Cyber Security Articles & News

EVENT REVIEW: Notorious hacker Kevin Mitnick wows guests at Palm Beach event

More than one person left The Breakers feeling vulnerable April 4 after notorious hacker Kevin Mitnick showed how easy it is for hackers to access personal information with just a few keyboard clicks.

“How hard is it to hack today? It’s very simple,” Mitnick said at the Smarty Party, the South Florida Science Center and Aquarium’s annual benefit. “Here’s your real problem: it’s the users.”

Mitnick, who was on the FBI’s most wanted list and served prison time, shared how he invaded nearly 40 major corporations as a hacker.

Hackers count on human error; eventually you will open that pesky email or update alert you keep ignoring, he said. And nowadays they employ social engineering attacks where they use psychological manipulation so victims give up confidential information.

So why is social engineering so popular? Mitnick said this method is easier than a hacking system or technical attacks, usually requires free or low-cost tools, doesn’t leave an audit trail, evades all intrusion detection systems and is nearly 99.5 percent effective.

Hackers create a target list based on the victim’s circle of friends and co-workers, he said. This information is easily retrieved from social media sites such as Facebook or LinkedIn. Then, the target will be phished with messages from what they think is an email from a trustworthy source.

At the event, guest Teresa Hickey volunteered to get hacked, and within seconds of giving her name, Mitnick had her social security number, birth date, driver’s license number and the university she graduated from on the big screens for everyone to see.

With this information, hackers can impersonate her while requesting credit reports, he said. And a hacker doesn’t need to get all of the security questions right for access, as long as 95 percent of the questions are answered correctly.

Mitnick said users can protect themselves from attacks by undergoing domain spoof tests and avoiding opening email attachments. And if they do open one, avoid doing it with your personal computer’s software and using Google docs or viewer instead.

In the case of companies, he had a few recommendations as well, including taking any of the internet technology decision-making process away from users or employees likely to be targeted, and inoculate users by attacking and testing them so they know what to look for in real phishing attempts. Mitnick also suggested changing organization politeness norms. It’s OK to ignore that suspicious email or hang up on that call.

Along with the information session, Smarty Party guests took home a copy of Mitnick’s book, Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker

This event review and other fascinating information can be found at source.

Source: Palm Beach Daily News

Topics: Social Engineering, South Florida, domain spoof tests, human error, computer security consultant, data theft, FBI, Hacker, keynote speaker, privacy protection, The Breakers, Palm Beach, phishing, Ghost in the Wires, Kevin Mitnick, malicious emails

Latest Posts

Kevin offers three excellent presentations, two are based on his best-selling books. His presentations are akin to technology magic shows that educate and inform while keeping people on the edge of their seats. He offers expert commentary on issues related to information security and increases “security awareness.”

5 Holiday Cybersecurity Tips To Prepare Your Organization

Protecting your organization from outside threats should always be a top priority. However, you may need to shore up your security as we approach the ..

Read more ›

Spear Phishing vs Phishing: Recognizing the Difference

Since the dawn of the internet, there have been threat actors looking to exploit systems, steal data, and compromise the integrity and reputation of p..

Read more ›

Kevin Mitnick Security Awareness Training: Microsoft Teams

Kevin Mitnick — founder of Mitnick Security and Knowbe4’s Chief Hacking Officer — helps organizations find and remediate vulnerabilities through penet..

Read more ›