Hacking the Mind: Social Engineering

Posted by Brian Clark Howard of National Geographic on March 6, 2013
(3)
More »

I recently posted about Brain Games, the new National Geographic TV show with mind-bending interactivity, and shared an infographic about intelligence. I follow that with an infographic my friend just made for Veracode on hacking the mind–perhaps a dark side of brain science.

Earlier today I was listening to one of my favorite podcasts, The Drill Down, and Dwayne D. mentioned how frustrating it is for many people to juggle multiple passwords, especially those that need to change frequently.

One of the other co-hosts suggested using a two-pronged security system, which requires a code to be sent to a device for access. Another suggested using a virtual vault to store passwords behind encryption. Dwayne was skeptical, arguing that access needs to be as simple as possible for users, while still being secure.

There’s a lot to lose. A family friend of mine lost his life’s savings, including his kids’ college fund, to an organized group of criminals. He spent months working with the FBI and lawyers, but was never able to recover the money. He spent so much time on his case that he neglected his duties at work, and was eventually fired. Friends murmured that he had become “obsessed” with tracking the perps. The family eventually uprooted and moved out of state to try to get a fresh start.

The hackers who emptied my friend’s accounts had used a sophisticated social engineering approach, over several periods of contact. They first called my friend’s wife and told her he had left his bank card at the local branch. So could she please verify some personal details? She provided a physical description of her husband and other tidbits, and they started building a virtual profile that they would eventually use against them.

There are lots of ways hackers can try to get at our data, from cheesy phishing emails to shoulder skimmers at the ATM. That’s not to say there is a boogeyman behind every byte, but it’s a good idea to follow security best practices online.

How do you keep your data safe?

mind hacks infographic

Source

Keywords: , , , ,
(3)
More »

Comments

  1. Mindl Bialy
    March 9, 1:27 am

    Here is another type of brain hacking (I like the term “cognitive hacking”) that you should seriously consider:

    http://www.thehindu.com/news/cities/bangalore/mischief-potential-of-social-media-in-full-play/article3781473.ece

    Your article’s view of social engineering focuses on micro-cognitive hacking – trying to socially engineer an individual. This article is about macro-cognitive hacking – trying to socially engineer whole populations at one time. This type of phenomena deserves a lot more attention than it is getting as it will continue to grow in importance. An interesting recent example of lack of attention is the presidential inauguration. A secret service agent being interviewed on the radio claimed that they had taken every precaution relating to cyber-security. For example, he said nobody would be trapped in an elevator. But what he did not mention was, for example, what precaution they had taken – or what means they had to combat – against somebody starting some type of rumor in social media that would have caused the mass of people on the mall to stampede in panic. This type of thing would not be that difficult to do and the simple fact is that they do not have any way to do deal with such problems. The reasons for that are many and complicated and deserve very serious discussion which is not happening. It is as if the authorities do not even want to admit that such things are possible. This is very unfortunate.

  2. Neil DuPaul
    Burlington, MA
    March 6, 9:42 am

    Thanks for the feature Brian, social engineering tactics are indeed getting more sophisticated and it really is quite scary when you think about potential loss. Many people don’t begin to consider security when sharing or accessing private information on personal devices or as you mentioned, over the phone with someone they assume is credible.

    We have many more infographics that your readers may find useful as well, covering a wide range of security issues and topics. They are all available here: http://www.veracode.com/blog/category/infographics/.

  3. Ima Ryma
    March 6, 5:45 am

    Corporations and governments
    Are getting hacked ’bout ev’ry day.
    So it should be just common sense
    That John and Jane Doe will be prey..
    All of the fancy don’t's and do’s
    That “experts” tell us in advice,
    Are the same that the hackers use.
    And some of us will pay the price.
    And some of us will not be hit.
    But all of us will feel some strife
    From hacking – worrying ’bout it.,
    Cuz there’s no guarantees in life.

    To be hacked or not to be hacked.
    Manure happens – that’s a fact.