Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Art of Social Engineering

Published byTiffany Leonard Modified over 6 years ago

Similar presentations

Presentation on theme: "The Art of Social Engineering"— Presentation transcript:

1 The Art of Social Engineering
Rugved Mehta Gaurav Trivedi

2 Cyber Security Consultant Interests: Rugved Mehta Technology Auditor
Gaurav Trivedi Cyber Security Consultant Interests: Aviation Security Social Media Risks Geo-political Risks Rugved Mehta Technology Auditor Interests: Aviation Security Social Media Risks Psychological Warfare Bitcoins Threat Intelligence Profiling

3 Agenda Introduction Motivation Attack Vectors Techniques Strategies
Case studies

4 Introduction “Rouse him, and learn the principle of his activity or inactivity. Force him to reveal himself, so as to find out his vulnerable spots.” - Sun Tzu, The Art of War

5 Introduction Social engineering, in the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information. Any act that influences a person to take an action that may or may not be in their best interest

6 Social Engineering: Pillars
Motivation Attack Vectors Techniques Strategies [(1. Motivation) + (2. Attack Vectors) + (3. Techniques)] x (4. Strategy) = Successful and Lethal Social Engineering

7 1. Motivation 4 pillars of psychology: Freud – Who am I?
Jung – What am I? Maslow’s hierarchy of needs – What state am I in? Pavlov – How do I attack?

8 Who am I? Id Ego Super Ego

9 What am I? Grouping of personalities Introvert vs Extrovert

10 What state am I in?

11 How do I attack? Classical conditioning – learning process when two stimuli are repeatedly paired PTSD is an extreme case of classical conditioning

12 Terrorists Sense of superiority
Hatred for another group, masking their worthlessness and self-hatred Paranoia to “get to others before they get to you” Personal sense of meaninglessness with seemingly lack of personal identity other than identifying oneself as a martyr Many of these people seem to have been influenced by a troubled past (mainly the executioners)

13 2. Attack Vectors The 3 Ps: People – Humans
Process – Laws, Regulations, Standard Organizational Processes Perspectives – Hating your boss, Disregard for societal norms

14 People Fear Lust Anger Greed Sympathy
Failure, not being loved or accepted by society, bankruptcy Lust Sex Envy Anger Anger felt in situations (due to oppression, enforcements by army) Greed Money Money Money Money (Kasab’s father sent him to training camps for money) Sympathy Affiliation to a cause Love, empathy Moral virtues

15 People Thumb Rule: Put people in a problem and get them out of it. They will love you. 

16 Process Flow Identity Rules and Laws Environment Steps
Chain of command Identity Ownership of process Leadership of execution Role of the person involved Rules and Laws Rules and processes (doing something in a certain way) Environment Time of the day Situation (taking advantage of social unrest, adding fuel to the fire) Organizational character

17 Perspective Feelings Rationalization Authority Character
Emotions    (targeting emotionally weak people) Persuasion Rationalization Political correctness Logic Authority Real or perceived limits of authority Real or perceived sense of responsibility Character Moral background Negativity / Positivity of environment Sense of community (false impression of a community being targeted, obscure truth)

18 3. Techniques Body Language Observation and Intuition
Observe but DO NOT react Unbiased observation Observation points: Macro body positions Micro body positions Eye Movement Breathing Body Language Defensive Body Language – Victim’s body language which cannot be controlled, Culture plays a big role Offensive Body Language – Attacker’s body language which can be controlled as an attacker Mirroring of body language

19 3. Techniques Language Cold Reading Competence Tone / Intent Silence
Ask VKA - Visual, Kinesthetic, Auditory Cold Reading Rapport Reading People Eye Contact

20 4. Strategies People (Identify the asset, Recruit the asset, Manage the asset) Cold Reading Rapport Actions (Get anything that you want) Rapport and Anchoring (use of initial piece of information to make judgements)

21 4. Strategies Defense (Do not blow your cover)
Language and Body Language Disassociation and Anchoring Information Gathering(Covert and Overt Interrogation) Cold Reading Eye Reading and Anchoring Smile Smile genuinely and learn to recognize fake smiles

22 THANK YOU

Download ppt "The Art of Social Engineering"

Similar presentations

Personality: Some Definitions

Personality: Some Definitions
The Art of Argumentation

The Art of Argumentation
INTRODUCTION TO LITERARY CRITICISM LITERARY CRITICISM Literary criticism is the art of judging and commenting on the qualities and character of literary.

INTRODUCTION TO LITERARY CRITICISM LITERARY CRITICISM Literary criticism is the art of judging and commenting on the qualities and character of literary.
Terrorism. What is going on? Brief timeline of major events of terrorism Definition of terrorism Why do terrorists commit terrorism acts? How do governments.

Terrorism. What is going on? Brief timeline of major events of terrorism Definition of terrorism Why do terrorists commit terrorism acts? How do governments.
Business Communication 1.Context What factors are relevant to this situation. 2.Objective What do I want to accomplish in this situation. 3.Approach.

Business Communication 1.Context What factors are relevant to this situation. 2.Objective What do I want to accomplish in this situation. 3.Approach.
Module Nine: Emotional Communication (Conversation) 8- 1.

Module Nine: Emotional Communication (Conversation) 8- 1.
Mental Health Introduction

Mental Health Introduction
Ch 2 Notes – Personality, Self-Esteem, and Emotions

Ch 2 Notes – Personality, Self-Esteem, and Emotions
Conscience in the Teaching of the Church From the Pastoral Constitution of the Church in the Modern World -Gaudium et Spes.

Conscience in the Teaching of the Church From the Pastoral Constitution of the Church in the Modern World -Gaudium et Spes.
Warm-up Review Pick-up and complete the Maslow’s Hierarchy of Needs Hold onto paper…put paper upside down on corner of desk…and start taking notes.

Warm-up Review Pick-up and complete the Maslow’s Hierarchy of Needs Hold onto paper…put paper upside down on corner of desk…and start taking notes.
International Association of Auto Theft Investigators

International Association of Auto Theft Investigators
Emotional Intelligence and Anger Management

Emotional Intelligence and Anger Management
Chapter 7: Happiness and Well-Being

Chapter 7: Happiness and Well-Being
Social Psychology.

Social Psychology.
Part 4 Reading Critically

Part 4 Reading Critically
The development and cohesion of the team

The development and cohesion of the team
Bell Ringer #3 Textbook page 88-90

Bell Ringer #3 Textbook page 88-90
Chapter 11 Motivation and Affect. Chapter 11 Motivation and Affect.

Chapter 11 Motivation and Affect. Chapter 11 Motivation and Affect.
Emotional Intelligence

Emotional Intelligence
Types of Speeches Informative Persuasive Special Occasion.

Types of Speeches Informative Persuasive Special Occasion.

Similar presentations

Ads by Google