European Cybersecurity Month #BeSmarterThanAHacker
October 1, 2023
The European Cybersecurity Month (ECSM) is the European Union’s annual campaign dedicated to promoting cybersecurity among citizens and organisations, and to providing up-to-date digital security information through awareness raising and the sharing of good practices. Each year, for the entire month of October, hundreds of activities take place across Europe, including conferences, workshops, trainings, webinars, presentations, online quizzes and more, to provide resources for citizens to learn more about protecting themselves online.
Since the first event in 2012, the European Cybersecurity Month has been reaching its key priorities by bringing together parties from across Europe under the slogan ‘Cybersecurity is a Shared Responsibility’ to unite against cyber threats. Each year, the campaign not only promotes the safer use of the Internet for EU citizens, but the organisers provide the knowledge and tools to do so. In this year’s European Cybersecurity Month Campaign, we are diving deep into the world of Social Engineering, where cybercriminals employ clever manipulation tactics to breach our security defenses. #BeSmarterThanAHacker is the 2023 motto that refers to the knowledge and tools we need to protect ourselves from cybercriminals.
What is social engineering?
Social engineering occurs when someone is manipulated into performing actions or giving up sensitive and/or personal information. Scammers will use the information disclosed by the victims in tricky ways meant to deceive them. This is how attackers take advantage of their victim’s trust in digital communications. Being tricked into performing an action is how we unconsciously help attackers to perform the attack they have devised.
ENISA identifies and analyses current and future cyber threats including the trends around social engineering. The increase in collection of behavioural data can lead to more targeted phishing attacks. The use of emerging technologies such as artificial intelligence (AI) and automation by machine learning allow attackers to analyse user behaviour and launch targeted attacks.
The ENISA Threat Landscape has found that phishing has become the most common initial vector, meaning social engineering is the most popular attack type to gain access to an organisation. Once attackers have access to the inside of an organisation, further attacks can be carried out such as ransomware.
The campaign will draw the attention of users of all ages to the different social engineering techniques used by attackers against them and enable them exercise caution. Activities and information will be provided to help them get familiar with the various ways in which they can be tricked by cyber criminals. They will also learn how to identify and spot potential scams.
In the light of the Cyber Security Month campaign, Spain will organize a set of activities to promote awareness and culture in cybersecurity, creating content through its communication channels (websites, social networks, etc.) and carrying out various actions and campaigns.