Application Security

Q. Perform a search on the Web for articles and stories about social engineering attacks or reverse social engineering attacks. Find an attack that was successful and describe how it could have been prevented.

Social engineering, in the field of cyber-attacks and security systems being referred as psychological manipulation of people into performing actions or misuse of confidential information. It largely involves human interaction and manipulating people into breaking security procedures and company practices/rules in order to breach the security networks, computer system, obtain financial documents when not supposed. 

 

 

To discuss it at large, the recent social engineering attack I found where victim is the giant retail company in United States called Target corporation. Target is the 8th largest retailer company in North America. The incident happened at target’s point of sale systems in the year 2013. The result of incident has enabled hackers to gain access to a sum of 40million user credit and debit card information.  So, it is pretty huge. 

 

The incident happened because for target has given remote access to its network including payment (which should be secure and isolated from other networks) to its Air conditioning vendor Fazio mechanical services.  The hackers tried with phishing email that installed malware type of citadel Trojan on the victim’s machine, through which got access credentials to target network. And installed malware on target’s network which extracted the user payment information from the infected machine. 

 

 

So, from the above details target corporation was attacked by cyber attackers. Through one of the common method of attacking which is phishing. If we go back to what is phishing - phishing is a technique of fraudulently obtaining private information from a user by sending a fraudulent email or text which seems as original message from the bank or a credit card company or any service provider. The link contains a dark web link which then collects all the user info as input it and then uses it to gain access to victim’s accounts and cause financial or security issues.

The above phishing attack happened with Target corporation might have been successfully prevented if:

1. Target should have kept its payment network isolated and secured it with some extra authorization tokens.

2. Target should have its own cyber security team to tackle any breaches, or any security issues because gaining access to such huge data is time taking process, so they had enough time to retrieve it, which is only possible if the system is not under surveillance for any unusual activities. 

3. vendor should have had a security for all its employees access to its customer’s database.

4. More scrutiny before allotting contracts to any third-party vendor.

5. Give access to only for what is needed, in this case for vendor who is to support AC absolutely doesn’t need access to payment systems.

Reference :

I. Ghafir, V. Prenosil, A. Alhejailan and M. Hammoudeh, "Social Engineering Attack Strategies and Defence Approaches," 2016 IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud), Vienna, 2016, pp. 145-149. doi: 10.1109/FiCloud.2016.28

Mann, Ian. (2008). Hacking the Human: Social Engineering Techniques and Security Countermeasures Published by Gower Publishing Ltd. ISBN 0-566-08773-1