Hacking and the Power of Social Engineering

You may think of a hacker as some social reject sitting behind a computer screen with green numbers against a black background flying through a Terminal. That's the stereotype, which as usual is as far from the truth as ever could be. On the contrary, actually conversing with human beings is far from subjecting oneself to no contact.

One of the most useful and effective tools for hackers is Social Engineering; human manipulation. Essentially, it is getting a human psyche to get them to do what you want them to.

Ever get an email from a Nigerian Prince? Won an iPad? That's social engineering.

But your too clever to fall for that, aren't you?

Wrong.

The examples I listed is Social Engineering at it's most rudimentary level. This kind of social engineering pretty much passes over our subconscious radars at this point. Just another part of the internet. Good Engineers are much, much more subtle, and know all the tips and tricks to get you to do what they want.

tumblr_inline_n4zzjwduHO1qa344h

Unlike Computers and the emergence of Hacker Culture, human manipulation has been around for centuries. It's a much more polished and refined craft than hacking; which makes it all the more dangerous. Computers and their subsequent security systems have emerged within the last century.  Computers are no where near as secure as we would like. Technology has outpaced our ability to make things secure, effectively allowing malicious hackers to do what they want, easier.

Ever hear of Kevin Mitnick? He is someone who took full advantage of Human Manipulation and Hacking. They were a match made in heaven. At the time of his arrest in 1995, Mitnick was the most wanted Computer Criminal in the United States. He had gained access to dozens of computer systems, altered them to his liking, cloned cellphones to hide his location, screwed with the FBI for the lulz, and gained proprietary information from dozens of companies. How did he accomplish this? Mostly Social Engineering, and some computer skills. He was able to apply social engineering methods to obtain passwords and codes to systems, which he was then later able to exploit. The United States Jury was so afraid of him, that he was sentenced to solitary confinement for fear that he could "start a nuclear war by whistling into a pay phone.”

Mitnick has gotten better in the last few years, even starting a company which helps fortune-500 secure themselves against hackers. But he still has some crazy stories up his sleeve.

Here is his story of screwing with the FBI:

Alright, but this Mitnick guy is a real pro. For all we know, he is actually 4Chan in disguise, using his security company as a cover-up and really leaks thousands of nudes of celebrities for fun.

In reality, however, Social Engineering is not hard at all. Here's Tim Davis, a youtuber who applied the concept of Social Engineering to trick someone at a restaurant to reveal information that would be helpful to a malicious hacker. Then he makes a Starbucks barista squat and put his own shoe on his head, and he got it on video. Here it is (First is the recording with the restaurant, then comes the video of the barista):

So, Applying concepts of social engineering + hacker skills = scary results. I think we all should be more wary of how we interact with others.

© 2014, insidious All Rights Reserved.

Andrew Plaza

Nerdy Tech fanatic interested in the intricacies of life, technology, and high existence.

comments powered by Disqus