Senin, 24 Februari 2020

Mis understanding between Hacking and Social Engineering, Here's the Explanation ...

Maybe complaints like that lately are often heard from victims of " hacking ". The most recent example is the case of singer Maia Estianty, who accounts for the balance of Gopay by unscrupulous ojol.

Many refer to this incident as a hack, but this is a mistake. Because the incident is more accurately referred to as fraud through social engineering techniques or in Indonesian it can be referred to as social engineering.

"Many misconceptions by mentioning the incident was caused by hacking. Whereas the truth is social engineering," said George Do, Gojek Chief Information Security Officer in Jakarta, Thursday (1/23/2020).



Social engineering is actually a technique in which one or a group of people do something that makes other people follow it. And this technique is not always a negative activity.

Adult clinical psychologist Dessy Ilsanty exemplifies one of the applications of social engineering is when passengers wait for boarding aircraft. Although the boarding time is still long, when there is one person who starts lining up at the door, other people will follow him.

In fact, according to Dessy, this kind of technique could be used to make MRT passengers in Jakarta want to give way to passengers who want to get off first.

"I wanted an ambassador to give an example of that," said Dessy.

He added that this technique was more effective than giving verbal information, such as asking people to give way to passengers who were going to get off first.


But unfortunately the derivative of this technique is then misused by irresponsible people. Namely by utilizing psychological manipulation to extract certain information that will be used for various criminal acts.

One of them is to drain the balance in a digital wallet by manipulating the victim to provide a one time password (OTP) code received on the victim's cellphone.

While hacking, or hacking, according to independent researcher at the Swiss German University Cybersecurity Lab Charles Lim is a process to carry out disruption to the system to retrieve data or a number of other activities.

Or in other words is to take advantage of the gaps in a system that allows the perpetrators to infiltrate the system. After a successful infiltration, he can do anything that becomes his hacking goal.

"The system was hacked, technological components and processes were attacked. In contrast to social engineering that utilizes human weaknesses to achieve his goals," Charles said.