« "Eraser of the century"* | Home | iPod Car Stereo Cassette Adapter »

September 5, 2011

Experts' Expert: Hacker Kevin Mitnick on "social engineering"

R00220020530hin01_04

From Jeffrey Rosen's review in yesterday's Washington Post of Mitnick's new book, "Ghost in the Wires: My Adventures as the World's Most Wanted Hacker": "The most useful part of Mitnick's book is his revelations about how easy it is to con security officials at high tech companies and government agencies into turning over highly sensitive information. Mitnick calls this 'social engineering,' which he defines as 'the casual or calculated manipulation of people to influence them to do things they would not ordinarily do.' But, really, he was just an enterprising con artist, impersonating a variety of company employees and police officers to persuade other employees to give him information for free. The technique worked, he says, because 'people... are just too trusting.' By doing his homework and deploying simple tricks (people won't turn over sensitive information when asked directly, but 'if you pretend you already have the information and give them something that's wrong, they’ll frequently correct you'), Mitnick shows that the greatest vulnerability in any security system is human credulousness."

September 5, 2011 at 02:01 PM | Permalink


TrackBack

TrackBack URL for this entry:
https://www.typepad.com/services/trackback/6a00d8341c5dea53ef0153914fe59b970b

Listed below are links to weblogs that reference Experts' Expert: Hacker Kevin Mitnick on "social engineering":

Comments

I have firsthand experience working for companies that

sparred no expense to electronically guard their business

but let naive people guard the secrets.

When questioned at a meeting, some young snotty department head

would elaborate on the strata of security they had and personal training was unnecessary.

Posted by: Joe Peach | Sep 5, 2011 4:53:28 PM

http://en.wikipedia.org/wiki/The_Art_of_Deception /// his (first?) book.

A social engineering "how to" taught through various exploits and the methodology he used.

I read it in high school and it served me well

Posted by: AG | Sep 5, 2011 2:35:51 PM

The comments to this entry are closed.