Contrary to popular belief, hacking is not all about finding loopholes in computer software that gives the attacker access to sensitive information. Vulnerabilities in human behavior and habits can be just as damaging to an organization’s security. Like the Greeks who used the Trojan Horse to get inside the walls of Troy, social engineers use human mistakes to bypass technological security measures. In this article, we describe ten of the most famous social engineering attacks of recent years.
2011: RSA SecurID
RSA’s SecurID tokens are designed to protect their users by providing two-factor authentication (2FA), making it impossible for attackers to breach their systems using only a stolen password. However, this technology only works if the 2FA technology is secure. In 2011, RSA fell prey to a famous phishing attack that compromised the security of their systems and cost the company $66 million.
The social engineering attack against RSA consisted of two different phishing emails. These emails claimed to describe the recruitment plan of another organization and contained an attached Microsoft Excel document. If an employee opened the Excel document, a zero-day Flash vulnerability was exploited and a backdoor was installed, allowing the attacker access to the system. While the exact information stolen by the attacker is unknown, it was significant enough that RSA believed it jeopardized the security of the RSA SecurID tokens, forcing the company to spend millions correcting the problem.
2013: Associated Press Twitter
The 2013 hack of the Associated Press Twitter account is notable for its immediate national impact. The attack began as a spearphishing email to Associated Press employees that appeared to come from other employees of the Associated Press. In actuality, the email came from the Syrian Electronic Army.
The email included a link to a phishing site where the employees entered login information (Read more...)
*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Chris Sienko. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/JnqBOs_i78Q/