Academic journal article Informatica Economica

Social Engineering a General Approach

Academic journal article Informatica Economica

Social Engineering a General Approach

Article excerpt

1 Social Engineering

The society of 21st century has been defined as being based primarily on knowledge. Furthermore it has been founded on the exchange of data between all fields of activity. Nowadays, the amount of information held is directly proportional to the power that an individual can have on others; therefore, a very important aspect is not only acquiring but also protecting it from potential attacks. The emergence of numerous systems and protection mechanisms seemed to have solved the security problems. However, it has been discovered that the crucial element as remained the individual and not the machine, that installing the latest applications does not guarantee a complete protection of the system as it is not necessary to force it to infiltrate yourself, it is easier to get the information needed using persuasion or goodwill. Social engineering is a set of methods by which an individual or group of individuals are manipulated to provide access to certain information or to print a certain behaviour

2 Social Engineering from a Non- Technological Point of View

Social engineering represents a set of methods through which an individual or a group of individuals are manipulated into providing access to certain information or used to induce certain behaviour. [1]

In order to avoid technical security measures set to prevent attackers from breaking into systems, they have developed various procedures to bypass the software or hardware elements utilized. Social engineering is based on using psychological stratagems on system's users, thereby obtaining important data, such as usernames, passwords, security codes, access codes, credit card numbers and additional information for immediate benefits or ulterior ones. [2]

Under the conditions listed above, plus given the fact that despite the automation of the machines and networks, nowadays, there is not a single computerized system that does not depend on human factor; social engineering is a hot topic in modern society. There will always be people responsible for providing information and maintenance of the systems. However social engineering has existed since the beginning of all times and this due to people's predilection to be polite, to help each other and trust each other. It is in human nature [3]. This technique takes advantage of the intrinsic nature of mankind to manipulate others and obtain sensitive information. In fact, most people who disclose data are aware of that, but they often believe that the information provided is not essential. The goal of social engineers, however, is to join pieces of information gathered from various sources.

As for non-technological view, social engineering overlaps to some extent with the policy above all as a social science. Its development made possible the gathering and analysis of information about social attitudes and trends, as it is necessary to establish the initial state of a society and to predict the effects of decisions that might be taken. Social engineering, however, arose from the beginning of all time. "The fall into sin" of the first two people would not have been possible without the serpent using its power of persuasion on Eve and Eve on Adam. Amenhotep III, himself, during Egypt's perhaps most prosperous period has managed with his skills as a diplomat to impose and maintain power on today's Syria and Palestine, without the need of military control. Even the Greeks used their social skills in order to obtain their goals; see the well-known story of the Trojan horse built under the command of Ulysses, but brought in city by the Trojans themselves. The importance of persuasion and "deception" has been described by Sun Tzu in the "Art of War", stating that it is very important to simulate failure and passivity when you are active, forcing the enemy to perceive weaknesses and strengths and contrariwise. [4]. In 1979, Kevin Mitnick introduced a new concept related to the art of persuasion, by taking into consideration the technical aspects of this science. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.