August 13, 2015 – VioPoint, a metro-Detroit organization offering innovative cyber security solutions, is proud to announce that Jen Fox won first place in the DEF CON 23 Social Engineering Capture-The-Flag (SECTF) competition in Las Vegas, NV.
Social Engineering is a class of cyber security attacks that employ social techniques to elicit information or alter behavior. Rather than targeting IT infrastructure, these techniques target human psychology to compromise organizational security. A prevalent form of this attack is known as “phishing”, where attackers craft emails to gain either a foothold on corporate networks or influence behavior. The 2015 Verizon Data Breach Investigation Report (DBIR) attributed more than 66% of intellectual property theft incidents to phishing.
Jen Fox, a Senior Security Consultant for VioPoint, is a three-year veteran of the SECTF. Starting the first phase of this contest with only a company name and Internet address, Jen compiled a detailed corporate profile using publically available information. This profile included specific pieces of information, or “flags”, that she had to elicit during the live competition phone call at DEF CON. Examples include type of computers used, existence of an onsite cafeteria, and what kind of antivirus program is used. “In three years of doing this competition, I was most struck this year by the increase of data leakage via social media,” said Jen.
Chief Operating Officer of VioPoint, Mark Murphy said, “We [VioPoint] couldn’t be more proud of Jen. She has worked very hard and has invested a lot of time on this competition; she deserves this.”
As part of VioPoint’s intelligent cyber security solutions, Social Engineering is part of their Testing Services offering. Clients engage VioPoint to perform Social Engineering testing on their organizations to validate current policies and procedures during potential malicious situations.
Check out Jen’s Blogs on social engineering, compliance assessments and other security-related topics here.