Social Engineering Fueled by Social Networks is a Potent ThreatBy Lawrence Walsh | Posted 2009-06-04 Email Print
Re-Thinking HR: What Every CIO Needs to Know About Tomorrow's Workforce
Security pros still worry about protecting what's left of the digial perimeter. Social networks like Facebook and Twitter, however, are making it far easier to target--or spear phish--information from hapless users. In other words, social engineer remains a potent threat.
Infamous hacker Kevin Mitnick earned his reputation—and jail time—not for his technical prowess, but rather his ability to find soft targets in his target organizations and silver tongue in plying them for information that allowed him to access systems.
The technique is known as "social engineering." Nothing new to report here, and it’s a bit passé to even talk about social engineering as a threat given the proliferation of malware, spam, mass phishing, botnets and advanced hacking techniques. However, Aaron Higbee, a managing partner and co-founder of the Intrepidus Group, says social engineering is alive and well, and probably remains the most effective hacking technique.
"Attackers are bypassing all the layers of security and going after the soft targets, the humans, with targeted spear-phishing and it’s very effective," Higbee says.