Strengthening Cyber Defenses: Responding to Social Engineering Challenges

Rising Cyberattacks and Increasing Losses

The first half of 2025 witnessed a significant escalation in cyberattacks, affecting major companies such as Marks & Spencer, Harrods, and Qantas Airways. These attacks included data breaches and ransomware attacks, resulting in the loss of vast amounts of employee and customer information, and raising serious questions about the robustness of corporate security infrastructure.

Statistics indicate that up to 98% of cyberattacks involve a form of social engineering, underscoring that the human element remains the weakest link in the cybersecurity defense chain. The average losses associated with ransomware and other extortion breaches amounted to $46,000 in 2024, and average ransomware payments rose from less than $200,000 in early 2023 to $1.5 million by mid-June 2024. US consumers also reported fraud-related losses totaling $12.5 billion in 2024 alone, and investment scams relying on social engineering caused losses exceeding $4.5 billion during 2023-2024.

Mechanisms of Social Engineering Attacks

The majority of these breaches are attributed to social engineering attacks, specifically targeting IT helpdesks. Attackers perform employee impersonation to trick IT staff into resetting passwords, granting them unauthorized access to systems and facilitating the deployment of ransomware.

This behavior demonstrates hackers' deep understanding of human psychology, exploiting social norms and complacency to bypass even the most robust data security systems.

The Importance of the Human Element in Cyber Defense

To strengthen cyber defenses, companies must go beyond merely investing in advanced technologies and give equal attention to the human element to bolster cyber resilience and ensure long-term data security.

This requires an understanding of how to address human vulnerabilities to build a smarter, stronger, and more adaptive cyber defense system.

Improving Password Policies

Passwords are the first line of defense, and as recent breaches have shown, password-based access is often the entry point attackers need. Simple changes to password policies can add an extra layer of protection.

It is crucial to avoid including personal information in passwords, such as names or birth dates, as this makes it easier for hackers to obtain login credentials. Companies should implement clear password policies, including rules for password length and complexity, and follow best practices from the National Institute of Standards and Technology (NIST) for password generation.

NIST does not recommend forced password resets unless there is evidence of a breach, as this often leads users to create sequential passwords that are easy to remember, thereby reducing operational security.

Multi-Factor Authentication (MFA) and Its Challenges

In addition to password hygiene rules, the strict implementation of 0) { // التحقق إذا كانت الكلمة "technology" موجودة في أي من التصنيفات for (let item of breadcrumbItems) { if (item.textContent.trim() === "technology") { return "technology"; // إرجاع "technology" إذا تم العثور عليها } } } return null; // لم يتم العثور على التصنيف "technology" } // عند تحميل الصفحة بالكامل window.onload = function() { let category = getCurrentCategory(); // الحصول على التصنيف let resultContainer = document.getElementById("social-links"); // الحصول على العنصر الذي سيعرض الروابط // طباعة التصنيف في وحدة التحكم لمراقبته console.log("التصنيف الملتقط:", category); if (resultContainer) { const socialIcons = { facebook: 'https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhn89VTVes_Hl06UareNohRUBqNIHDH9Lv-F0N-ZZu1nFAbkdLwnHkOTgqj2fYRm2lAFyAOE6CMrDTA9ehdVhIEwQuXGIVissKPk-6DaNj4D8saUBCpmA_djFjqrODNwCNetRUUSYn4IgyJ3QgnyMSqT4TChRDdAVjjG2j7RbgnJRPLgz1T-x6CTDppyC4h/s512/facebook-round-color-icon.png', twitter: 'https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiZvHlD6B9THWwronS3AsOp-G4sPnaeTEllvescomdsgcTQWte_TjmrKUZfZFbHrLym4rpYaOdl60kdePpDBpFruedVGCWTvL6RCNbWMhWMOEzIEud69wYPzNs9X3WFcZ7d6iwh4Y09i1oCMEcH9_CvhRpOlrWgKeTn8wCPhSnvc5vsTRMTbf10Dkfocyo/s512/x-social-media-logo-icon.png', }; const links = category === 'technology' ? { facebook: 'https://www.facebook.com/aymanytechnology', twitter: 'https://x.com/aymany_tech', } : { facebook: 'https://www.facebook.com/aymanyHistory', twitter: 'https://x.com/aymany_history', }; resultContainer.innerHTML = `

Follow us on social media platforms: