EVENT REVIEW: Tales from the Darkside: Kevin Mitnick, HostingCon 2017 Keynote

Written by Mitnick Security | Apr 17, 2017 12:00:00 AM

Most of us are aware that there are people trying to steal our personal information and identities, but are we aware of the easiest ways for these people to get it? No.

Kevin Mitnick former hacker turned security consultant, recently spoke at HostingCon and Data Center World and showed attendees how easy and how quick someone can steal their information and identity and take over their computer in seconds.

Social Engineering

The easiest targets are employees who are unaware or unsuspecting. This is why the most effective tool for hacking is not technological, but rather social engineering. This is a “form of hacking that relies on influence, deception and manipulation to convince another person to comply with a request,” said Mitnick.  This hack approach is “99.5 percent effective, easier than software or technology hacks and it leaves no audit trail.”

So, hackers start with information reconnaissance. They obtain directory information, look at social media and find everything they need within their target’s circle of trust. Once this is done, they take on a role of a person that is connected to that circle of trust. This provides an “in” – a way for an employee to trust them and provide the information they need or get onto your computer.

How do you combat this?  Be aware, no matter how busy you are, of who you are talking to, what they are asking and anomalous emails asking for information.

Thumb Drives

Going to an event to receive a free thumb drive? Receive a free thumb drive as a gift? Do not use it!  Another easy way for someone take over your computer is to infect a thumb drive.  If you are unsuspecting, you insert it into your USB port, and once you do that someone can steal your data with a Trojan virus.  Note that Kevin did show the audience that even if you format the thumb drive, an unsuspecting virus could still be lurking.

Software Upgrades and Sneaky PDFs

Who knew the software upgrades that we need to perform our online tasks could be a hacker’s way in?  Although it looks like a duck and walks like a duck does not mean the duck is safe.  Kevin demonstrated how an unsuspecting download could actually be a virus. How do we prevent such a takeover? Look at the way the upgrade popped up, its publisher and the branding – if anything looks off – do not upload it!  Sneaky PDFs come off in the same manner, so if you download it the hacker has access to your computer and information.

Likely, it is not a matter of if, but when you will be hacked. So no matter how busy you are – being hyper vigilant is key.

This great review and tons of other cool articles can be found at the source.

Source: Data Center POST