The art of deception : controlling the human element of security / Kevin D. Mitnick and William L. Simon ; [foreword by Steve Wozniak].

Format:

Book

Author/Creator:

Mitnick, Kevin, 1963-2023.

Contributor:

Simon, William L., 1930-

Language:

English

Subjects (All):

Computer security.

Information technology--Social aspects.

Information technology.

Hackers.

Physical Description:

xvi, 352 pages : illustrations ; 23 cm

Place of Publication:

Indianapolis, Ind. : Wiley, [2002]

Summary:

Kevin Mitnick's exploits as a cyber-desperado and fugitive from one of the most exhaustive FBI manhunts in history have spawned dozens of articles, books, films, and documentaries. Since his release from federal prison in 2000, Mitnick has turned his life around and established himself as one of the most sought-after computer security experts worldwide. Now, in The Art of Deception, the world's most famous hacker gives new meaning to the old adage, "It takes a thief to catch a thief."

Inviting you into the complex mind of the hacker, Mitnick provides realistic scenarios of cons, swindles, and social engineering attacks on businesses -- and the consequences. Focusing on the human factors involved with information security, Mitnick explains why all the firewalls and encryption protocols in the world will never be enough to stop a savvy grifter intent on rifling a corporate database or an irate employee determined to crash a system. He illustrates just how susceptible even the most locked-down information systems are to a determined con artist impersonating an IRS agent or any other seemingly innocent character. Narrated from the points of view of both the attacker and the victim, The Art of Deception explores why each attack was so successful -- and how it could have been averted -- in an engaging and highly readable manner reminiscent of a true-crime novel.

Most importantly, Mitnick redeems his former life of crime by providing specific guidelines for developing protocols, training programs, and manuals to ensure that a company's sophisticated technical security investment will not be for naught. He shares his advice for preventing security vulnerability in the hope that people will be mindfully on guard for an attack from the gravest risk of all -- human nature.

Contents:

Part 1 Behind the Scenes 1

Chapter 1 Security's Weakest Link 3

Part 2 The Art of the Attacker 13

Chapter 2 When Innocuous Information Isn't 15

Chapter 3 The Direct Attack: Just Asking for It 31

Chapter 4 Building Trust 41

Chapter 5 "Let Me Help You" 55

Chapter 6 "Can You Help Me?" 77

Chapter 7 Phony Sites and Dangerous Attachments 93

Chapter 8 Using Sympathy, Guilt, and Intimidation 105

Chapter 9 The Reverse Sting 133

Part 3 Intruder Alert 147

Chapter 10 Entering the Premises 149

Chapter 11 Combining Technology and Social Engineering 173

Chapter 12 Attacks on the Entry-Level Employee 195

Chapter 13 Clever Cons 209

Chapter 14 Industrial Espionage 225

Part 4 Raising the Bar 243

Chapter 15 Information Security Awareness and Training 245

Chapter 16 Recommended Corporate Information Security Policies 259.

ISBN:

0471237124

OCLC:

50797873

Online:

Contributor biographical information

Publisher description