Social Engineering Attacks


Visible to the public Improving Cybersecurity Through Human Systems Integration 29 June 2016

Advanced Persistent Threat (APT) attackers accomplish their attack objectives by co-opting users' credentials. Traditional cyber defenses leave users vulnerable to APT attacks which employ spearphishing. The success of spearphishing attacks is not a data processing failure, but is the result of defenders failing to apply the principles of Human System Integration to the problem of spearphishing. We discuss an alternative defensive strategy which addresses human performance capabilities and limitations to disrupt spearphishing attacks.


Visible to the public Spearphishing Defense Through Improved Usability

The information environment consists of three interrelated dimensions which are the physical, the informational and the cognitive. The most important of these is the cognitive dimension which encompasses the minds of people who interact with information and make decisions using information. Employing cyberspace operations, attackers use spearphishing to engage in espionage, sabotage and other intelligence-related activities. We discuss the use of an enhanced user interface as a means of counterintelligence to disrupt spearphishing attacks.


Visible to the public Spearphishing Defense Using Deception Countermeasures

Technical defenses (such as email filtering, malware detection, firewalls, limited user privileges, and system monitoring) leave systems unnecessarily exposed to phishing attacks because the human attack surface remains easily accessible and subject to successful attacks based on principles of psychology which are exploited using military deception. The authors propose deception countermeasures which modify the email interface, thereby making the user less susceptible to email-based deception.