The development phase involves two parts: selecting individual targets within the organization being attacked and forming a relationship with the selected targets. Usually, attackers select people who not only will have access to the desired information or object, but who also show signs of being frustrated, overconfident, arrogant, or somehow easy to extract information from. Once a target is selected, the attacker will start forming a relationship with the target through conversations, emails, shared interests, and so on. The relationship helps build the target's trust in the attacker, allowing the targets to be comfortable, relaxed, and more willing to help.
a new term used to describe a strategy that deliberately mixes elements and techniques of conventional warfare (e.g., national uniforms, heavy weapons) and unconventional warfare (e.g., guerrilla, paramilitary, information, or cyber war) as a way to coerce adversaries while avoiding attribution and retribution
As it refers to technology, hybrid warfare employs political warfare and blends conventional warfare with cyberwarfare. Its goal is to influence others with things such as fake news, diplomacy, lawfare, and foreign electoral intervention
Sets with similar termsShoulder Surfing - Shoulder surfing involves looking over the shoulder of someone working on a computer.
Eavesdropping - Eavesdropping refers to an unauthorized person listening to employees or other authorized personnel as they discuss sensitive topics.
Dumpster Diving - Dumpster diving is the process of looking in the trash for sensitive information that has not been properly disposed of.
Tailgating and Piggybacking - Piggybacking and tailgating refer to an attacker entering a secured building by following an authorized employee through a secure door without providing identification. Piggybacking usually implies consent from the authorized employee, whereas tailgating implies no consent from the authorized employee.
Masquerading - Masquerading refers to convincing personnel to grant access to sensitive information or protected systems by pretending to be someone who is authorized and/or requires that access. Masquerading is more passive than impersonating.
Phishing - A phishing scam is an email pretending to be from a trusted organization, asking to verify personal information or send money. In a phishing attack:
A fraudulent message (that appears to be legitimate) is sent to a target.
The message requests that the target visit a fraudulent website (which also appears to be legitimate). Graphics, links, and websites look almost identical to legitimate requests and websites they are trying to represent.
The fraudulent
website requests that the victim provide sensitive information such as the account number and password.
Common phishing scams include the following features:
A Rock Phish kit is a fake website that imitates a real website (such as banks, PayPal®, eBay®, and Amazon®). Phishing emails direct you to the fake website to enter account information. A single server can host multiple fake sites using multiple registered DNS names. These sites can be set up and taken down rapidly to avoid
detection.
A Nigerian scam, also known as a 419 scam, involves emails that request a small amount of money to help transfer funds from a foreign country. For your assistance, you are to receive a reward for a much larger amount of money that will be sent to you at a later date.
In spear phishing, attackers gather information about the victim, such as identifying which online banks they use. They then send phishing emails that appear to be from the user's bank.
Whaling is another form of
phishing that targets senior executives and high-profile victims.
Vishing is similar to phishing. Instead of an email, the attacker uses Voice over IP (VoIP) to gain sensitive information. The term is a combination of voice and phishing.
To protect against phishing:
Check the actual link destination within emails to verify that they go to the correct URL, not a spoofed one.
Do not click on links in emails. Instead, type the real bank URL into the browser.
Verify that HTTPS is used
on e-commerce sites. HTTPS requires a certificate that matches the server name in the URL that is verified by a trusted CA. You can also look for the lock icon to verify that HTTPS is used.
Implement phishing protections within your browser.
Caller ID Spoofing - Caller ID spoofing causes the telephone network to display a number on the recipient's caller ID display that implies that a call is coming from a legitimate source.
Hoax Emails - Hoax emails prey on email recipients who are fearful and believe most information if it is presented in a professional manner. Usually these hoax messages instruct the reader to delete key system files or download Trojan horse viruses.
Spyware/Adware - Spyware and adware are pop-up advertisements that can have malicious objectives, such as tricking users into unknowingly downloading malware or gathering information about the user and sending it to a third party for commercial gain.
Pretexting - Pretexting is the use of a fictitious scenario to persuade someone to perform an action or give information for which they are not authorized. Pretexting usually requires the attacker to perform research to create a believable scenario.