Peer to Peer Magazine

PEER TO PEER: THE QUARTERLY MAGA ZINE OF ILTA 34 Data breach stories are hitting closer and closer to home these days. There is a good chance you or someone you know has been a victim of a data breach or hack, whether it is from a medical records leak, credit card fraud or being part of an exfiltration of personally identifiable information. Like a vault door, firewalls are useful in putting up barriers against network intrusions; however, sometimes people open the door and unwittingly let hackers in. IT JUST SEEMS SO BELIEVABLE Hackers look for easy targets to infiltrate an organization. One of those easy targets is you. Phishing emails, pretexting, baiting and other scams are part of a class of cyberattacks known as "social engineering." We are being tricked and manipulated, which is not always hard because, while we know not to wire money to Nigerian princes, sometimes the ruse is just too believable. What appears to be your bank is asking you to verify your account information — possibly a username, password or account number. You click a link in an email message that leads to a website that looks just like your bank's site. But it's not. Perhaps a support engineer calls and says your computer needs to be updated. You provide your login credentials and other vital information. This allows the hacker to plant malware as a platform for a future attack while performing the so-called update. This malware can record keystrokes, hibernate until a particular date or signal, and then collect (or destroy) data. It could also be used as a zombie for a distributed denial of service attack where FEATURES Have You Been Socially Engineered? What Does It Really Mean? Social engineering terminology has its roots in the late nineteenth century. It's a discipline in the social sciences that focuses on influencing human behavior to achieve certain results. While not originally a nefarious concept, today the term has a negative connotation as the moniker for a type of cyberattack.

• Cover