Week 8 Summary

Social Engineering, Encoding, and Encryption

Social Engineering can be described as human psychological or behavioral technique that allows to gain trust of a targeted victim. For example, pretending to be an employee of an organization can reveal certain information leading to a data compromise if proper behavioral techniques are used. To avoid such issues, proper CIA triage controls as well as thorough training must be implemented and revisited to ensure users are aware of potential attacks, able to sense a common pattern in attacker’s behavior, and have knowledge of dealing in this situations.

Question for the class

Do you think Phycology Courses as part of human behavior training would stop Social Engineering attacks?

In the News

Hillary Clinton’s private email server, which stored some 55,000 pages of emails from her time as secretary of state, was the subject of attempted cyberattacks originating in China, South Korea and Germany after she left office in early 2013, according to a congressional document obtained by The Associated Press.

Server was located at Clinton’s house in NY between 2009 and 2013. IPS got installed by SECNAP company in October 2013, so before that time a server was most likely vulnerable. In Feb 2014, SECNAP found a malicious software originated from China was running on server.

New revelations underscore the extent to which any private email server is a target, raising further questions about Clinton’s decision to undertake sensitive government business over private email stored on a homemade system

FBI is still investigating this issue.

Read details at: http://abcnews.go.com/Technology/wireStory/clinton-subject-hack-attempts-china-korea-germany-34327812