Although there are many software and hardware related privacy/security risks, there's one risk that experts know about, but tend to overlook - the human factor.
Kevin Mitnick has said that "companies spend millions of dollars on firewalls and secure access devices, and it's money wasted because none of these measures address the weakest link in the security chain: the people who use, administer and operate computer systems."
In the following video Kevin Mitnick describes in high detail how he managed to fake his way into LA Telco Central Office by using his skills in social engineering.
Mitnick wrote in his book (The Art of Deception) that "security is too often merely an illusion, an illusion sometimes made even worse when gullibility, naivete, or ignorance come into play. In the end, social engineering attacks can succeed when people are stupid or, more commonly, simply ignorant about good security practices."
Anyone who thinks that security products alone offer true security is settling for. the illusion of security. It's a case of living in a world of fantasy: They will inevitably, later if not sooner, suffer a security incident (Mitnick, 2002).
No comments:
Post a Comment