hh.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
The Effectiveness of Social Engineering as a Cyber - Attacking Vector: People Do Use Unknown USB Drive, They Find
Halmstad University, School of Information Technology.
2017 (English)Independent thesis Basic level (degree of Bachelor), 180 HE creditsStudent thesis
Abstract [en]

Information security importance is rising. Information security awareness' is spreading, and this gives a clear picture of the growing demand for information security. Information security does not only consist of essential information but also the customer. An information system could be either a system user or a device. Protecting vital information is one of the security issues facing our modern technology, but also protecting system users. System users are the weakest link in information security chain due to wrong prioritizing of information security.Standardization of information security must not differ across organizations. Although every organization has a prioritized level of protection, managing information security should not be completely different from one organization over the other. However, this is not the case. The standards of information security across multiple organizations differ. The gap between organizations concerning information security is enormous. The difference between organizations is due to how organizations value their information access. One of the main security issues confronting information security is the end-user security. System users are still the weakest link in the information security chain. An organization's security cannot depend only on the implemented system, but also, the security level of the system users. The end-users within an organization are essential in cultivating better information security practices. Neglecting end users' importance in information security makes it easier for cyber-attacks and end-users manipulations.The inability to protect end-users as a physical system exposes the possibilities of manipulating end-users through various Social Engineering techniques to elicit essential information. Social Engineering is the term used to influence a person without their knowledge to give out sensitive information. Social Engineering comprises of different factors; psychology and computer science. Social Engineering acquires vital information by manipulating the weakest link in information security chains, the system user.Social Engineering proves that end-users are still the weakest link in the information security chain. This experiment demonstrates that people do use unknown USB drive they find. The consequences of this act, in general, could be harmful. Moreover, that, there are possibilities through Social Engineering, to expose organizations' systems infrastructures to cyber-attacks.The result from this project visualizes that, the most valuable assets an organization has are the people within the organization. An organization employee could expose a well-secured system to cyber-attacks without knowing about it.

Place, publisher, year, edition, pages
2017. , p. 58
Keywords [en]
Social engineering, IT security, USB hacking
National Category
Information Systems
Identifiers
URN: urn:nbn:se:hh:diva-36745OAI: oai:DiVA.org:hh-36745DiVA, id: diva2:1205010
Subject / course
Digital Forensics
Educational program
IT Forensics and Information Security, 180 credits
Supervisors
Examiners
Available from: 2018-05-24 Created: 2018-05-09 Last updated: 2018-05-24Bibliographically approved

Open Access in DiVA

fulltext(2247 kB)16 downloads
File information
File name FULLTEXT01.pdfFile size 2247 kBChecksum SHA-512
e30618beb4c2512ec6c3c8545412ebad76f1803613f9db5ae390fd3814564e12fc6683986cba38ae7867b6a124ababaea6886cb6f1e7628adf7e467456878d45
Type fulltextMimetype application/pdf

By organisation
School of Information Technology
Information Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 16 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 56 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf