[Anti-spoofing art]: Intrusion warning (1)
After being interrupted for a long time, I wanted to update an article over the weekend. I didn't want to suddenly burn it to 39.5 degrees. I had to breathe my breath and breathe my breath. I went to the hospital to take an injection. Today, I finally got through it slowly, I quickly picked up the chapter I saw last Friday and kept a clear impression to record what I learned from this chapter. Previously, I introduced some specific methods for social engineering engineers to conduct attacks. Next, we should take the enterprise as the target to carry out social engineering attacks. In this section, the protection of enterprises is more rigorous and advanced than that of individuals or private organizations, so the attack threshold is increased. It is unrealistic to repeat the entire attack case completely. Therefore, we will focus on how to prevent social engineering attacks and briefly introduce the corresponding attack cases.
I. Non-work protection
Due to the full availability of staff during work hours, it is highly risky for the social engineering engineers to start or visit the site. However, after the current shift, there are only a few security guards facing the social engineering engineers during non-work hours. Despite the high awareness of security personnel, social engineering engineers can still cheat them. For example, in the following simple example, Joe wants to visit a processing factory of an airline at night to inspect various planes on the ground. But how can he succeed as an external engineer?
Step-1. Joe calls the marketing department first, asks the head and staff of the marketing department, calls their extension, and obtains the name and extension number of the leaders and staff from the voice of no one prompting the extension;
Step 2. Joe calls the security booth as a fake employee Tom, saying that two colleagues from the marketing department will help the project at and request approval;
Step-3. If Joe comes in at night, the security guard will not view the identity documents and allow them directly;
Step 4. Joe was found by a patrol security guard during a free visit to the processing factory and was taken to the security office for details;
Step-5. Joe offered to call his boss to verify his identity. After the phone was connected, he said it on his own and hung up the phone directly. No chance was given to the security guard to verify his identity from the phone;
As a result, a social engineering engineer cleverly mixed into a secure airline processing plant. This case tells us that, during non-work hours, entry and exit personnel must carry the necessary identification cards, especially for departments that protect sensitive information, they should educate and encourage employees to ask who have not worn the identity cards, senior employees must learn to accept such questions and do not embarrass themselves. Even the company makes policies to punish those who do not carry documents as required. For example, if the work on the day is invalid, there is no salary.
Ii. Garbage Retrieval
This part does not need to be described too much. If we look at the shredders that every company is equipped with, we can see how important the company is to protect important documents. Of course, of course, there is no doubt about the security awareness of some confidential personnel. For some general personnel who may occasionally access confidential information, strict requirements should also be imposed on the handling of file spam.
In addition to file materials, there are also unnecessary computer media that must be ensured to be retained or completely deleted; cleaning personnel should be well managed so that they can often access confidential company materials, for example, when cleaning in the morning, is there any project material on the door desk waiting for the cleaners to patronize your office?
3. Say goodbye to employees
We need to pay attention to dissatisfied employees, especially those who are dismissed or demoted, who may take advantage of the convenience of being familiar with the company's internal environment and retaliate against the company or leaders. This requires strict employee exit procedures, policies for immediate termination of employee computer access, and revocation of employee identity documents and any key and electronic access devices.
4. Do not ignore anyone
Here, we mainly talk about not to be vigilant against those well-dressed people. There are many scammers with suits on the Internet, and the same psychological rules will also be used by social engineering engineers. Of course, the goal of social engineering is not money, but information. It is similar to economic espionage, but not just that. People with friendly manners and well-dressed clothes, such as professionals and self-proclaimed colleagues from remote departments may not be as superficial.
5. Secure IT
I don't know if you are aware that the employees in the IT department who are most likely to have access to confidential information in the company can easily view the salary, salary, and travel records of each person and all electronic records, employees in the IT department can get close to the water building first by month. The corresponding measure is to establish a strict Access Audit and authorization mechanism to control illegal access to information.