Room link: https://tryhackme.com/room/humansattackvectors
Created by: tryhackme, TactfulTurtle
Objective: “Understand why and how people are targeted in cyber attacks and how the SOC helps defend them.”
In this room, THM goes over the weakest link in any company: humans!
In task 3, the room covers social engineering attacks with pictures of what a victim might see when the attacker is trying to trick them. A new type of social engineering attack, with the advent and rise of AI, is Deepfakes. Per THM, “The rapid rise of AI-generated video or audio has become more effective in impersonating family members, colleagues, or corporate partners. In one case, a finance worker received a deepfake video call from someone appearing to be their boss and got tricked into wiring $25 million for an “urgent business deal.” They also mention fake job offers. As someone trying to obtain a cyber job, this hit home, as I receive false job links in my email, through text, and over the phone.
In task 4, THM echoes the truth that no matter how good a defense is, it will be bypassed, and it’s up to SOC analysts to observe and confirm these through log analysis(the next rooms will go over this in more detail). To make your job easier, mitigation and detection techniques can be employed to remove the human element from the analysis.
In Task 5, “Practice”, we are directed to a security dashboard site to retrieve the flags. You review various messages and emails from users to determine the best course of action from two different options. Then, you review and update the corporate security policy in relation to the employees at risk portion.
This was another great introduction-type room presented by THM for the SOC1 path!