A Pilot Analysis of Factors Affecting Defense Against Social Engineering Attacks in the Armed Forces Environment

Abstract

Social engineering is a technique of deceiving people into giving away confidential information that could be useful to gain unauthorized access to an information system. Even to the most secured system, social engineering is a formidable threat. It is one of the most devastating threats to organizations and businesses. Unlike traditional hacking, social engineering is less or non-technological. It manipulates characteristics of human nature, exploiting people’s desire to be kind and helpful. The psychology leverage makes social engineering hard to defend against. This paper presents the identification of factors related to social engineering in the context of armed forces through a review of related literature. Prior works from previous studies are discussed, and factors have been identified based on certain criterion. This study executed a pilot analysis on 30 samples of respondents among Malaysian armed forces personnel. As a result, nine factors are identified that may affect defense against social engineering in the armed forces: Authority, Reciprocation, Commitment and Consistency, Diffusion of Responsibility, Scarcity, Friendliness and Liking, Awareness, Social Proof, and Trust.