Security: Fighting the enemy within
Kevin Mitnick was placed in solitary confinement in 1995 out of fear of a revolutionary corporate security risk that Mitnick had learned to exploit. The reserved and non-violent Mitnick had for years been breaking into some of the nation’s most secure networks with a combination of solid computer hacking ability mixed with an uncanny way of coaxing information out of people--information about computer passwords, for example. Mitnick had already served time for stealing computer phone network information after convincing a security guard to let him into the phone company headquarters.
Mitnick’s abilities spooked the judge assigned to his case. The judge’s move to physically separate him from any person he could “influence” is a tremendous validation for the threat of social engineering, or the ability to prey on people’s trust of others. Mitnick had used social engineering to hack into computer systems as valuable as those housed at the U.S. National Security Council. Simply put, social engineering encompasses varied methods a hacker uses to pretend to be an authorized user of the network. Social engineering can occur through many methods, including online, telephone and even by physically impersonating an individual in the office.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.