Social engineering attacks costly for business

[InfoSec News <alerts () infosecnews org>]

http://www.csoonline.com/article/690167/social-engineering-attacks-costly-for-business

By Joan Goodchild
Senior Editor
CSO
September 21, 2011

Social engineering attacks are widespread, frequent and cost 
organizations thousands of dollars annually according to new research 
from security firm Check Point Software Technologies.

A survey of 850 IT and security professionals located in the U.S., 
Canada, U.K., Germany, Australia and New Zealand found almost half, 48 
percent, had been victims of social engineering and had experienced 25 
or more attacks in the past two years. Social engineering attacks cost 
victims an average of $25,000 - $100,000 per security incident, the 
report states.

"Socially-engineered attacks traditionally target people with an implied 
knowledge or access to sensitive information," according to a statement 
from Check Point on the survey. "Hackers today leverage a variety of 
techniques and social networking applications to gather personal and 
professional information about an individual in order to find the 
weakest link in the organization."

Among those surveyed, 86 percent recognize social engineering as a 
growing concern, with the majority of respondents, 51 percent, citing 
financial gain as the primary motivation of attacks, followed by 
competitive advantage and revenge.

[...]


_____________________________________________________________
Register now for the #HITB2011KUL - Asia's premier
deep-knowledge network security event now in it's 9th year!
http://conference.hitb.org/hitbsecconf2011kul/