Social engineering is the term describing a technique that, by exploiting the weaknesses of a person makes them volunteer to do things that would not be done in a normal situation, such as giving strangers access to restricted information, letting unknown individuals into a restricted territory as well as following ideas that independently would not be supported.
In the field of security, social engineering is a self-serving manipulation, whose roots go far into the past and which has gained additional impetus since the advent of computers and the internet. The influencing of simple interpersonal discourse has led to techno-social manipulation, which attempts to exploit these same human weaknesses through technological means, such as bait and hook letters, clone pages, false identities, malware as well as viruses and much more.
Solutions that allow manipulation of a person in such a way that they voluntarily surrender information or resources at their disposal.
A most characteristic example is the Anna Malvara case, a false identity created during the International Summer School for Cyber Defence. As a test case, a fake identity was created, whose Facebook account attracted hundreds of people, including a large number of people in key positions in society. This was only the first step for further collecting or manipulation of information, but the simplicity of achieving success proved that this technique would be continued in the future.
Based on political science, however, social engineering is the manipulation of human groups, which based on the findings of scientific analysis, can influence and direct social groups to follow influential suggestions. Recent years have brought great advances in the use of technology in this area as well as a number of revelations of large-scale manipulations.
In July, the Eesti Päevaleht published an article on human hacking, in which Jenny Radcliffe, an expert in the field, says that as technology evolves, it is becoming increasingly important (read easier) to hack people.
Regardless of whether the security of data or democracy is at stake, this technique is based on weaknesses in human nature.
Photo: José Pedro Costa/Flickr/CC