Forum for Science, Industry and Business

Sponsored by:     3M 
Search our Site:

 

How we are tricked into into giving away our personal information

15.01.2009
We human beings don’t always do as we have been taught, and organizations are poorly prepared for IT security attacks that target human weaknesses.

Since it is difficult to change people’s behavior, it doesn’t help to provide training about how to behave securely. This is shown by Marcus Nohlberg in his dissertation at Stockholm University in Sweden in which he studied attacks that are called social engineering in IT contexts.

The concept of social engineering refers to the art of using social codes and knowledge of human behavior to get us to provide information or do things we should not do. A topical example happened very recently in Sweden, where people received calls from a person who purported to represent the IT office at their bank and asked them to identify themselves using their personal bank encoders. The attacker then used these codes to steal money from the victims’ accounts.

“I predicted a couple of years ago that this kind of attack would become common, especially account fraud,” says Marcus Nohlberg.

Despite the serious consequences, with many successful fraud attempts, this technique has received little attention among researchers. Marcus Nohlberg’s research has led to enhanced knowledge about what methods attackers use and what it is that makes people and organizations so vulnerable. Somewhat depressingly, Marcus Nohlberg’s research shows that information and training do not work as well as we think:

“There will always be a small group of people who do not do as they were taught. What’s more, it’s all too seldom that people undergo training in security issues in general. To change behavior, this is something that needs to be worked with constantly. The best thing is practical training, and it’s probable that organizations will need to start running internal checks where they in fact create fictitious attacks in order to identify weaknesses,” says Marcus Nohlberg.

Social engineering as a method of fraud is costly for the attacker since it requires commitment and time. However, software and technologies already exist that can interact with other people automatically:

“You can easily imagine how serious it will be when such programs target victims via digital forums like Facebook in the future. When it becomes just as simple as spreading spam, this will present a major threat to social activities on the Internet.”

In his research, Marcus Nohlberg presents a description of fraud crimes from the perspectives of victims, perpetrators, and defenders, but he also offers suggested measures for preventing attacks, based on his own experiences from controlled attacks.

Title of dissertation: Securing Information Assets -- Understanding, Measuring and Protecting against Social Engineering Attacks.

Maria Erlandsson | alfa
Further information:
http://www.su.se

More articles from Social Sciences:

nachricht Sibling differences: Later-borns choose less prestigious programs at university
14.11.2017 | Max-Planck-Institut für demografische Forschung

nachricht Visual intelligence is not the same as IQ
09.11.2017 | Vanderbilt University

All articles from Social Sciences >>>

The most recent press releases about innovation >>>

Die letzten 5 Focus-News des innovations-reports im Überblick:

Im Focus: First-of-its-kind chemical oscillator offers new level of molecular control

DNA molecules that follow specific instructions could offer more precise molecular control of synthetic chemical systems, a discovery that opens the door for engineers to create molecular machines with new and complex behaviors.

Researchers have created chemical amplifiers and a chemical oscillator using a systematic method that has the potential to embed sophisticated circuit...

Im Focus: Long-lived storage of a photonic qubit for worldwide teleportation

MPQ scientists achieve long storage times for photonic quantum bits which break the lower bound for direct teleportation in a global quantum network.

Concerning the development of quantum memories for the realization of global quantum networks, scientists of the Quantum Dynamics Division led by Professor...

Im Focus: Electromagnetic water cloak eliminates drag and wake

Detailed calculations show water cloaks are feasible with today's technology

Researchers have developed a water cloaking concept based on electromagnetic forces that could eliminate an object's wake, greatly reducing its drag while...

Im Focus: Scientists channel graphene to understand filtration and ion transport into cells

Tiny pores at a cell's entryway act as miniature bouncers, letting in some electrically charged atoms--ions--but blocking others. Operating as exquisitely sensitive filters, these "ion channels" play a critical role in biological functions such as muscle contraction and the firing of brain cells.

To rapidly transport the right ions through the cell membrane, the tiny channels rely on a complex interplay between the ions and surrounding molecules,...

Im Focus: Towards data storage at the single molecule level

The miniaturization of the current technology of storage media is hindered by fundamental limits of quantum mechanics. A new approach consists in using so-called spin-crossover molecules as the smallest possible storage unit. Similar to normal hard drives, these special molecules can save information via their magnetic state. A research team from Kiel University has now managed to successfully place a new class of spin-crossover molecules onto a surface and to improve the molecule’s storage capacity. The storage density of conventional hard drives could therefore theoretically be increased by more than one hundred fold. The study has been published in the scientific journal Nano Letters.

Over the past few years, the building blocks of storage media have gotten ever smaller. But further miniaturization of the current technology is hindered by...

All Focus news of the innovation-report >>>

Anzeige

Anzeige

Event News

See, understand and experience the work of the future

11.12.2017 | Event News

Innovative strategies to tackle parasitic worms

08.12.2017 | Event News

AKL’18: The opportunities and challenges of digitalization in the laser industry

07.12.2017 | Event News

 
Latest News

Engineers program tiny robots to move, think like insects

15.12.2017 | Power and Electrical Engineering

One in 5 materials chemistry papers may be wrong, study suggests

15.12.2017 | Materials Sciences

New antbird species discovered in Peru by LSU ornithologists

15.12.2017 | Life Sciences

VideoLinks
B2B-VideoLinks
More VideoLinks >>>