The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have released a joint Cybersecurity Advisory describing the Scattered Spider cybercriminal gang’s activities. The group, believed to be unusual both for the relative youth of its members and their native proficiency in English, was responsible for this summer’s compromises of MGM Resorts and Caesars Entertainment. It also excels at social engineering.
Social engineering in its many forms took center stage in Q3 2023. The quarter saw “human hacking” evolve from a long-standing security challenge to threat actors’ method of choice. This was evidenced by our observations of the dramatic escalation of social engineering tactics, with significant increases in phishing, smishing, valid accounts, voice phishing and other tactics—adding up to the highest volume of incidents we have seen in 2023.
As ransom payments reach an all-time high, it’s time to look at attacks from a data perspective and find the greatest opportunities to stop these attacks. Every quarter, I’ve been covering the Quarterly Ransomware Reports from ransomware response company Coveware. In their latest report covering Q3 of this year, we get a greater sense of what trends their security researchers are seeing from the data: This last one is interesting.
Let me give you a quick introduction. My name is Stu Sjouwerman. I’m the Founder and CEO of KnowBe4, my 5th startup. I have been in IT for 40+ years, the last 25 of those in information security. In my last company we built an antivirus engine from scratch and combined it with intrusion detection, prevention and a firewall. And we ran into a persistent problem nobody seemed to be able to address; end-users being manipulated by bad actors to let them in.
Social engineering attacks have a very long history, though the Internet has made it easier to launch these attacks en masse, according to Sean McNee at DomainTools. McNee points to an advance-fee scam from 1924, in which a crook sent a letter pretending to be trapped in a Spanish debtors prison. The sender requested that the recipient send a check for $36,000 to pay off his debt. After the sender is freed, he promises to pay the recipient back, with an extra $12,000 for the trouble.
A threat actor dubbed “Void Rabisu” used social engineering to target attendees of the Women Political Leaders (WPL) Summit that was held in Brussels from June 7 to 8, 2023, Trend Micro has found. “Since many current and future political leaders had attended this conference, it presented an interesting target for espionage campaigns and served as a possible avenue for threat actors to gain an initial foothold in political organizations,” Trend Micro says.
Even though there are new attack types for cybercriminals, they are still leveraging old-school attack vectors. Why? Because they still work. I cover new attack methods all the time, with recent examples including a sophisticated phishing campaign impersonating Microsoft and an attack last month targeting the Ukrainian military.
Understanding Social Engineering Social engineering is a psychological manipulation technique used by cybercriminals to deceive individuals into divulging confidential information, performing specific actions, or making financial transactions. These attacks prey on human psychology rather than exploiting technical vulnerabilities. Social engineering attacks can take various forms, and email is a common vector for such schemes.
