The Friendly Hacker

Posted on by careerpath

thematrixYou are a friendly person, and for that, your family and co-workers are grateful. You filled out that restaurant survey when the kid down the street came to your door, not for the free hamburger coupon, but because you knew it would help him get to basketball camp next summer.  You let your neighbor borrow your rake last fall, and even when he didn’t return it until 6 weeks later, you didn’t flinch.

Most interactions you have like this in life will be pretty benign, unless you happen to meet the friendly hacker.  This person can make your life miserable while making you feel momentarily good about yourself.  How?  Via extracting sensitive information from you that would make the gentlest dentist in the world seem like Rocko the Enforcer with a Makita gas-powered drill, otherwise known as social engineering.  Check out the case studies below for some fine examples of social engineering that would fool even the brightest MIT graduate:

(1) How A ‘Lying’ Social Engineer Hacked Wal-Mart: The Defcon conference in Las Vegas, Nevada, is where hackers gather to share cutting edge technical exploits.  At the event, they hold a “hackathon” to demonstrate the ease with which social engineering can bypass any number of technological defenses. Read the story of how a Wal-mart manager in a small town was duped into giving up all sorts of sensitive information in no more than a simple phone all.

(2) Francophoned – A Sophisticated Social Engineering Attack:  A French-based multi-national company is hacked via a remote access Trojan (RAT) by an on-the-move attacker.  This story reads like a Robert Ludlum novel (think The Born Ultimatum) or a Tom Clancy novel.  Even if we may be exaggerating a little with the comparison, this tale demonstrates the dangers and sophistication of modern social engineering.  You can find the whole story on Symantec’s web site.

(3) Amazon Wishlist Is A Gateway To Epic Social Engineering Attack: Funnyman Erik Stolhanske didn’t find it so humorous when SecureState profiling consultant Brandan Geise managed to take control of Stolhanske’s digital life with nothing more than his name.  Read on to find out why Erik probably won’t be pulling that particular dragon’s tail again anytime soon.

There are hundreds, if not thousands of hackers out there who would gladly snap up your personal and financial information for a quick payday.  When you share information online or over the phone, you risk someone deciding it is your unlucky day and targeting you as their next technological victim.  Be cautious and be aware, or it could be you.

 

This entry was posted in General News. Bookmark the permalink.

Comments are closed.