Home / Blog
Written by: 9/9/2011 6:35 AM
For years, Kevin Mitnick was a professional hacker—an expert at using the system for personal gain. Then, he went to jail for a while. And finally, he became the security expert we know today, using his knowledge to training companies and managers how to keep from being duped by...well...guys like him.
While it’s unfortunate that Mitnick had to repeatedly break the law and act as a criminal to gain the knowledge he is now using against the hacking community, the principles are still sound. And as a company of legitimate security experts with specialization in social engineering audits, we can attest to the fact that he’s right: it is still pretty easy to get what you want if you are a good manipulator.
"Even thought I had been practicing the art of social engineering for years, I couldn't help but be amazed and a little dazzled by how easy this had been," Mitnick wrote in "Ghost in the Wires.”
It’s a little different now, of course. Back in the early 90’s, technology was different and so were the tactics. Now, it’s all about DNS, phishing emails, and pretexting. And in the future, who knows what tactics social engineers will develop to keep up with further advances in technology. Regardless, a good security policy is the best defense—and good policies are only developed through research, knowledge, and testing.
Do the right thing: find the holes in your organization through a social engineering audit and create policies and practices that will keep the Mitnicks of the future from stealing the value from your company, one building block at a time.
Our FraudReady audit is proven…and we’ve never been to jail: http://rocketready.com/FraudReady
Read more here: http://www.darkreading.com/security/vulnerabilities/231600862/mitnick-s-tale-sheds-light-on-social-tactics.html