually been around for as long as espionage has been. Traditionally, counterintelligence has mainly been thought of only in the context of solely attempting to counter human espionage efforts. However, modern counterintelligence is designed to be a multi-disciplinary effort and can be defined as being the detection and effective neutralization of the activities and opportunities of a given competitor with the sole objective of gaining proprietary advantage over a certain given organization by using a raft of unethical and illegal methods. Competitors can be identified as being anything from a local or foreign business enterprise or individual to a foreign government. Hawkins further notes that, over the past ten years, counterintelligence has been redefined by the United States federal government to counter more than the threat from human intelligence to now include imagery and signal intelligence collection. The Potential Implications of Social Engineering and Counter Intelligence in respect to the Leaked Iraq War Logs and Afghan War Diary It is probable that social engineering was primarily used to trick Bradley Manning who is the 22 year old U.S Army Intelligence analysis suspected of leaking an approximated over 700,000 secret government documents to the Wikileaks website. As such, it is seen that Manning may have been tricked into going beyond his already established user rights into divulging this information. The Wikileaks website owner Julian Assange is however seen to refuse to divulge exactly who it was that provided him with the leaked documents. To this end, it is seen that the United States counterintelligence efforts happened to experience a serious lapse in that such important and classified information could be copied and sent to an outside source unofficially. As a result of social engineering and inefficient counterintelligence efforts, the United States military is now seen to be exposed as the Pentagon claims that it is aware that a number of various terrorist organizations are currently actively engaged in mining the leaked Afghan War Diary documents in an effort to try and obtain information that they can be able to use against the United States military. Concerns are now being raised that the Iraq War Logs which are four times as large as the Afghan War Diary documents essentially put the United States military in more danger as they contain more information pertaining to the military’s operations. The sensitive information contained in these documents is also feared to disclose information on some of the individuals in Iraq and Afghanistan that happened to collaborate with the military which puts these individuals in danger of attacks by armed groups such as the Al Qaeda and supporters of the ousted Iraq ruler Saddam Hussein. The Importance of Forming a Sound Information Security Workforce According to Vacca (2013), people arguably form the weakest element in the formula that is used in securing an organization’s or country’s networks and security systems. As compared to the technology factor, the people factor is a critical factor that is often seen to commonly be overlooked in the security question. It is important to ensure that an organization or country forms a sound information security workforce if its overall objectives and goals are to eventually be realized. Targeting the right individuals and providing them with the right information aids in the development of an effective information security programs within an organization or country. It also aids in the prevention of incidents of information leakage (Vacca, 2013). Challenges Experienced in Establishing a Sound Information Security Workforce There are a number of key challenges that are associated with setting up a sound information security workforce. Some of these include that most of the more experienced information security personnel happen to have reached retirement age and this is seen to leave a much needed gap in security, these more experienced personnel would have been able to provide guidance and stopped incidents such as those experienced in the Iraq War Logs and Afghan War Dairy leaks. Carey (2006), points out that most of the current younger crop of information security experts are not looking for career security and long-term employment opportunities as they are focused on trying to obtain new experiences and challenges. They are also seen to expect to be furnished with the newer technologies so as to be able to be productive and perform well in their jobs. It is important for the United States government agencies to formulate new programs and policies that will serve to attract the younger employees. The Influence of Release on Wikileaks of the Iraq War Logs and the Afghan War Diary Documents on Risk Management Procedures and Security Policies Some of the more probable effects of the release of the Iraq and Afghan documents on Wikileaks on the security policies and risk management procedures include the creation of new strict security procedures and the formulation of new risk management policies designed to facilitate legal or disciplinary action against those persons that might happen to fail to comply with their established information security obligations. The leakage will also lead to the improvement of the effectiveness of the various information security controls through measures such as the implementation of a number of new, acceptable and cost-effective controls. There will also be a redesigning or retirement of some of the more ineffective controls. Probable Methods that can be used to Effectively Thwart this Type of Intelligence Leak in Future and why they would be Effective Employee Training Programs: It is possible to use employee training programs to help in educating employees and sensitive them on the dangers of social engineering and the intense effects of intelligence leaks. According to Vacca (2013), security employee training and awareness programs happen to be a crucial component of information security programs and can act as the vehicle via which organizations and countries can be able to disseminate security information to their workforce. Providing information and training to employees can help in effectively guarding against document leaks. Enhancement of Security Monitoring and Effectiveness: A relatively large number of various suspicious events tend to occur within most computer systems and enterprise networks nearly every day and successfully manage to go undetected. However, with the implementation of a security monitoring strategy, an appropriate incident response plan, and effective security metrics and validation, it is possible for governments and organizations to achieve optimal security levels. It is important to build intelligence into security tool so that these tools will serve to alert the users in the event that a bad set of events happen to occur or a given vulnerability happens to be under attack (Vacca, 2013). As such, this can result in preventing leakage of information and some of the possible social engineering attempts. References Mann, I. (2010). Hacking the Human: Social Engineering Techniques and Security Countermeasures. Gower Publishing, Ltd. Rouse, M. (2006). social engineering. Retrived on Oct 31, 2013 from http://searchsecurity.techtarget.com/definition/social-engineering. Hawkins, G. (1997). Protecting critical information & technology : fourth national operations security conference. [S.l.] : Diane Pub Co. Vacca, R. J. (2013). Computer and information security handbook. Amsterdam : Morgan Kaufmann Publishers is an imprint of Elsevier. Carey, A. (2006). 2006 Global Information Security Workforce Study: A Special U.S. Government Perspective. Retrived on Oct 31, 2013 from https://www.isc2.org/uploadedFiles/Industry_Resources/wfs_gov.pdf. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Social Engineering Attacks and Counterintelligence Case Study”, n.d.)
Social Engineering Attacks and Counterintelligence Case Study. Retrieved from https://studentshare.org/information-technology/1489984-social-engineering-attacks-and-counterintelligence
(Social Engineering Attacks and Counterintelligence Case Study)
Social Engineering Attacks and Counterintelligence Case Study. https://studentshare.org/information-technology/1489984-social-engineering-attacks-and-counterintelligence.
“Social Engineering Attacks and Counterintelligence Case Study”, n.d. https://studentshare.org/information-technology/1489984-social-engineering-attacks-and-counterintelligence.
  • Cited: 0 times

CHECK THESE SAMPLES OF Social Engineering Attacks and Counter Intelligence

Potential Security Threats and Challenges for Hybrid Cloud Solution

However, both make use of certain tactics in particular e-mail spoofing and Distributed Denial of Service attacks on corporations with the intention of damaging the corporation's public image, such as cracking techniques used for defacing Web sites.... Nature of Internet Activists ...
13 Pages (3250 words) Coursework

How to Save Organisations from Hackers

Nevertheless, the initial role of social engineering in these attacks is core and cannot be overlooked due to the technologies used.... social engineering is hackers' equivalent of a con or a trick, which makes the target people or systems think someone, something, or an action, is safe, trustworthy, and familiar while in reality, it is not (Kiountouzis & Kokolakis, 2011).... The most common of social engineering con tricks often involve the hacker sending an e-mail to the target person or system....
26 Pages (6500 words) Report

Counter Terrorism Strategy and Plans for Japan

This paper ''counter Terrorism Strategy and Plans for Japan'' tells us that terrorism is considered to be a very old threat to established societies, most frequently it emerges from groups with political agendas like the IRA or individuals whose motives lie in creating violence against the societies in which they live.... This paper primarily deals with the counter-terrorism strategies and action plans for Japan in the current context and also for the future....
8 Pages (2000 words) Essay

Social Engineering Attacks and Counterintelligence

social engineering attacks and Counterintelligence (University) social engineering attacks and Counterintelligence Introduction With the growth in technology, the world of crime has kept pace too.... counter intelligence To a layman, counterintelligence would mean the opposite of intelligence seen from the security angle.... social engineering This term is used both in sociology and security.... “social engineering is defined as the process of deceiving people into giving away access or confidential information” (social engineering Defined)....
5 Pages (1250 words) Essay

Discuss some of the treats that Cyberterrorism pose. How can cyberattacks be prevented

They utilize the internet to share novel methods to employ in their future attacks and other important information.... Terrorists have created their own intelligence networks through the internet; and the expenditure incurred by them, in gathering intelligence is negligible, in comparison to the amount spent by most nations for collecting intelligence....
11 Pages (2750 words) Essay

Computer Attacks and Their Counter Measures

The paper "Computer attacks and Their Counter Measures" describes that to be able to mitigate the issues presented by the hacking of a wireless network, it would be necessary to use all the accessible tools in the router.... In-built intelligence processes being infused with only contaminated traffic packets that would guarantee minimum scaling costs and maximum reliance.... Some of these attacks are passive, in that there is the monitoring of the information, while others can be termed as active implying that the data within the system is manipulated with the intent to destroy or corrupt the network or data itself....
6 Pages (1500 words) Essay

Proposing a Solution

It incorporates all intentional attacks targeted at.... For instance, the cyber attacks directed at the credit transaction service would see the data transactions of the e-commerce system altered into the vast banking systems.... This in effect Notably, cyber attacks do have the potential to create an extreme economic damage as well as, social impact that are disproportionally costly to the nation or organization at risk.... he advent of the security challenges created another aspect of terror, an establishment that many nations are yet to consider as a possible channel for terror attacks....
6 Pages (1500 words) Essay

Mitigating Cyber-Attacks by Destructively Counter-Striking against Attackers

The objective of this paper "Mitigating Cyber-Attacks by Destructively counter-Striking against Attackers" is to demonstrate why private companies and governments can mitigate a cyber-attack by destructively counter-striking against attackers.... The mitigative counter-strikes should entail liability rules for protecting third parties in case the process of hacking back harms a different party rather than the targeted attacker.... This study will also demonstrate why counter-strike is a proactive policy for helping insulate critical services from damage and mitigate harm from potential attacks....
10 Pages (2500 words) Literature review
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us