Cybersecurity is not only a technical challenge.
It is also a behavioral challenge. As long as managers and employees can provide access to systems and data, cybersecurity depends on them too.
Employees that have access to critical assets of an organization, become targets. Those that have access to technology and organizational assets are also responsible for the protection of those assets. Are they fit and proper to handle this responsibility? Do they have the awareness and skills necessary to protect themselves and their organisation?
We offer specialized social engineering training and services aiming to develop the organizational human firewall. Our training programs and services can also be provided remotely.
Training program: Social Engineering and Open-source Intelligence for Security Teams
Overview
Social engineering attacks continuously remain at the top of the threat landscape and data breach reports. But although these reports tend to simplify many breaches as the result of a successful phishing attack, the reality we get from current threat research is evidently more complex. Social engineering attacks have been evolving. Today, the pathway that leads to that successful phishing email is often the result of a larger attack kill chain based on target research and good open-source intelligence that helps attackers identify organizational vulnerabilities in an often-multi-layered methodology.
We stay ahead of this threat by understanding and acquiring the skills necessary to disrupt attack verticals and become a “difficult target”.
In this threat landscape, it is paramount for security professionals & teams to better understand how social engineering works, and how to proactively identify and disrupt attack verticals.
This hands-on training provides participants with the necessary skills & knowledge on open-source intelligence, weaponized psychology, and the most recent social engineering tactics, techniques and procedures (TTPs). It helps security teams build better protective measures (proactive & reactive) and to inform their security strategy.
Class Flow
Each module of this training is designed to support the next one.
We start by learning what social engineering is, and the types of frequently-used social engineering attacks that we have been observing. Real-life case studies are presented and analyzed.
We move on to more practical parts: How did these attacks come to life? What was the background information that they were built upon, and what elements made them successful? Most often, good social engineering is based on excellent intelligence, most of which is collected from open sources.
During the open-source intelligence (OSINT) modules, participants get to see where and how attackers collect people and business information, what tools they use, and how to combine and analyze that information into intelligence that produces useful insights. We focus on two main areas: OSINT for business details and for persons.
We move on to more complex attack methodologies, and emerging threats. Participants will also get to learn how AI technology impacts threat actor capabilities. We will practice on the theory through hands-on exercises.
During the last part of the class, we will discuss what security professionals can do to improve their security posture against social engineering attacks on a strategic and tactical level. We will discuss reducing risk, becoming a less attractive target, informing the security strategy, and responding to social engineering attacks.
***Practical exercises are included throughout the class.***
Target Audience:
This workshop is beneficial to security teams and professionals working in companies and organizations of the public and private sector.
Duration:
4 hours (half day) to 2 days, depending on the needs, the content of the program and the case studies. We always tailor the program to the needs of each client.
Instructor:
Christina Lekati, psychologist, social engineering training expert. To learn about her you may visit:
https://www.cyber-risk-gmbh.com/About_Christina_Lekati.html
Training outline:
Introduction.
1. Case study.
2. Attacking the human – OSINT, good social skills, and the right technology.
3. The current threat landscape.
4. Ethics.
Social Engineering – Classic Attack Vectors and Their Evolution.
1. Phishing, vishing, and impersonations (may be covered briefly – depending on previous knowledge).
2. Frequent social engineering pretexts.
3. Cases & examples from real life attacks.
4. The OSINT data behind the attacks discussed
Social Engineering Kill-Chain.
Exercise: identify the attack chain followed in a recent, real-life attack. Correlate with cases previously discussed and note the patterns.
Weaponized Psychology.
1. Influence & manipulation techniques.
2. Universal triggers & our human hard wiring.
3. Perception manipulation.
4. Cognitive functions in spotting attack attempts.
5. Biopsychology during a suspicious encounter
Open-Source Intelligence (OSINT).
1. OSINT as a risk identification & mitigation tool.
2. Creating social engineering attacks based on good OSINT.
3. Setting up your workspace & tools.
4. Elements of OSINT - using tools wisely
Business OSINT.
1. Search Techniques.
2. Discovering sensitive files & documents.
3. Finding physical security vulnerabilities.
4. Collecting important information on the company.
5. Supporting tools.
6. Creating an organizational chart.
7. Identifying the internal hierarchical dynamics.
8. Internal culture & relationships.
9. Incorporating the intelligence collected within a social engineering kill-chain scenario.
People OSINT.
1. Finding contact details (email addresses & phone numbers).
2. Identifying key people.
3. Social media intelligence (SOCMINT).
4. Who makes a good target?
5. How to identify overwhelmed employees/departments.
6. Tailored attacks: Profiling people.
7. Case studies.
Elaborate Social Engineering Attacks.
1. Hybrid attacks; types.
2. Case studies.
3. Why did they work? How do we disrupt them?
4. Targeted, tailored attacks.
5. Kill-chain of tailored attacks.
6. APTs & long-term social engineering.
Weaponizing Psychology on Specific Targets.
1. Individual psychological triggers.
2. Engaging a key person online & offline.
3. Elicitation techniques.
4. Why do these campaigns work?
5. Examples.
6. Defense measures.
Artificial Intelligence & The Evolution of Attacks.
1. The near-term impact of AI on threat actor activities.
2. AI-enhanced:
i. Targeting & reconnaissance.
ii. Phishing campaigns.
iii. Deepfakes; vishing & impersonations.
3. Capabilities & Limitations: A Realistic View.
Disrupting Social Engineering Attacks & Creating a Defense Strategy.
1. Thinking & acting strategically.
2. OSINT: identifying, managing, and eliminating risks.
3. Minimizing or disrupting social engineering attack verticals.
4. The 4 layers of defence against social engineering.
5. Organizational best practices.
6. Employee awareness; benefits & limitations.
Closing Remarks.
**Exercises are included throughout the class**
Other training programs
a. Social Engineering Training: Awareness and Defence.
You may visit: https://www.cyber-risk-gmbh.com/2_Social_Engineering_Awareness_Defence.html
b. Practical Social Engineering Defence: Protection of Sensitive Information.
You may visit: https://www.cyber-risk-gmbh.com/3_Practical_Social_Engineering.html
c. Social Engineering Training – Peace of Mind Service
You may visit: https://www.cyber-risk-gmbh.com/Peace_of_mind.html
Cyber security is ofter boring for employees. We can make it exciting.