I recently finished reading ‘The Art of Deception - Controlling the Human Element of Security' which is a book written by Kevin Mitnick. In case you haven't heard of Mitnick before, he is the most famous social engineer ever.
Social Engineering is basically using the social skills of influence and persuasion to get whatever the the persuader wants. It relies heavily on the reliance and exploitation of basic human trust. It's quite similar to being a conman, only usually it's done against a company rather than an individual.
Mitnick talks about various workarounds in security systems that can be bypassed by anyone using the correct lexicon who sounds like they know what they are talking about. He explains different methods of attack and ways to get a hold of information using different scenarios.
A good portion of the book is about shielding your company from attacks from social engineers and possible policies that you might want to employ. This portion of the book is done very well and I would recommend checking it out, espicially if you have never heard of social engineering before.
No comments:
Post a Comment