Friendly Irish people susceptible to hackers as they’re eager to please
IRISH people are not easy to fool, but they are friendly and are eager to please and that makes them a typical target for social engineering or hacking types. That’s according to social engineering specialist Jenny Radcliffe, aka ‘The People Hacker’, who will be the opening speaker at Dublin Information Sec 2018, Ireland’s cybersecurity conference which takes place later this month.
“Social engineering is a human-based hack on a business,” she says. “A malicious attacker targets an individual or organisation and manipulates people inside to obtain data, money or access to private or secure areas and information.
“It’s about scams, cons and tricking people into giving things away.
“From the defence side of things, I simulate a criminal attack on a business using social engineering methods so that we can help them educate people and reinforce their security so that the real bad guys will find it harder to get past them,” said Radliffe.
For the Liverpudlian, who worked in procurement with US giant GE before side-stepping fulltime into the cybersecurity world, the security business is in her blood.
“I had family who were, loosely speaking in the security business and I got into the job that way. It was something I’d always done although I wouldn’t have labelled it social engineering back then.
“As I grew up and got a regular job I got to look at more and more sites all over the place. Some high-net-worth individuals asked me if I could test the security on their houses and businesses and it started to pay really well. Word got out and it became less of a side hustle and more my main job.
“Then, in the last 10 years or so the growth of the security industry has meant that more people actual understand what social engineering is and how it can be useful.”
Top executives now accept that cyber-threats are one of the biggest hazards for business and according to Radcliffe, it’s important that organisations understand how social engineering can be used maliciously against them.
“Firstly because if you don’t protect people through educating them about this threat then all the other defences you have are weakened or useless because of potential human error and fallibility. It’s like locking your door but leaving a window open,” she added. “However, it’s also important because malicious social engineering directly targets people and like any other crime is devastating to the victims.”
One of her top tips is to educate staff about cybersecurity.
“Don’t blame people if they fall for a social engineering attack, and get your staff to talk about the problem so it becomes part of your firm’s everyday dialogue.
“Have a security ‘moment’ in team meetings with someone nominated to talk about a related issue. It might be a tip, an article or even a film they have seen. They bring it, share it and we all keep learning and become more aware. It’s free, simple and very effective.”
She added that while awareness around cybersecurity is growing, companies can always do more. “Social engineering targets individuals so it’s the public as well as industry that need to be made aware,” she said.
Her profile has led her to pastures new and she also stars in Channel 4’s hit series, The Hunted — series four airs shortly. “It’s an exciting show which would be ruined if I gave anything away so my lips are sealed and you’ ll have to wait and see what happens,” she said.