“That email from your boss may not be truly from your boss… Nowadays you need to verify before trust. Emails and calls are no longer enough,” said Peter Warmka, a former CIA operative of more than 20 years and founder of the Counterintelligence Institute.
According to him, “financial institutions are at the top of the pyramid of organizations targeted by hackers.” So, how could you protect yourself and the company’s integrity?
For Warmka, social engineering is one of the most important tools a threat actor can use to manipulate a human target once identified, and that the selection happens based on how much information about them is publicly available. So, while the threat is complex and multifaceted, organizations can protect themselves from human weaknesses.
Be it foreign intelligence services, criminal groups, industrial competitors, activists, and/or other threat actors, attackers are using some effort of social engineering to manipulate key insiders in organizations, getting them to do things that could result in a security incident.
During his keynote speech at the 37th CELAES Bank Security Conference 2022, organized by FIBA and FELABAN, Warmka will go over the art of human hacking, explaining the main four social engineering attack techniques, in order to help attendees understand how they could be targeted and what those different attacks could look like.
“Most people do not realize why they are vulnerable to human hacking attempts,” said the author of the book “Confessions of a CIA Spy: The Art of Human Hacking,” but “depending on the threat actor’s objectives, everyone is in danger of being targeted as an insider.”
“The more information that is out there, the more vulnerable the organization and the individual become.” According to Warmka, while most people say that they do not accept, for example, LinkedIn requests from strangers, a simple commonality like listing the same college, could make a target “accept.”
“Once connected, the attackers could gather information, send a malicious link, or use you as social proof to get to your connections.” During his presentation, Warmka will also teach participants how to identify fake profiles, as well as how individuals are targeted, how attackers collect information before the attack and how they tailor the approach to make the person receptive.
Join him and some of the biggest players and brightest minds in financial security between June 20th and 21st, 2022 in Miami. During 37th CELAES 2022, you will be able to share knowledge and discuss the data, case studies, strategies, and best practices that are shaping the financial cybersecurity landscape.
The first 150 to register will enter to win a signed copy of Confessions of a CIA Spy – The Art of Human Hacking. Register now!