Henry Dalziel | General Hacking Posts, Hacker Hotshots, Latest InfoSec News | December 12, 2012
The sad story about the phone hacking scandal in the UK committed by the Australian DJ’s which resulted in the death of UK nurse, Jacintha Saldanha, clearly demonstrates the dark side and dark consequences of social engineering.
If we understand social engineering to be, in the context of information security, the art of manipulating people into performing actions or divulging confidential information – then the DJ’s succeeded – but at huge cost. There seems to have been a complete disregard for the consequences of the DJ’s victims. My point is that the DJ’s likely never even thought about what “might” happen to their victim. Did it cross their mind that the nurse or people that they would speak to might lose their job or worse as was the case. Did they even care? Should they have cared?
Obviously we can’t make a comment on why or how this poor nurse really committed suicide – but clearly this “prank call” – or social engineering exercise had a significant role to play in her death. Bottom line – two kids are without their mom – so yes, social engineering does have and does create real victims.
On the subject of social engineering, if you are interested in the subject you will be fascinated by our Hacker Hotshot web show early December with Chris Silvers titled: Go With the Flow: Strategies For Successful Social Engineering. Chris takes a solid position of identifying areas that organizations needs to tighten up on if they are to be firm up their social hacking vulnerabilities.
Chris also uses real recorded examples that demonstrate how easy it was to obtain sensitive information.
Anyways – back to the main point of this post – what do you guys think about the victims of social engineering?