I am a huge fan of Kevin Mitnick and would recommend you read all of his books. My personal favorites are The Art of Deception and Ghost on the Wires. In this next series of blog posts we are going to talk about social engineering and its threat to your business. Why should you care about social engineering? Even if you have the best anti-virus, the most expensive firewall, and the greatest IT staff, you are still at risk of being compromised. This technic can be done without the intruder even trying to ‘hack’ your system, but can still be given access rather quickly to your systems.
The problem comes into place with the human element. A simple definition of social engineering is a psychological trick used on system users in order to acquire information to access the computer system. This can also be used to gain access to buildings or acquire valuable company information as well. Social engineers are smart and often try to build relationships with their victims to further build trust. This cannot be blocked by technology and is easy as humans want to be helpful in nature.
Social engineering is something that all businesses need to be aware of to protect its networks and intellectual property. The best ways we can prevent social engineering attacks is through education and to some level company policy. We will dive more into protecting ourselves from these sorts of attacks in our next post in this series.
For more information and a great summary please watch the video by ClipTraining below.