Home » Research » About » IT vs OT | When Facing The Insider Threat | What Happend | Free Software vs Open Source | ask me |
· Priscilla Felicia Harmanus · 1993 from the Netherlands · Last update: 18 juli 2020
No one knows who I am yet and what kind
of content I produce. So why not focus a topic that
people are already searching for, right?
- insider threat tactics
Do you know the signs of suspicious activity? Find out. Recognizing and Dealing With Suspicious Behavior.
? The Signs Of Suspicious Activity - This is a new web page? Know your audience
∙ Know the starting point of an attack - ICS/SCADA IT/OT
∙ One man's trash is another man's identity. Dumpster diving can expose your information - Social engineering
∙ Grandma on linux invited for Gmail - insider threat tactics
Social engineering attacks take place on two levels: the physical and the psychological. First, we'll focus on the physical setting for these attacks: the workplace, the phone, your trash, and even on-line. In the workplace, the hacker can simply walk in the door, like in the movies, and pretend to be a maintenance worker or consultant who has access to the organization. Then the intruder struts through the office until he or she finds a few passwords lying around and emerges from the building with ample information to exploit the network from home later that night. Another technique to gain authentication information is to just stand there and watch an oblivious employee type in his password. According to Methods of Hacking: Social Engineering, a paper by Rick Nelson, the three parts of reverse social engineering attacks are sabotage, advertising, and assisting. The hacker sabotages a network, causing a problem arise. That hacker then advertises that he is the appropriate contact to fix the problem, and then, when he comes to fix the network problem, he requests certain bits of information from the employees and gets what he really came for. They never know it was a hacker, because their network problem goes away and everyone is happy.