Cyberterrorism and social engineering - Methods and countermeasures

Abstract

The article deals with the topic of cyberterrorism committed with the help of social engineering. It lists the means and methods used by modern cyber-terrorists but mentions in more detail the less common ones, which have a greater chance of success because they are not widely known. In the case of cyber terrorism or cyber war, the damage can become global. It is in the existential interest of every state or company to have a sufficient level of prevention against threats to its digital space and adequate settings of functional countermeasures. The article mentions these current countermeasures, especially the selected ones that correspond to the results of the SWOT analysis presented here. The topics of cybercrime include criminally punishable harmful behavior on the Internet such as Internet piracy (making illegal copies, illegal Peer-to-Peer file sharing, violation of copyright or industrial rights), dissemination of harmful content, a serious form of cyberbullying, cyber grooming, and cyberstalking. At present, especially the enormously increasing sophisticated organized crime, identity theft, or cyber-terrorism. From a general introduction to a better understanding of the topic, it goes on to a detailed description of individual current methods and focuses on the most frequently used techniques and methods of today like Watering Hole Attack, Cryptojacking, Pivoting, Credential Stuffing Attack, Website Defacement and Formjacking for example. In particular, social engineering methods, DDoS attacks, and password-cracking methods are described. Using an overview SWOT analysis, the article points out strengths and weaknesses, threats and opportunities concerning the currently most used methods of criminals. In conclusion, it presents the current requirements and measures, due to the constantly more sophisticated methods of modern attacks, for a secure organization and offers recommended procedures.