WEBVTT

00:00.420 --> 00:02.670
Hello and welcome to the second lecture.

00:02.940 --> 00:13.460
And out of hikin humans intro to social engineering presented by our city and this lecture we look at

00:13.460 --> 00:23.270
why social engineering is adopted by a malicious updos in 2017 some major cyber attacks or could.

00:23.380 --> 00:30.430
There was one of cry pecial not Pitsea Equifax breach and it was also revealed that all yahoo accounts

00:30.430 --> 00:32.840
were compromised in a previous breach.

00:34.590 --> 00:41.630
Why not cry on paternal Petchey I walk around somewhere with one of and computer systems in over 100

00:41.680 --> 00:42.770
countries.

00:43.010 --> 00:52.860
Ted Turner Petya resulted in cost in international shipping company mask's three hundred million dollars.

00:52.870 --> 01:00.740
There has been a rise in cyber attacks whether targeted individuals businesses or nation states.

01:00.750 --> 01:05.930
However there is something that most of these attacks seem to have in common.

01:05.950 --> 01:11.250
They are mentally initiated and spread by taking advantage of human weaknesses.

01:12.460 --> 01:16.970
Which makes these attacks easier and cheaper to propagate.

01:16.980 --> 01:19.570
So what motivates social engineers.

01:20.620 --> 01:25.760
Social engineering could be used by a malicious individuals for various reasons.

01:25.810 --> 01:35.220
These include pranks gaining on authorized access to confidential information and data extortion and

01:35.300 --> 01:45.270
blackmail or initiating attacks some social engineers carry out social engineering solely for the purpose

01:45.360 --> 01:52.830
of practical jokes to make fun of their targets where the individuals organizations or even nation states

01:53.880 --> 02:01.560
these type of attacks usually low risk in terms of impact on their targets but may also be a way of

02:01.590 --> 02:08.970
expressing an ideological or political views to the target and can affect their target in terms of reputation

02:09.540 --> 02:15.000
which could have adverse effects on the target's business customers for example or those who patronize

02:15.000 --> 02:20.560
their target victim might end up shot into a victim resulting in adverse effects on the victims or on

02:20.570 --> 02:21.660
an investment.

02:21.690 --> 02:29.670
Malicious attackers also use social engineering to gain access to information and data that they are

02:29.670 --> 02:37.680
not supposed to have access to which they can Freude use to get access to more authorized data on information

02:37.710 --> 02:41.620
of victims like online banking credentials.

02:41.620 --> 02:45.680
Got details and so on the other to rise.

02:45.690 --> 02:53.520
Access can be used to steal identity funds confidential information like trade secrets and the like.

02:54.390 --> 03:01.350
Malicious or once they have compromised a target using social engineering can have unbridled access

03:01.350 --> 03:09.820
to confidential information and data and take control of such as a result of the aforementioned they

03:09.820 --> 03:17.260
can hold such data or information hostage in exchange for funds or threaten to reveal secrets content

03:17.290 --> 03:20.900
in the data out to the public if certain demands are not met.

03:21.070 --> 03:26.130
The secrets could range from trade secrets to embarrass and personal habits.

03:26.190 --> 03:33.550
This can be seen in ransomware social engineers can leverage the data they compromise to fall victims

03:33.550 --> 03:34.990
to give them what they want.

03:35.080 --> 03:38.540
Life funds or assets or whatever.

03:39.910 --> 03:46.660
A malicious attacker cannot only get access to an authorized data via social engineering get an access

03:46.660 --> 03:51.500
to confidential logical access or system controls is possible.

03:51.850 --> 03:58.120
These can be used to launch attacks on a system or network using things like malware.

03:58.150 --> 04:05.010
An example could be seen in the case of stock that which was e-mail model where it wanted to be precise.

04:05.030 --> 04:11.930
That target that suspected uranium enrichment systems in Iran it was initiated using social engineering

04:11.930 --> 04:12.560
techniques.

04:12.710 --> 04:14.830
So why is social engineering adopted.

04:16.190 --> 04:23.390
Well the easiest way to break into a system is to target the weakest point malicious attack us adopt

04:23.390 --> 04:32.440
social engineering as a means of attaining the militias goals because it is cheaper less complicated

04:33.340 --> 04:36.320
readily available and safer.

04:38.900 --> 04:44.590
Instead of employing very expensive I.T. infrastructure to carry out a malicious attack or breach on

04:44.740 --> 04:50.490
the system compromising the operators of the system would be a wise choice.

04:50.510 --> 04:52.300
It is far less expensive.

04:53.270 --> 05:00.010
Compromise and the human element saves the cost and trouble of cracking codes decryption having to make

05:00.010 --> 05:07.630
a prison break in or physically capturing on important relevant systems operator going back to the case

05:07.630 --> 05:14.680
of Stuxnet on the Iranian nuclear systems getting the systems infected by means of social engineering

05:14.680 --> 05:21.610
was cheaper than trying to get someone in to infect the systems with malware or trying to hack into

05:21.610 --> 05:26.480
the network to get infected or trying to physically destroy the infrastructure.

05:27.520 --> 05:34.680
The cost effectiveness of social engineering can also be seen in e-mail scams where the scammers could

05:34.690 --> 05:42.300
be from very poor backgrounds and yet could hit a jackpot with little or no financial investments.

05:43.000 --> 05:49.410
Social engineering attacks do not require a lot of sophistication to be carried out.

05:49.420 --> 05:54.820
Requirement of complicated tools and techniques for initiating attacks can be significantly reduced

05:55.120 --> 05:58.600
or even eliminated with the adoption of social engineering techniques.

05:58.600 --> 06:05.440
Social engineering is also more readily available and easier to deploy done more sophisticated attack

06:05.440 --> 06:11.940
techniques like direct hacking which could be stalled due to cost of the beauty of tools or the target

06:11.950 --> 06:18.310
having very good physical and electronic defenses like foules anti-malware software or anti-hacking

06:18.310 --> 06:19.550
devices.

06:19.630 --> 06:26.580
Crimes like armed robbery or kidnapping can be very risky to life and limb of criminals.

06:26.590 --> 06:31.270
Moreover they might end up not getting the desired returns despite the risk taking.

06:31.300 --> 06:37.350
So for example scummers would be more at ease engaging in the crime of scamming.

06:37.480 --> 06:41.140
Patiently waiting until they strike gold.

06:41.220 --> 06:44.120
There is less stress on even if caught.

06:44.130 --> 06:51.800
This sentence is not likely to be as bad as that of engaging in more dangerous crimes like Groby kidnapping

06:51.830 --> 06:53.970
or human trafficking.

06:54.060 --> 06:58.530
This is likely to be later on if we pare back to this.

06:58.580 --> 07:06.160
In that case again we can see that it was easier to use social engineering to get the Iranian systems

07:06.550 --> 07:12.580
infected sending agents in to do the job could have exposed the agents to capture or death.

07:13.150 --> 07:22.270
And in the event the agents of course they might be broken down or made to reveal more precious information

07:23.050 --> 07:29.020
about their employers which could make the operation counter productive.

07:30.430 --> 07:42.470
Using a mall would also be risky as it might not be easy to design or where the malls Latty really lies.

07:42.610 --> 07:50.310
So has just a brief synopsis of what could end up next case on how it can be used to emphasize Weisel

07:50.320 --> 07:56.540
social Anyway I doubt adopted stocks net thought to have been developed in a joint operation between

07:56.540 --> 08:04.340
the U.S. and Israel targeted suspected Iranian uranium enrichment facilities specifically in Natanz

08:04.730 --> 08:05.550
in 2010.

08:07.010 --> 08:13.730
It was a new type of malware in that it was destruction of physical infrastructure as opposed to the

08:13.730 --> 08:21.700
tradition obligations of such malware or they are affecting information systems the Iranian uranium

08:21.700 --> 08:27.700
enrichment infrastructure all were kept off the internet for security reasons fear of being hacked.

08:28.030 --> 08:34.340
But this will all managed to get through the computer systems running into a uranium enrichment facility.

08:34.340 --> 08:37.520
How is that who USV thumb drives.

08:40.140 --> 08:42.760
B that the facility was off the net.

08:42.930 --> 08:49.020
The originators of stocks net infected the computer systems of some companies that were contractors

08:49.020 --> 08:52.830
to the facility in Athens probably to the Internet.

08:54.110 --> 09:00.320
Employees in these companies use the U.S. drives on their systems getting them infected and then for

09:00.320 --> 09:09.020
the fact that they're not on systems they use deadrise on their warm then clothing from rated over the

09:09.020 --> 09:11.000
network in the facility.

09:11.000 --> 09:18.050
The result was that the uranium enrichment centrifuges failed on an unprecedented scale.

09:20.230 --> 09:26.890
From default when we see that the initiators of stocks that saw the challenges of getting into the facility

09:27.060 --> 09:33.880
and not does it get infected it would have been difficult to get someone to the opposite Guddi it could

09:33.880 --> 09:36.340
not have been infiltrated remotely.

09:36.360 --> 09:42.130
It was not connected to the Internet and a physical assault on the facility would probably be too costly

09:42.160 --> 09:44.920
both in terms of finance and lives.

09:46.210 --> 09:54.920
So they decided to make employees of the contract of companies on within Korea as of the malware we

09:54.920 --> 10:01.610
will disclose baiting of which aversion involves the winner and Tyson malware infected external storage

10:01.610 --> 10:10.160
media about in order to get an unsuspecting curious victim to inside to the storage media on his computer

10:10.160 --> 10:12.200
system and get it infected.

10:12.960 --> 10:17.660
This question was what was initially suspected to have been adopted to initiate the attack.

10:18.410 --> 10:24.140
However debating that was applied in this case was to get unsuspecting inquiries infected to get the

10:24.140 --> 10:24.800
job done.

10:26.150 --> 10:33.860
The case of Stuxnet was initiation of attack by taking advantage of the human weaknesses inherent in

10:33.860 --> 10:40.690
their own witta inquiries of the malware this saved the perpetrators the hassle and cost of getting

10:40.720 --> 10:45.120
access to the systems and Natans physically or emotionally.

10:45.440 --> 10:53.270
Granting the malware infection easy access it also saved from the risk of losing agents going to the

10:53.270 --> 10:58.300
facility to carry out the act which would have led to capture or death or even betrayal.

10:59.360 --> 11:05.070
Cost of crowding out a physical assault was also avoided which would have also resulted in death or

11:05.110 --> 11:09.000
capture or compromise of those who carry out the attack.

11:09.150 --> 11:10.290
Have been or went.

11:10.300 --> 11:11.230
Collateral damage.