Infamous hacker Kevin Mitnick earned his reputation—and jail time—not for his technical prowess, but rather his ability to find soft targets in his target organizations and silver tongue in plying them for information that allowed him to access systems.
The technique is known as “social engineering.” Nothing new to report here, and it’s a bit passé to even talk about social engineering as a threat given the proliferation of malware, spam, mass phishing, botnets and advanced hacking techniques. However, Aaron Higbee, a managing partner and co-founder of the Intrepidus Group, says social engineering is alive and well, and probably remains the most effective hacking technique.
“Attackers are bypassing all the layers of security and going after the soft targets, the humans, with targeted spear-phishing and it’s very effective,” Higbee says.