Security: Fighting the enemy within

Thursday, 20 February 2003, 5:50 PM EST

Kevin Mitnick was placed in solitary confinement in 1995 out of fear of a revolutionary corporate security risk that Mitnick had learned to exploit. The reserved and non-violent Mitnick had for years been breaking into some of the nation’s most secure networks with a combination of solid computer hacking ability mixed with an uncanny way of coaxing information out of people--information about computer passwords, for example. Mitnick had already served time for stealing computer phone network information after convincing a security guard to let him into the phone company headquarters.

Mitnick’s abilities spooked the judge assigned to his case. The judge’s move to physically separate him from any person he could “influence” is a tremendous validation for the threat of social engineering, or the ability to prey on people’s trust of others. Mitnick had used social engineering to hack into computer systems as valuable as those housed at the U.S. National Security Council. Simply put, social engineering encompasses varied methods a hacker uses to pretend to be an authorized user of the network. Social engineering can occur through many methods, including online, telephone and even by physically impersonating an individual in the office.

[ Read more ]


Most IT pros have seen potentially embarrassing information about their colleagues

More than three-quarters of IT professionals have seen and kept secret potentially embarrassing information about their colleagues, according to new research conducted by AlienVault.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Wed, Feb 10th