Mitnick: Internet users still vulnerable to social engineering

Kevin Mitnick, the famed American hacker who has parlayed his notoriety into a successful career as a security professional, said human frailty is still the weakest link in the security chain.

Mitnick made the assertion during “The Hacker’s Code” security conference sponsored by ePLDT at The Fort Shangri-La in Taguig City last April 11. This was his first visit to the Philippines.

According to Mitnick, hacking into a system is always a possibility because there is always a human element involved. “Even in this era of AI (artificial intelligence), I don’t think systems will be free of human intervention. There will always be people involved,” Mitnick, who spent five years in prison in the US for hacking-related offenses.

For this reason, Mitnick said cyber-criminals will still prefer or use social engineering to trick security folks and break into a system. To illustrate his point, the renowned hacker demonstrated during the conference a method to crack a two-factor authentication system using social engineering tactics.

To avoid falling into similar traps, Mitnick said it is important for enterprises or even small businesses to conduct social engineering training for its employees. He also stressed the need for regular security penetration testing and monitoring as being part of a truly successful cybersecurity model.

The security event, which was co-presented with IT security provider Check Point Software Technologies, was attended by over 500 customers and partners from the Contact Center Association of the Phils (CCAP), Phil. Retailers Association (PRA), Semiconductor and Electronics Industries of the Phils (SEIPI), as well as guests from the banking and finance industry, manufacturing, healthcare, BPO and government sectors.

“Being one of the emerging economies of the region, the Philippines is also considered one of the biggest targets for cyberterrorists, cybercriminals, and nation-state sponsored hackers. In response, we at PLDT Enterprise and ePLDT have pioneered efforts in the education and empowerment of businesses. Cyber security should no longer be viewed as ‘optional’, especially in today’s constantly changing landscape,” stated SVP and head of PLDT and Smart Enterprise Groups Jovy Hernandez.

For her part, ePLDT Group’s SVP and chief operating officer Nerisse Ramos said key decision-makers in every organization should be more proactive in implementing a cyber security strategy.

“The threats we all face are evolving and becoming more advanced at an alarmingly rapid rate. It is critical that we are ready and we accept that no company or individual is 100% safe from any breach. Thus, as business leaders and protectors of your organizations, you can no longer afford to be ill-prepared in today’s world. Preparedness means being ready before, during and after an attack,” she said.

This event review and other good information can be found at source.

Source: Newsbytes

Topics: Social Engineering, The Fort Shangri-La, Philippines, security chain, Taguig City, The Hacker's Code, CCAP, ePLDT, cybersecurity, Hacker, Phil. Retailers Association, SEIPI, weakest link, AI, BPO, Check Point Software Technologies, Contact Center Association, cyberterrorists, PRA, Kevin Mitnick

Latest Posts

Kevin offers three excellent presentations, two are based on his best-selling books. His presentations are akin to technology magic shows that educate and inform while keeping people on the edge of their seats. He offers expert commentary on issues related to information security and increases “security awareness.”

How Long Will It Take To Recoup From a Data Breach?

While many think of the steps needed to avoid a data breach, it’s equally important to think about the steps your business would need to take in the w..

Read more ›

Ransomware Attacks: Trends and Most Targeted Industries

With the rise of worldwide ransomware attacks, 2024 is the perfect time to understand why these current cyber threats are happening and how to safegua..

Read more ›

New SEC Regulations Regarding Data Breaches

On December 18, 2023, the Securities and Exchange Commission (SEC) introduced new regulations for organizations regarding response procedures in the e..

Read more ›