When High Tech Security Fails

State of the art security system defeated by – Chocolate?

We hear so much now about hackers breaking into systems, social networking sites being compromised and global distributed denial of service attacks that we tend to forget about the human factor.

You may have the newest Cisco router, intrusion detection systems and security software available, but what if the hacker simply sneaks into your office and walks away with your whole server? On more than one occasion, a hacker, unable to penetrate a server from the outside, broke into the company and walked out the door with the server in hand.

People tend to forget the human factor in hacking. One of the largest diamond heists in history was not due to the firewall being penetrated and web server cracked. The suspect simply walked in the front door and over time won the employees over with… Chocolate. Once he earned their trust, they gave him a key to a special area that he then used to steal about $28 Million in diamonds. Attacks like these are called “Social Engineering”. A social engineering attack is when hackers manipulate people to get information or access that they want. The quickest way into a high security locked area? Tailgate in with a group.

Many times a CEO will not give out his password to anyone, but his secretary might, if asked by a hacker posing as a tech support representative. Personnel need to be on the lookout for these types of attacks and question people who they don’t recognize. I have provided onsite computer support in small to large companies for over 15 years and have only been asked for credentials 3 times.

One last point, don’t just focus on computer security when defending your system. Make sure that your building is physically secure. Not just the first floor either, many times thieves have gained access to a building from an unsecured second floor.

Daniel W. Dieterle

~ by D. Dieterle on February 10, 2010.

One Response to “When High Tech Security Fails”

  1. Very interesting. Reminds me of the movie “Hacker”. you’re right. Social engineering is a huge factor that people seem to forget.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: