In Change Strategists’ October, 2018 LEAD-ZINE, our monthly newsletter, we discuss the role of Artificial Intelligence and the concept’s assistance in helping to ensure cybersecurity in organizations. In the news last Friday was the release of information that FaceBook had experienced a security breach involving 50 million users.
The hackers exploited a feature in FB code that allowed them to take over users’ accounts. As a result, FB advised 90 million users to log out of their accounts on Friday. With AI and its current positive effects on cybersecurity in companies, the latest and best target for hackers is social engineering. With the information that hackers need available free online, they can manipulate unsuspecting and trusting users to open the fraudulent emails. Kathryn Sherman of the FBI says, “Less-technical hackers are using social media data to gain access to companies and individuals and are defrauding our economy of billions of dollars.” According to research conducted by IBM, about one-third of all cyberattacks today start with social engineering, including those involving fraudulent “business” emails. One of the reasons that these kinds of attacks are so effective is what’s called “psychological authentication.” That is, hackers are actually hacking peoples’ minds. For example, if one receives an email with the boss’ name in the email, then there’s a tendency to automatically and mentally “authenticate” that email and open it. All social engineering is based on emotional response. The criminals are masters at these techniques, to the extent that phishing emails get ten times the click through rate, compared to marketing emails. Mind hacking is a situation where it pays to be alert to the techniques that hackers use and to take the extra step of texting the boss (or other “familiar” person or situation mentioned in the emails) to authenticate the email’s origination.