Social Engineering
The human factors already mentioned are not the only times when humans are the weakest link in the security chain. By using social engineering, a skillful enemy can often trick your staff into divulging otherwise secret information or trick them into doing something that might help the attacker obtain access to data or systems he should not be able to access. Usually social engineering is a multistep, multiplayer game in which, with each step, the attacker gets closer to his goal. Social engineering is especially difficult to protect from because the people who do it are usually professionals in their field. The average hacker might have less-than-average verbal abilities, but this kind of person is not average. It is probably ...
Get Solaris 8 Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
