This chapter was on the lunatic fringe of redundancy. The author had already addressed most of these concepts.
Getting the victim to come to you is age old and reoccurring in nature. Within the lion community they utilize a strategy known as run toward the roar. They old decrepit lion chills in a secure spot and when prey stumbles upon the group his job is to roar as loud as he can. This sends the prey running the other direction into the open arms of the younger stronger lions. If the prey would run toward the roar they would only have to fight the old guy. The social engineer sends the victim running from the potential threat into a even more dangerous trap. In this chapter the social engineer cleverly creates chaos where no problem previously existed. They are taking advantage, again, of the helpful employee. The victim does not want to be challenging or unhelpful. Before the attacker called there was not even a problem to deal with. Employees need to be trained not to fall into the fix it syndrome. Verification is the key to elude this attack as well as many previous attacks.
2 comments:
I LOVE it, "on the lunatic fringe of redundancy." I think we need to make sure we use that on the BB discussion board. It really is applicable to the cons he goes over and over and over and over.
It is always the helpful employee who gets taken in by the social engineer. Interestingly enough, it seems that I have read that studies suggest that the really nice employees don't advance as far as their less helpful colleagues. The whole "Nice girls don't get the corner office" idea. Maybe it's because they get taken advantage of so easily. Mitnick may be making a good point beyond just corporate security here. Maybe being too helpful will hurt career advancement, just another reason to be suspicious.
Interesting fact about the lions, I've never heard of that before. It's funny how some of these "cutting edge social engineering schemes" are really pretty basic.
Post a Comment