A PROFESSIONAL IT INFRASTRUCTURE SOLUTIONS COMPANY - PH: 1300 792 492

HomeIT News & ViewsWhat's Happening in the IT World /  Social Engineering
*
*
*
*
*

Fields marked with an asterisk (*) are required.

Subscribe to News

Social Engineering
Social Engineering is defined as the process of deceiving people into giving away access or confidential information. Wikipedia defines it as: "is the act of manipulating people into performing actions or divulging confidential information. While similar to a confidence trick or simple fraud, the term typically applies to trickery or deception for the purpose of information gathering, fraud, or computer system access; in most cases the attacker never comes face-to-face with the victim." Although it has been given a bad name by the plethora of "free pizza", "free coffee", and "how to pick up chicks" sites, aspects social engineering actually touches on many parts of daily life. Many consider social engineering to be the greatest risk to security.

From a security standpoint, it is more a collection of tools and techniques that range from negotiation, sales, psychology and ethical hacking. While social engineering can include physical security this framework focuses on art of manipulating people to achieve a goal. Generally this goal will involve showing a company or organization where weaknesses may lie with training of their people to maintain a security focused mind.

Hackers at an infamous DefCon gathering in Las Vegas are proving that old-fashioned smooth talk rivals slick software skills when it comes to pulling off attacks on the computer networks of some of the world's largest companies.

A first-ever "social engineering" contest at the conference challenges hackers to call workers at 10 companies including Google, Apple, Cisco, and Microsoft and get them to reveal too much information to strangers.

"Out of all the companies called today, not one company shut us down," said Offensive Security operations manager Christopher Hadnagy, part of the social-engineer.org team behind the competition that kicked off late last week.

The team kept hackers within the boundaries of the law, but had them coax out enough information to show that workers would have unintentionally made it easier to attack networks.

Workers that unknowingly ended up on calls with hackers ranged from a chief technical officer to IT support personnel and sales people.

One employee was conned into opening programs on a company computer to read off specifications regarding types of software being used, details that would let a hacker tailor viruses to launch at the system.


Sources:
http://www.social-engineer.org/
http://en.wikipedia.org/wiki/Social_engineering_(security)
http://www.smh.com.au/technology/technology-news/hackers-fool-worlds-largest-companies-using-smooth-talk-20100802-112f4.html
 
Copyright © 2012. Microsolve Wollongong & Newcastle NSW. Site map | Privacy | Terms & Conditions | Designed by Microsolve Web Services