Cyber Security Articles & News

EVENT REVIEW: Notorious hacker Kevin Mitnick wows guests at Palm Beach event

More than one person left The Breakers feeling vulnerable April 4 after notorious hacker Kevin Mitnick showed how easy it is for hackers to access personal information with just a few keyboard clicks.

“How hard is it to hack today? It’s very simple,” Mitnick said at the Smarty Party, the South Florida Science Center and Aquarium’s annual benefit. “Here’s your real problem: it’s the users.”

Mitnick, who was on the FBI’s most wanted list and served prison time, shared how he invaded nearly 40 major corporations as a hacker.

Hackers count on human error; eventually you will open that pesky email or update alert you keep ignoring, he said. And nowadays they employ social engineering attacks where they use psychological manipulation so victims give up confidential information.

So why is social engineering so popular? Mitnick said this method is easier than a hacking system or technical attacks, usually requires free or low-cost tools, doesn’t leave an audit trail, evades all intrusion detection systems and is nearly 99.5 percent effective.

Hackers create a target list based on the victim’s circle of friends and co-workers, he said. This information is easily retrieved from social media sites such as Facebook or LinkedIn. Then, the target will be phished with messages from what they think is an email from a trustworthy source.

At the event, guest Teresa Hickey volunteered to get hacked, and within seconds of giving her name, Mitnick had her social security number, birth date, driver’s license number and the university she graduated from on the big screens for everyone to see.

With this information, hackers can impersonate her while requesting credit reports, he said. And a hacker doesn’t need to get all of the security questions right for access, as long as 95 percent of the questions are answered correctly.

Mitnick said users can protect themselves from attacks by undergoing domain spoof tests and avoiding opening email attachments. And if they do open one, avoid doing it with your personal computer’s software and using Google docs or viewer instead.

In the case of companies, he had a few recommendations as well, including taking any of the internet technology decision-making process away from users or employees likely to be targeted, and inoculate users by attacking and testing them so they know what to look for in real phishing attempts. Mitnick also suggested changing organization politeness norms. It’s OK to ignore that suspicious email or hang up on that call.

Along with the information session, Smarty Party guests took home a copy of Mitnick’s book, Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker

This event review and other fascinating information can be found at source.

Source: Palm Beach Daily News

Topics: Social Engineering, South Florida, domain spoof tests, human error, computer security consultant, data theft, FBI, Hacker, keynote speaker, privacy protection, The Breakers, Palm Beach, phishing, Ghost in the Wires, Kevin Mitnick, malicious emails

Latest Posts

Kevin offers three excellent presentations, two are based on his best-selling books. His presentations are akin to technology magic shows that educate and inform while keeping people on the edge of their seats. He offers expert commentary on issues related to information security and increases “security awareness.”

What is a Penetration Testing Framework?

Penetration testing services are performed by cybersecurity companies to help find weaknesses in an organization's network, internal systems, and show..

Read more ›

What To Expect During Red Team Operations

Companies are producing an exponential amount of data every day and by 2025, it’s estimated that there will be about 181 zettabytes of data. As your o..

Read more ›

4 Considerations When Choosing Between Pentesting Companies

As business models continue to evolve the need for cybersecurity measures is more necessary than ever before.

Read more ›