Title

Panel E: USER INTERFACE VS SOCIAL ENGINEERING: TRAINING USERS IN THE AREA OF COUNTERINTELLIGENCE AGAINST SOCIAL ENGINEERING

Presenter Information

Obulu AnetorFollow

Faculty Mentor(s)

Dr. Bryson Payne

Campus

Dahlonega

Proposal Type

Oral Presentation

Subject Area

Computer Science

Location

Nesbitt 3212

Start Date

25-3-2022 11:00 AM

End Date

25-3-2022 12:00 PM

Description/Abstract

ABSTRACT

What do you think the average computer user thinks the most popular form of cyberattack is? According to CISCO’s annual Cybersecurity Report, the number 1 form of attack is phishing. About 150 million phishing emails are sent every day (CISCO, 2022). Imagine the number of unsuspecting users who open these emails. Social engineering starts with an unsuspecting user exposed to the exploitation of malicious attackers. It is not only phishing attacks we must be wary of. Phishing, malware, etc are merely the attack tools used to exploit individuals, companies, and legal states. Users must learn to avoid becoming victims to these means of attacks. The recruitment process of exploiting users is what we call social engineering. Many users are unaware of the tactics attackers use to elicit sensitive information from unassuming users. This is where Payne and Mienie’s MICE+G (money, ideology, coercion/compromise, ego/extortion, and grievance) and RASCALS (reciprocation, authority, scarcity, commitment/consistency, liking, and social proof) frameworks come into play. This is “a novel approach to cyber education that explicitly incorporates counterintelligence principles” (Mienie & Payne, 2020). This project researched elements of an effective user interface and implemented them into a training program that uses MICE+G and RASCALS to educate and tests users’ knowledge on counterintelligence tactics against social engineering. This project shows that an effective user interface can be used as a proactive preventative cybersecurity tool.

References

E. L. Mienie & B. R. Payne, 2020. From Ransomware to RASCALS (R2R)

What Is Phishing? (2022, January 17). Cisco.

Media Format

flash_audio

This document is currently not available here.

Share

COinS
 
Mar 25th, 11:00 AM Mar 25th, 12:00 PM

Panel E: USER INTERFACE VS SOCIAL ENGINEERING: TRAINING USERS IN THE AREA OF COUNTERINTELLIGENCE AGAINST SOCIAL ENGINEERING

Nesbitt 3212

ABSTRACT

What do you think the average computer user thinks the most popular form of cyberattack is? According to CISCO’s annual Cybersecurity Report, the number 1 form of attack is phishing. About 150 million phishing emails are sent every day (CISCO, 2022). Imagine the number of unsuspecting users who open these emails. Social engineering starts with an unsuspecting user exposed to the exploitation of malicious attackers. It is not only phishing attacks we must be wary of. Phishing, malware, etc are merely the attack tools used to exploit individuals, companies, and legal states. Users must learn to avoid becoming victims to these means of attacks. The recruitment process of exploiting users is what we call social engineering. Many users are unaware of the tactics attackers use to elicit sensitive information from unassuming users. This is where Payne and Mienie’s MICE+G (money, ideology, coercion/compromise, ego/extortion, and grievance) and RASCALS (reciprocation, authority, scarcity, commitment/consistency, liking, and social proof) frameworks come into play. This is “a novel approach to cyber education that explicitly incorporates counterintelligence principles” (Mienie & Payne, 2020). This project researched elements of an effective user interface and implemented them into a training program that uses MICE+G and RASCALS to educate and tests users’ knowledge on counterintelligence tactics against social engineering. This project shows that an effective user interface can be used as a proactive preventative cybersecurity tool.

References

E. L. Mienie & B. R. Payne, 2020. From Ransomware to RASCALS (R2R)

What Is Phishing? (2022, January 17). Cisco.