Alongside advanced technology and the development of computer and network systems, human resources remain the most important and influential force in the world we live in.
Looking at the business world, it is easy to see that human creativity is an irreplaceable asset in the success of an organisation, but creativity is fraught with many dangers. In addition to threats from outside the organisation, there are those who work toward personal gain at the expense of success, stability and survival of the organisation.
There are various ways and methods used by malicious entities for obtaining information and other resources from your organisation. Among these ways can identify two main trends:
- Exploiting weaknesses in information systems / computer systems / organisational communications.
- Exploiting the weakness of the human factor in the organisation to reach a desired resource.
- Identifying the human element as one of the weak links in the organisational chain, and as vulnerable and exposed to more manipulations than any infrastructure or system, increases the need to deal with the issue extensively at all levels of social engineering.
Cyber360 has established an operational training unit on social engineering, which is operated by employees with experience in different units. We perform social engineering activities, including setting up the methodology, staffing and treatment chain of these events. The activities include intelligence gathering from various means, building fraud schemes according to the outline given to customers, or prepared according to a scenario developed by the company (Custom Attack Scenarios).
We set up Phishing fraud attempts, physical impersonation and attempts to infiltrate physical protection controls, identifying a specific target that we have gathered information on through visible means and others, going as far as attempts to insert malicious code to those organisations using the same targets.
At Cyber360 we emphasise attention to detail, and the construction of reliable simulated attacks both at an advanced technical level and at the level of social engineering itself. These goals are achieved through a deep familiarity with the means of obtaining information and reconnaissance capabilities built over the years.