Laocoonte and Social Engineering

Written by Enrico Frumento, CEFRIEL

Laocoonte was an Apollo trojan priest who, during the siege of Achaeans, tried to dissuade his fellow citizens from trusting the wooden horse left by its enemies. At the wish of the goddess Athena, who had already established the outcome of the war with the victory of the Achaeans, two sea snake attacked him and his two sons in order not to compromise the divine design.
This figure is strongly connected to the Social Engineering and security in general, because of the connections to the Achaeans story, through the concept of Trojans malware. But actually Trojans are connected to social engineering because a trojan by definition is not able to infect a machine on its own, it requires an user which executes it. Trojans require an action from the attack target (i.e., Click over a link or an attachment). The user must therefore be convinced to do that action through an “hook”.

The Social Engineering helps to perform this convincement action, and expecially the Social Engineering 2.0. This action is performed through SPAM and other modern phishing methods (i.e. Spear Phishing) plus the contextualization of the Social Engineering attacks (i.e. Social networks).
Once the human “firewall” is bypassed, the trojan has access to the PC and this is simpler than writing a real virus.

The other myth, also tied to Laocoonte and better known, is Cassandra. Even her advices were ignored. We think to the awareness activities, used to mitigate the threat of social engineering, as the warnings of Laocoonte ;-)
This statue can be used as a symbolic remind of what social engineering can do if advices are not heard.

 

by Enrico Frumento (CEFRIEL)

 




This project has received funding from the European Union’s Horizon 2020 Research and Innovation programme, under grant agreement No. 653618