Adarsh Nair

speaker_info

About The Speaker

Adarsh Nair

Adarsh Nair is Head of Information Security at UST Global & voluntarily served in the Kerala Police Cyberdome as Deputy Commander (Honorary Position). He is an expertise in Information Security Auditing and Management, Business Continuity, Data Privacy, Risk Management, Ethical Hacking, Penetration Testing, Digital Forensic Investigation, and a wide range of vulnerabilities & threats identification and mitigation. He was awarded for outstanding contribution in the field of cybersecurity, the top-contributor recognition from Kerala State Police Chief, and Hall of Fame from Google. He was a Co-Leader of the Open Web Application Security Project (OWASP) and an advisory board member of EC-Council, USA. CISSP | OSCP | LPT | ISO LA | CEng (India) | MIE | Information Security Leader | Author | Technical Speaker

Social Engineering: The Art of Human Hacking

“Social Engineering, in the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information.” In other words, tricking the human mind to steal confidential information. A famous quote says, ‘A chain is only as strong as its weakest link’. The weakest link in any security system is the ‘human being’.

 

Recent trends show that most of the cyber-attacks begin with social engineering tactics. Phishing is one of the popular types of Social Engineering attacks. The valuable and sensitive information are captured via social engineering attacks and by using that information, the cyber criminals destroy the larger cyber ecosystem. Nowadays, financial frauds are using the social engineering methods to steal bank related confidential information. The rate of these types of crimes also increased in recent years. There are a number of tools and techniques available to assist the social engineering attacks and it has become very easy for anyone to perform a social engineering attack.

 

As these methods use human mind exploitation, the technical controls to prevent those attacks are not much effective. However, there are various prevention mechanisms available in the cyber world. The banks are providing various options to protect their customers against money loss by financial frauds.  A combination of technical controls and best practices would help to prevent the social engineering attacks to a great extent.