Not all social activities are welcome.
A well-known security concept exists – known as the “iron triangle” consisting of technology, process and people. Think about your day from the moment you woke up until now – how many satellites did you interact with? How many web servers? How many networks did your packets travel across? Did you look at a weather report? A cricket score? A stock price or currency value? That’s technology…
Did you log into Facebook, Instagram or TikTok? Amazon or Audible? YouTube or your Gmail? That’s a very simple process. Or did you transfer money or pay a credit card bill? You were following a longer process…
Did you chat with anyone? A friend or family member? An acquaintance on the train or bus? A work colleague? A total stranger? Did you write an email? A WhatsApp message? Or post to Reddit? That’s people…
Because of the ubiquitous nature of interconnected technology in our daily lives, everything from global organisations to individuals are vulnerable to attack. At any time. Unfortunately, in the examples of technology, process and people above, those three corners do not exist as a nice geometric triangle with separate elements. It’s more of a mix of all three, blended together into a very bad-tasting attack cocktail.
This presentation looks at recent hacks and analyses the nature of the vulnerabilities and the attacks used in terms of the bad-tasting attack cocktail of technology, process and people. We look at the changing nature of today’s security landscape and how we, in the way we think, can protect our organisations without them even knowing it. We address the forgotten ingredient to almost every hack performed today – hacking the people, using the tools and techniques the hackers use when they mix that evil cocktail. And, importantly, how we can recognise if an attacker is using social engineering and cyberpsychology against us.
