D2.1 The role of SE in the evolution of attacks.pdf (5.15 MB)
D2.1 The role of SE in the evolution of attacks.pdf
The problem of Social Engineering (SE) is evolving since few years at an incredible pace. What, till the end of the past century, was an advanced, but niche, way of attacking specific systems, is nowadays mainstream in cybercrime and terrorism. The complexity level of attacks that are actively exploiting the human element is incredibly high and often the exploitation of the human element is the enabler element for the following technological part1. However, also SE evolves and today we are talking of SE 2.0 vs old-school SE.
The old-school SE is an adaptation of the ageless art of deception to the modern communication media (e.g., mainly phone and early use of email, beside physical intrusions), where the level of personal talent involved and effort required, limited this type of attacks to the capabilities of few famous attackers, who were concentrated on valuable targets. Hence, traditionally the Information Security considers the “human factor” a potential threat only in those systems requiring «SECURITY-IN-DEPTH», because for these situations any possible threat, also the less common one, is evaluated up to the innermost levels.
The reason behind such evolution is the utter increasing relevance of the Targeted Attacks (TAs) as also reported by all nowadays attacks' statistics. TAs are the most popular and most widely used in today’s attack strategy, also for SMEs. TAs are a type of attack which takes advantages of a complex Human Attack Vector combined with a technological exploit mixed into a unique targeted and specialized ad-hoc attack which exploits (deceives) both the humans and the IT systems. Targeted Attacks are often confused with APTs (Advanced Persistent Threats), but even though they share the techniques, they do not have the same intent (TA are usually not driven by government agencies).
Modern SE includes and extends the former SE concepts into a wider vision. Probably the cornerstone that splits between old-school and modern SE is the possibility to exploit the SE techniques on a larger scale, using automated attacks on a potentially large number of victims.
The transition from old school to modern SE was triggered by the large amount of machine-readable data that is freely available today. This trend has been exponentially strengthened by the advent of Social Networks and the new social trends of information sharing. Another important aspect was also the involvement, in the planning of the attacks, of competences for never previously seen in the cybercrime world, required to better understand how to “exploit the humans”. Competences such as psychologists, marketing experts and in general all the human sciences are becoming requested by the Organized Crime Groups (OCG).
The aim of this document is to present the evolution of modern social engineering and to discuss its relationship with modern cybercrime and cyberterrorism trends. The aim of the document is to be a funding document for the whole project, giving a clear and complete view of the Social Engineering influence on modern cybercrime tactics, technologies and trends.
The old-school SE is an adaptation of the ageless art of deception to the modern communication media (e.g., mainly phone and early use of email, beside physical intrusions), where the level of personal talent involved and effort required, limited this type of attacks to the capabilities of few famous attackers, who were concentrated on valuable targets. Hence, traditionally the Information Security considers the “human factor” a potential threat only in those systems requiring «SECURITY-IN-DEPTH», because for these situations any possible threat, also the less common one, is evaluated up to the innermost levels.
The reason behind such evolution is the utter increasing relevance of the Targeted Attacks (TAs) as also reported by all nowadays attacks' statistics. TAs are the most popular and most widely used in today’s attack strategy, also for SMEs. TAs are a type of attack which takes advantages of a complex Human Attack Vector combined with a technological exploit mixed into a unique targeted and specialized ad-hoc attack which exploits (deceives) both the humans and the IT systems. Targeted Attacks are often confused with APTs (Advanced Persistent Threats), but even though they share the techniques, they do not have the same intent (TA are usually not driven by government agencies).
Modern SE includes and extends the former SE concepts into a wider vision. Probably the cornerstone that splits between old-school and modern SE is the possibility to exploit the SE techniques on a larger scale, using automated attacks on a potentially large number of victims.
The transition from old school to modern SE was triggered by the large amount of machine-readable data that is freely available today. This trend has been exponentially strengthened by the advent of Social Networks and the new social trends of information sharing. Another important aspect was also the involvement, in the planning of the attacks, of competences for never previously seen in the cybercrime world, required to better understand how to “exploit the humans”. Competences such as psychologists, marketing experts and in general all the human sciences are becoming requested by the Organized Crime Groups (OCG).
The aim of this document is to present the evolution of modern social engineering and to discuss its relationship with modern cybercrime and cyberterrorism trends. The aim of the document is to be a funding document for the whole project, giving a clear and complete view of the Social Engineering influence on modern cybercrime tactics, technologies and trends.
Funding
Domain-Specific Incident Response for Cybersecurity Attacks Tailored to the Oil & Gas Industry for H2020-DS-2014-1 Topic DS-06-2014 Risk Mbt
The Research Council of Norway
Find out more...