Uber suffered a major security breach due to an employee revealing sensitive information to a hacker who used the “social engineering” hacking technique. The term refers to the way hackers use spoofing or fishing techniques to get access to a company’s data system through its employee. This security breach started from a text message that an employee of Uber could not figure out has not come from a company’s employee. The person was tricked into revealing a password that led to compromising the IT system of the rideshare company.
This attack is difficult to avoid because it will require controlling the authority of an employee. It will deprive the person of conducting company works independently. Even when sensitive information is stored under extensive layers of protection, a hacker can use this technique to get access to the system. The hacker has to get access to the login information only to access the protected data.
Different types of hacking techniques are used under social engineering attacks. The goal is to trick an employee into revealing sensitive information about the company, mainly the login information. This information is then used to get access to the data stored by the company. The data can include financial data.
The risk of social engineering attacks has only increased in recent times. Cybersecurity firms have especially warned about this security threat because it is not covered under the hacking bounty programs that companies have. Under these programs, companies incentivize ethical hacking. They pay money to ethical hackers who inform the company about a security risk that exists in its system.
