Written during his incarceration for computer-related crimes in the 80’s and 90’s, Kevin Mitnick’s “The Art of Deception: Controlling the Human Element of Security” sheds some light on non-technical vulnerabilities of modern-day companies.
Mitnick was locked up for gaining unauthorized access to various corporate network infrastructures, Pacific Bell and DEC being the most prominent examples.
But as this book shows, you don’t need leet haxxing skills to aquire trade secrets or the phone number of the CEO’s mistress. All you need is… humans that trust other humans. Really. That’s about it. I just saved you 10 bucks and a bunch of reading hours to come to this conclusion. Guess I “hacked” your marketing plan there, Kevin, didn’t I?
Not so. Although “Social Engineering” has been around for a while, it’s still fun to read about individual exploits and the persons and industries involved. A little bit of chutzpe plus lack of morals and charisma, and you’re set.
But remember kids, crime does not pay!