Achieving Security Awareness Through Social Engineering Attacks

The ability to "think like an attacker" is the best way to defend against attacks. Your employees are your biggest asset, but also at the biggest risk for social engineering (SE). Awareness is the best defense against SE threats. Class activities will introduce students to profiling the online presence of employees and enterprises, as well as performing hands-on attacks against WiFi and physical computers. After successful completion of this course, students will have a better understanding of how to detect and/or prevent to SE events by looking at their defenses from a different perspective. Students will gain insight into how to educate others and create greater awareness about the various dangers that can occur. Students will also learn about operational security (OPSEC) for defense against attacks. The primary goal of this course is to demonstrate vulnerabilities with the intent of substantially increasing the security posture of an organization by implementing changes to better handle malicious SE attacks. This 2-day course will use current Red Team strategies to develop a better understanding of how attackers use SE, as well as provide methods to prevent and detect these attacks via awareness programs and "teachable moments". A custom Hak5 Field Kit will be provided to each student for use during the class, which students will be able to keep and take home.