How We Are Tricked Into Giving Away Our Personal Information
Swedish Research Council (01/15/09)
Organizations are poorly equipped to prevent attacks that target human error and weaknesses, says Stockholm University's Marcus Nohlberg, who says social engineering attacks have received little attention from researchers. Nohlberg's research has led to a more thorough understanding of the methods attackers use and what makes people and organizations vulnerable. He says the biggest problem is that information and proper training is not an effective deterrent. "There will always be a small group of people who do not do as they were taught," Nohlberg says. "The best thing is practical training, and it's probable that organizations will need to start running internal checks where they in fact create fictitious attacks in order to identify weaknesses." Social engineering is more expensive to the attacker, as it requires commitment and time, but software and technologies already exist that can interact with people automatically. Nohlberg warns of a time when programs target victims through digital forums such as Facebook, making social engineering attacks as easy and inexpensive as sending spam.
Thursday, January 15, 2009
Blog: How We Are Tricked Into Giving Away Our Personal Information
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment