The art of deception:controlling the human element of security
Saved in:
Main Authors: | |
---|---|
Group Author: | |
Published: |
Wiley,
|
Publisher Address: | Indianapolis, Ind. |
Publication Dates: | c2002. |
Literature type: | Book |
Language: | English |
Subjects: | |
Carrier Form: | xvi, 352 p.: ; 23 cm. |
ISBN: |
0471237124 076454280X (pbk.) |
Index Number: | TP309 |
CLC: |
TP309 TP393.08 |
Call Number: | TP309/M684 |
Contents: |
Includes bibliographical references (p. 339-340) and index. Part I : Behind the scenes -- Security's weakest link -- Part II : Art of the attacker -- When innocuous information isn't ; Direct attack : just asking for it ; Building trust ; "Let me help you" ; "Can you help me?" ; Phony sites and dangerous attachments ; Using sympathy, guilt, and intimidation ; Reverse sting -- Part III : Intruder alert -- Entering the premises ; Combining technology and social engineering ; Attacks on the entry-level employee ; Clever cons ; Industrial espionage -- Part IV : Raising the bar -- Information security awareness and training ; Recommended corporate informa Focusing on the human factors involved with information security, Mitnick explains why all the firewalls and encryption protocols in the world will never be enough to stop a savvy grifter intent on rifling a corporate database or an irate employee determined to crash a system. With the help of many fascinating true stories of successful attacks on business and government, he illustrates just how susceptible even the most locked-down information systems are to a slick con artist impersonating an IRS agent. Narrating from the points of view of both the attacker and the victims, he explains why |