Whatever new technologies are adopted, social engineering will evolve in parallel and find work arounds. Even as these security defenses mature, it will always be easier to hack a human than hack a system.
BadUSB attacks have proliferated in the last year for a simple reason — they work as long as curiosity is part of human nature. The impact of BadUSB is tantamount to allowing an unknown hacker to sit at an employee’s unlocked computer and directly attack the network from the inside.
Cybercriminals are using social engineering to target company employees on social media, which remains a weak point even if a company takes every precaution necessary to protect in-house information.
Major Cybersecurity Incident at Uber: Network Breach Began With Social Engineering by Teenage Culprit, Sensitive Information Stored in Plaintext
Uber cybersecurity incident was the result of social engineering by teenage hacker. Network breach was a total compromise and that the attacker had full access to Uber's systems.
Another Data Breach at Marriott as Social Engineering Attack Yields 300-400 Customer Credit Card Numbers
The data breach took place at the BWI Airport Marriott near Baltimore. A social engineering attack was executed on a member of the hotel staff, who unwittingly granted access.
EA Confirms Account Takeover Attacks Compromising High-Profile Gamers via Phishing and Social Engineering Attacks
EA introduced new security measures to prevent account takeover attacks after hackers successfully breached high-profile players’ accounts via phishing and social engineering attacks.
Data Breach of Robinhood Trading Platform Blamed on Social Engineering, Similar to 2020 Twitter Breach
Robinhood, the most popular app-based trading platform for non-professional investors, has confirmed that it suffered a data breach due to a social engineering attack last week that potentially compromised millions of accounts.”
Nigerian Threat Actors Skip Social Engineering, Make Direct Pitches to Employees To Install Ransomware on Company Networks
Most ransomware attacks begin with some combination of phishing and social engineering. An enterprising ransomware gang in Nigeria appears to be skipping this messy step, simply making a direct pitch to employees to join in on the attack.