Social engineering (security) | Solutional Webdesign Antwerpen

TODOS 0-9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Social engineering, in the realm of security^[1], is a tactic used by malicious actors to exploit human psychology, often leveraging cognitive biases, to gain access to confidential information or systems. This method often involves tactics such as pretexting, water holing, and baiting. Incidents such as the Equifax attack underline the rising prominence of social engineering attacks. The technique has been used by individuals like Susan Headley and Mike Ridpath for different purposes. Laws like the Gramm-Leach-Bliley Act have been enacted to curb this invasion of privacidade^[2]. The phenomenon presents a significant threat to information security, necessitating the development of detection techniques, cybersecurity education, and legislation to prevent deceptive practices and protect sensitive information.

Definições de termos

1. ↑ security. Security, as a term, originates from the Latin 'securus,' meaning free from worry. It is a concept that refers to the state of being protected from potential harm or threats. This protection can apply to a wide range of referents, including individuals, groups, institutions, or even ecosystems. Security is closely linked with the environment of the referent and can be influenced by different factors that can make it either beneficial or hostile. Various methods can be employed to ensure security, including protective and warning systems, diplomacy, and policy implementation. The effectiveness of these security measures can vary, and perceptions of security can differ widely. Important security concepts include access control, assurance, authorization, cipher, and countermeasures. The United Nations also plays a significant role in global security, focusing on areas like soil health and food security.

2. ↑ privacidade. A privacidade é um conceito fundamental que evoluiu ao longo da história e continua a moldar o nosso discurso social. Historicamente, teve origem em debates filosóficos, com figuras como Aristóteles e John Locke a lançarem as bases. A privacidade também está ligada a questões legais e éticas, como se pode ver em casos marcantes do Supremo Tribunal e em revelações como as de Edward Snowden. Os avanços tecnológicos desafiaram e reforçaram a privacidade, introduzindo novas ameaças e medidas de proteção. A nível mundial, as normas de privacidade variam, com diferentes países e organizações internacionais a definirem as suas directrizes. Na era digital atual, a privacidade enfrenta novos desafios e considerações, como a utilização das redes sociais, a cultura da selfie e os serviços baseados na localização. Este conceito engloba o direito de um indivíduo a manter as suas informações pessoais secretas e livres de intrusões não autorizadas.

Engenharia social (segurança) (Wikipédia)

In the context of information security, social engineering é o psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in that it is often one of many steps in a more complex fraud scheme. It has also been defined as "any act that influences a person to take an action that may or may not be in their best interests."

Research done in 2020 has indicated that social engineering will be one of the most prominent challenges of the upcoming decade. Having proficiency in social engineering will be increasingly important for organizations and countries, due to the impact on geopolitics as well. Social engineering raises the question of whether our decisions will be accurately informed if our primary information is engineered and biased.

Social engineering attacks have been increasing in intensity and number, cementing the need for novel detection techniques and cyber security educational programs.

" Voltar ao Índice do Glossário