What is human hacking?
More than 90 percent of successful security breaches are initiated by human hacking, also known as social engineering. Human hacking refers to the techniques utilized by threat actors to manipulate insiders to undertake actions which meet the objectives of the social engineer while oftentimes compromising the insider and/or the targeted organization.
What are the different types of human hackers?
While a social engineer will target others in an attempt to manipulate them to undertake an action that will serve the social engineer’s purposes, their intentions may vary depending on the type of human hacker they are.
Intelligence Services
Intelligence services will steal secrets
for intelligence and to use for national security purposes, also known as espionage. The clandestine practice of espionage is unwelcome and in some cases may also be against the law.
Criminal Groups
Criminal groups are often motivated by financial purposes. They may try to steal customer or employee data for sale on a deep dark web, attempt to use ransomware for financial extortion or make an effort to have wire transfers fraudulently sent out of the organization using a business email compromise.
Industrial Competitors
Industrial competitors might possibly use human hacking for the reason that they want to uncover information or for their own purposes to better position themselves within the marketplace.
Activist Groups
Activist groups who attempt to steal proprietary or sensitive information for public release, also known as hacktivists, may do so in an attempt to embarrass the company and try to force some type of change.
Hacktivists commonly launch attacks targeting entire corporations, however, they also may target particular firms that they believe do not share their political opinions or policies.
In some instances, hacktivists may select companies to target based on the customers and partners they conduct business with, rather than the targeted company's own values.
Love Wolves
Lone wolf hackers, like hacktivists, are often driven by something other than financial incentives. These are individuals who might want to seek revenge and try to sabotage the organization.
Some individuals known as whistleblowers may disclose and call attention to sensitive material obtained from their employer or previous place of work.
Other lone wolves may simply practice social engineering for the love of hacking and wanting to be able to prove that they can do it.
How to protect yourself against human hackers
While not all security breaches can be prevented, an individual or organization can significantly minimize their risk of falling victim to human hacking by practicing caution with the information they divulge to others. Establishing an effective and continuous security awareness program for all company employees can be greatly beneficial as anybody can fall victim to these attacks.
Regardless of the human hacker it's a good possibility that you could be approached in the future by someone trying to manipulate you. If so, Would you recognize that approach?
About the Counterintelligence Institute
Founded by former CIA senior intelligence officer Peter Warmka, the Counterintelligence Institute’s mission is to assist your corporations, government offices, academic institutions and non-profit organizations in protecting your sensitive information and personal data records against security breach attempts. Our online and onsite training services focus on transforming the human factor from being the weakest link in security to becoming the most effective defensive tool against security threats against your company and personal life.