사회공학 (Social Engineering)
High-quality technical overview of Social Engineering in the context of blockchain security.
Profiles: 1. Malicious (Revenge/Profit). 2. Negligent (Accident/Ignoarance). 3. Compromised (Identity stolen). 4. Mules (Coerced).
graph LR
Center["사회공학 (Social Engineering)"]:::main
Rel_cybersecurity["cybersecurity"]:::related -.-> Center
click Rel_cybersecurity "/terms/cybersecurity"
classDef main fill:#7c3aed,stroke:#8b5cf6,stroke-width:2px,color:white,font-weight:bold,rx:5,ry:5;
classDef pre fill:#0f172a,stroke:#3b82f6,color:#94a3b8,rx:5,ry:5;
classDef child fill:#0f172a,stroke:#10b981,color:#94a3b8,rx:5,ry:5;
classDef related fill:#0f172a,stroke:#8b5cf6,stroke-dasharray: 5 5,color:#94a3b8,rx:5,ry:5;
linkStyle default stroke:#4b5563,stroke-width:2px;
🧒 5살도 이해할 수 있게 설명
컴퓨터를 해킹하는 게 아니라, 사람을 속여서 비밀번호를 알아내는 방법이에요. 예를 들어, 가짜 은행 직원이 전화해서 비밀번호가 필요하다고 속이는 식이죠.
🤓 Expert Deep Dive
Technically, insider attacks are identified through 'Anomalous Behavior Patterns'. Since the attacker uses legitimate credentials, security teams must look for 'Lateral Movement' (trying to access folders they don't usually need) or 'Data Staging' (gathering lots of files in one place before sending them out). The 'Zero Trust' model is the primary defense, which operates on the assumption that even people inside the network should be continuously verified. Advanced defenses use UEBA (User and Entity Behavior Analytics) to flag an employee who suddenly starts logging in at 3 AM or accessing HR records when they work in Engineering.