The Social Engineering Capture-the-Flag is a competition and training event that will allow students to compete in a purely social engineering intercollegiate competition and offer free training to students and educators. The event is scheduled for October 2-4, 2020 and will be held completely virtually given the current Covid-19 pandemic.
What is social engineering?
Social engineering is defined as any act that uses persuasion strategies to influence individuals to take an action that may or may not be in their best interests. Many people use social engineering in everyday contexts (Social‐Engineer, Inc).
Why is social engineering relevant?
Social engineering is often used to conduct reconnaissance, which is the first stage of a cyberattack. Previous research indicates that adversaries, such as nation states and organized crime groups, spend a good portion of their time (50-75%) on reconnaissance.
Social engineering may also be used maliciously by “deceiving an individual into revealing sensitive information (passwords), obtaining unauthorized access (to restricted areas such as server rooms), or committing fraud (deception via phishing) by associating with the individual to gain confidence and trust”, National Institute of Standards and Technology (NIST SP 800-63-3).
Nearly 70% of US organizations experienced SE attacks in 2017, costing the country approximately $2.76 million and each instance taking approximately 20 days to resolve. Cybersecurity experts agree that the human factor is the weakest link in cyberattacks, making social engineering a major concern for cybersecurity.