Posted August 4, 2017
Whether its name is WannaCry, Petya or Mirage, ransomware is numerous these days, causing grief, frustration and financial losses wherever it strikes. Hardest hit are smaller organisations that lack a dedicated cybersecurity department.
Setting aside the technical side of ransomware attacks (to be addressed in a future blog-post) these attacks aim to infect backups and hard drives of a target organization with malware that makes data unreadable (encryption) for anybody but the holder of the unique secret decryption key. The hackers then proceed to extort a ransom from the victim in order to have the data restored. However ingenious these viruses may work once they have infected corporate IT systems, they all spread through the same means – peopIe.
Social Engineering
Amongst Cyber security professionals, any attempts to trick, scam, defraud and extort people online is referred to as social engineering. The term refers to every instance where mailcious actors use the internet to influence people, usually to steal money from them or gain sensitive information that they can turn into profit.
Most commonly, social engineering takes the form of phishing, whereby individuals faslify emails and send them to unsuspecting victims, who believe the messages to be genuine. Then, the attackers use the trust of the victims to elicit either sensitive information to infiltrate the networks of the targeted organization or attempt to extract money from the victim through wire fraud. This lucrative strategy is used by cybercriminals and corporate spies alike, causing estimated financial losses of over €3 billion worldwide in 2016, with an average cost of up to roughly €3.1 million per incident .

September 18, 2017
Short, sweet and to the point. Some great examples of Social Engineering and a great intuitive explanation of what Social Engineering is. Do you mind if I link to your content in my own work (se101.nl)?
September 21, 2017
Glad you enjoyed it, Tony. Feel free to share the post as you like.