Non-Technical Cyber-Attacks and International Cybersecurity: The Case of Social Engineering

Abstract

This paper aims to provide an overview of social engineering attacks, and their impacts on cybersecurity, including national and international security, and figures out detection techniques, and major methods for countermeasure. How do social engineering attacks affect national and international security? And why is it so hard to cope with them? Seeking for answers to these questions, this paper applies qualitative research methods particularly literature review and case analysis. While qualitative research methods are predominantly employed, quantitative methods will also be utilized when deemed essential. Social engineering attacks, also referred to as online fraud, are a type of attack that typically necessitates minimal or no technical knowledge. Social engineering attacks, instead benefit from the weaknesses and mistakes of individuals, since the user is accepted as the weakest link in cybersecurity. Many studies have shown that the vast majority of successful cyber-attacks in the digital world are social engineering (SE) because countering them is more difficult than countering technical cyber-attacks. Based on the analysis of some major cyber-attacks such as the intervention in the 2016 US Presidential elections, the hacking of CIA director, John Brennan in 2015, and Stuxnet in 2010, the paper figures out that social engineering attacks have a tremendous impact on cybersecurity on the individual, institutional, societal, national, and international levels. Penetration tests and training for raising awareness are the prolific ways to mitigate social engineering attacks.