As anti-malware software and firewall protections improve, the classic ‘barging in through the front door’ methods that criminals use to breach a network or deliver malware and ransomware, have given way to gaining access to computers and networks through social engineering – that is, fooling the humans. Why waste time trying to knock down the castle gates, when you can trick somebody into giving you the key to the side entrance?
The goal of social engineering – phishing , phone and email impersonation, poisoned emails or websites – is to gain access to somebody’s passwords, credentials and/or identity. Armed with that information, the criminal can either directly steal data or money, or the more sophisticated criminal gang can enter the individual’s network through one machine or identity, and then move laterally through the network.
They may lurk around inside the network for weeks or years, observing emails, passwords, relationships with customers and suppliers, management structure, and confidential data. Once they have gained sufficient intelligence, they can go for the bigger scores, such as intercepting or impersonating emails to divert payments for large transactions to themselves, sending requests as if they were senior management, or compromising the customers’ or suppliers’ networks through the trusted relationship those group