How to assess susceptibility to targeted cyber attacks exploiting human vulnerabilities

Banks have become accustomed to attacks aimed at the client side, compromising systems of banking customers, and have taken measures to mitigate those risks. However, in recent years new threats have emerged: attackers target the internal systems of the banking organizations
themselves. A striking fact concerning these targeted attacks is that they rely heavily on human vulnerabilities within the targeted organization in order to be successful. The aim of this research is to discuss the methods behind targeted attacks, human vulnerabilities, mitigating measures and to formulate a generic method to assess susceptibility to this risk.
It was found that:
•The human factor has been and still is an important vulnerability factor in targeted attacks.
•Security awareness training is not likely to reduce this vulnerability to zero.
•Therefore technical and administrative security measures also need to be taken into account in assessments of attacks targeting human vulnerabilities.

 

Keywords: Targeted social engineering, human vulnerability

 

READ PDF>

 

 

 

 

  • A de minimis rule for personal data breach notifications...
    Master CS/Machiel Bolhuis
    >
  • A de minimis rule fo...
    Master CS/Machiel Bolhuis
    >
  • A de minimis rule for personal data breach notifications...
    Master CS/Machiel Bolhuis
    >
  • A generic approach for detecting security anomalies in I...
    Master CS/Jaap Mooij
    >
  • A generic approach f...
    Master CS/Jaap Mooij
    >
  • A generic approach for detecting security anomalies in I...
    Master CS/Jaap Mooij
    >
  • A Process Model for Phishing Prevention
    Master CS/Paulo Ribeiro do Nascimento
    >
  • A Process Model for...
    Master CS/Paulo Ribeiro do Nascimento
    >
  • A Process Model for Phishing Prevention
    Master CS/Paulo Ribeiro do Nascimento
    >
  • An improved key distribution and updating mechanism for...
    Master CS/Marcel van Leent
    >
  • An improved key dist...
    Master CS/Marcel van Leent
    >
  • An improved key distribution and updating mechanism for...
    Master CS/Marcel van Leent
    >
  • Caring for Security
    Master CS/David Willems
    >
  • Caring for Security
    Master CS/David Willems
    >
  • Caring for Security
    Master CS/David Willems
    >
  • Cyber Confidence-Building Measures
    Master CS/Kraesten Arnold
    >
  • Cyber Confidence-Bui...
    Master CS/Kraesten Arnold
    >
  • Cyber Confidence-Building Measures
    Master CS/Kraesten Arnold
    >
  • Cyber Threat Intelligence
    Master CS/Daan Planqué
    >
  • Cyber Threat Intelli...
    Master CS/Daan Planqué
    >
  • Cyber Threat Intelligence
    Master CS/Daan Planqué
    >
  • Essence of Encryption
    Master CS/Jeroen Veen
    >
  • Essence of Encryptio...
    Master CS/Jeroen Veen
    >
  • Essence of Encryption
    Master CS/Jeroen Veen
    >
  • Guaranteeing authenticity and integrity in signalling ex...
    Master CS/Ewout Pronk
    >
  • Guaranteeing authent...
    Master CS/Ewout Pronk
    >
  • Guaranteeing authenticity and integrity in signalling ex...
    Master CS/Ewout Pronk
    >
  • How to bring HTTPS to the masses?
    Master CS/Maarten Aertsen
    >
  • How to bring HTTPS t...
    Master CS/Maarten Aertsen
    >
  • How to bring HTTPS to the masses?
    Master CS/Maarten Aertsen
    >
  • Multi actor roadmap to improve cyber security of consume...
    Master CS/Herbert Leenstra
    >
  • Multi actor roadmap...
    Master CS/Herbert Leenstra
    >
  • Multi actor roadmap to improve cyber security of consume...
    Master CS/Herbert Leenstra
    >
  • Payment Services Directive 2
    Master CS/Stephan Hellmann
    >
  • Payment Services Dir...
    Master CS/Stephan Hellmann
    >
  • Payment Services Directive 2
    Master CS/Stephan Hellmann
    >
  • Policy strategies for VPN for consumers in the Netherlan...
    Master CS/Nelly Ghaoui
    >
  • Policy strategies fo...
    Master CS/Nelly Ghaoui
    >
  • Policy strategies for VPN for consumers in the Netherlan...
    Master CS/Nelly Ghaoui
    >
  • SDN South-bound Interface Attack Mitigation
    Master CS/Lucio Jankok
    >
  • SDN South-bound Inte...
    Master CS/Lucio Jankok
    >
  • SDN South-bound Interface Attack Mitigation
    Master CS/Lucio Jankok
    >
  • Targeted attacks and the human vulnerability
    Master CS/Derk-Jan van Mourik
    >
  • Targeted attacks and...
    Master CS/Derk-Jan van Mourik
    >
  • Targeted attacks and the human vulnerability
    Master CS/Derk-Jan van Mourik
    >
  • The implementation of the Dutch Cabinet’s policy on data...
    Master CS/Carlo Koch
    >
  • The implementation o...
    Master CS/Carlo Koch
    >
  • The implementation of the Dutch Cabinet’s policy on data...
    Master CS/Carlo Koch
    >
  • The influence of Dark Web on border control
    Master CS/Edwin Noordzij
    >
  • The influence of Dar...
    Master CS/Edwin Noordzij
    >
  • The influence of Dark Web on border control
    Master CS/Edwin Noordzij
    >

This website uses cookies to ensure you get the best experience on our website. By continuing to browse the site, you are agreeing to our use of cookies.. More info

 

I AGREE