As advanced technologies like artificial intelligence and machine learning become more mainstream, it is inevitable that security software will start leveraging these technologies to better learn and adapt to counteract the efforts of those that spread malware.
This is likely in my view to force them into using some of the more “soft skills” approaches to try and get around the technology. This is commonly called social engineering and has been around in one form or another for as long as mankind has been civilised. One of the most famous acts of social engineering was so effective it is remembered to this day and even has a whole class of malware named after it – Odysseus’ Trojan Horse. Confidence tricksters and con men still use these kinds of techniques to fool people into trusting them with their money today.
Some common social approaches that are likely to be used to try and sidestep advanced technology defences are:
- It is well known within security circles that there are few effective defenses against an attacker that has physical access to servers or network equipment.
- This may well lead to people attempting to impersonate authorised IT service staff to gain access. This kind of attack is perhaps more likely in a more remote branch site where staff may be less aware and vigilant.
- The attacker is bound to behave confidently and sound like they are supposed to be there.
2. Support Phone Calls
- We have all experienced the fake “Microsoft Support” calls that come out of the blue telling us there is something wrong with our PC and we need to let them help us out.
- This is a surprisingly effective social engineering attack on the unwary and has been used in one form or another for many years. I expect there will be a noticeable rise in this kind of approach in the coming years.
- Similar to the first point when getting physical access is the goal, tailgating refers to a method of gaining access to restricted areas by quickly following someone who does have access through a controlled door.
- These people may be strangers with a gift for talking to people and putting them at ease, appearing to be just another employee, or may even be an actual employee who is up to no good.
How to mitigate the risk: Awareness and a protocol for access.
4. Quid Pro Quo
- Another method that we may well see a lot of more is efforts to entice employees on the inside of a company into doing something for the attacker by making them some kind of offer in return.
- This is most likely to be effective against disgruntled employees but anyone could be fooled into thinking this is some kind of free gift and not realise what they are really doing for the attacker.
How to mitigate the risk: Again, as always it is training and awareness that will be the best defense.
If you haven't already analysed the strategies you have for dealing with these kinds of threats, now is a good time to do that. If you have any questions or want to share a recent experience, feel free to get in touch with me.