logo_red

REAL TALK ON
ALTERNATIVE INVESTMENTS
BUSINESS & FINANCE

Modern Trader
What You Need to Know about Social Engineering

Modern Trader
What You Need to Know about Social Engineering

Garrett Baldwin



In the October issue of Modern Trader, Garrett Baldwin sat down with four hackers to discuss the threats to the financial sector. The complete interview can be read on newsstands at Barnes & Noble this week. 

So how are hackers so effective at getting access to information? As the experts explain, hackers user a process known as social engineering. And companies need to learn how this works or else they could find themselves vulnerable to a sophisticated attack that could cost them millions, if not billions, over the long run.

THE SOCIAL ELEMENT OF HACKING

Hackers make a decision to attack a firm through one of two methods: technology or socially, says Mr. Green, a security specialist who asked to remain anonymous during our interview with four ethical hackers.

It’s possible to attack a financial company through the network system. Another expert who wished to remain anonymous, Mr. Orange, says he could walk into a financial firm and attempt to exploit security breaches just by signing into a guest network in the lobby. There’s the idea of dropping USB flash drives on the ground and hoping someone in an organization who is intellectually curious – and naïve – enough to plug it into their work computer. 

“I’ve seen this attack before,” says Erdal Ozkaya. “It cost a company $3 million.”

But the human element, or social engineering, is responsible for roughly 90% of all major breaches, according to Mr. Green.  He explains that hackers are able to breach networks and exploit vulnerabilities due to the simplicity of human nature. “It’s tough to talk to people about this – especially on the cognitive size. The bulk of high impact attacks are socialized.”

Social hacking is the process of gathering information on their hypothetical secretary Debra, or exploiting the person in the company who thinks that it’s okay if their security is breached because they’re not high on the latter.

“The social engineer understands human desires and expectations. They project a fantasy that others want to have,” says Mr. Green. “The biggest problem is that people are so easy to fool.”

The digital world is significantly different from the physical world, but humans forget it too often.. 

“When you live in a city, you know what streets to walk down and what alleys not to go down,” says Mr. Orange. “In the cyber world, hackers make the rules.”

Cyber expert Terry Bradley explains that a client in Alabama said that cyber security wasn’t a major priority because they worked in Alabama. Why would anyone want to attack a company in Alabama when New York City is the financial center of the galaxy?

Money.

“Online, you are two milliseconds away from Ukraine or China. They’ll hack you and your company if you’re in Alabama or New York City just the same. You might live in “Safesville,” but on the internet, your IP address is right next door to the bad part of town.”

That type of naiveté is matched only by the unwillingness to understand the true cost of compliance. With the SEC releasing its new compliance guidelines and best practices, companies are likely looking at the price tag and debating next steps. 

However, the four experts argue that companies always look at their finances the wrong way.
“Security always comes later,” says Mr. Orange, another hacker who wished to remain anonymous.

In Bradley’s case, he mentions the company that was hit by an email scam. At the time, he was talking to them about conducting an assessment of their networks. When they got cold feet about the costs, it wasn’t long until a six-figure breach hit the firm through a phishing attack that saw an employee authorize a huge wire transfer because the person believed the fake emails from the CEO were authentic. 

Meanwhile, companies like Home Depot and Target have experienced blows to their reputations following the massive breaches that compromised data of millions of consumers. 

“How much are you willing to pay to have your reputation back?” Ozkaya asks. “How much are you willing to lose?”

According to these experts, these are the real costs of compliance.  

And forward-thinking organizations are now taking it very seriously.

Be sure to read the complete article Assumed Breach in the October issue of Modern Trader and check online at Futuresmag.com

About the Author

Camden 2  medium  medium  medium

Garrett Baldwin is the features editor of Modern Trader. He lives in Chicago.
















































Fintech

Getting in on the Groundfloor


Dara Albright



















Alternative Thinking on Today's Market Events

The Daily Alpha - 09.21.15


Garrett Baldwin


Assume Breach


Garrett Baldwin


Currencies

The Week Ahead for Forex


FXHQ.com


Alternative Thinking

The Daily Alpha - 09.18.15


Garrett Baldwin


Alternative Thinking on Today's Market Events

The Daily Alpha - 09.17.15


Garrett Baldwin


Alternative Thinking on Today's Market Events

The Daily Alpha - 09.16.15


Garrett Baldwin


Modern Trader

Rise of the Ethical Hacker


Garrett Baldwin





QOTD

Quotes of the Day


Garrett Baldwin



Modern Trader

Why are Hedge Funds Hiring Poker Pros?


Garrett Baldwin


Gambling and Gaming

Wall Street Casino


Garrett Baldwin


Gambling and Gaming

Investing: A Pretentious Word for Gambling?


Doug Litowitz


Gambling and Gaming

Gambling and Gaming: A Common Thread of Risk


Michael Stegemoller, Baylor University


Gambling

Where Gambling Meets Trading


Modern Trader, William Ziemba





Cybersecurity

Fire-sale: Were Three Leading Organizations Hit By A Global Cyber-Attack?


Dr. Timothy Summers and Dr. Joseph Wall


Real Talk

CNBC Demystified


Doug Litowitz


Modern Trader

False prophets


Garrett Baldwin, Illustrated by Mario Zucca


OTC

Why OTC is Back in Vogue


Edward Lopez



Modern Trader Magazine

Does Your Alma Mater?







TAP Innovation Series

Alpha Pages Innovation Series: Acorns


Garrett Baldwin


Alternative Energy

Yield Cos? More like Yield Can’ts!


Bryan Birsic


Vice Spending

April Vice Index Shows Strong Rebound


Andrew Zatlin


Disruptive Technology

Part II: Possible Hedges Against the Robot Apocalypse


Garrett Baldwin


Disruptive Technology

Part I: Possible Hedges Against the Robot Apocalypse


Garrett Baldwin


Water Investment

Rick Rule: Time to Change California’s Water Policy


Global AgInvesting


Insider Trading

Why The Second Circuit Refuses to Reconsider Its Newman Decision


Jonathan N. Halpern, Ehren M. Fournier


Futures Magazine

logo_red

ENTER YOUR EMAIL BELOW TO FOLLOW THE ALPHA PAGES

Art, Antiques & Collectibles • Forestry • Film Investments • Alternative ETFs • Wine, Spirits & Cannabis • Hard Assets • Sports & Exotic Wagering • Oil & Gas Exploration • Startup Investing • Private Equity • Treasure Recovery • Commodities • Digital Currencies • Peer-to-Peer Lending • Venture Capital • Hedge Funds • Private Real Estate • Managed Futures & CTAs • Forex & Derivatives Trading • Alternative Energy • Futures & Options