I think I am just a skeptical of hackers getting into a prison system as I am of them hacking from prison. Remember Shawshank redemption? Tim Robbins was a clever social engineer. He befriended his way into working for the Warden in a variety of ways. He was given a great deal of responsibility and clearance into the financial and person portions of the employees of the jail. These tactics exemplified the definition of a social engineer on page 173 'a social engineer lives by his ability to manipulate people into doing things that help him achieve his goal.'
The cleaning people point came up in a conversation with my brother over the weekend. He works for the Air Force in an extremely high security confidential project. They are not allowed to even bring their cell phones into the building for fear of infiltration. He and I thought that the best approach to stealing information would be to dress up like a janitor and have a camera in our mop. He told me that cleaning people just blend into the terrain and no one would even notice their existence. Many of the programmers regularly leave information up on the screens. We could also bug the room when no one was looking. He did say however that the information along is not that valuable. The combination of the information is worth much more. They separate the projects so that only a small few actually have access to the project as a whole. That seems like a good strategy for security.
1 comment:
You always have to keep an eye on that shady janitor whose been sweeping the same area of the floor for 20 minutes. At least it sounds like the Air Force is doing a semi-decent job of protecting their info.
Post a Comment