8.2. Mitnick Case Study 2: Hacking the Social Security Administration
Mitnick mentions a man he called Keith Carter, a less-than-honorable private investigator hired to do some digging into a man who was hiding funds from his soon-to-be-estranged wife. She had funded his venture, which had grown into a multimillion-dollar company.
The divorce was almost settled but the woman's attorneys needed to find the "hidden assets." This attack vector is interesting because, as in the first case study, the story follows a very shady method of gathering intelligence.
8.2.1. The Target
The target was to find the assets of the husband, "Joe Johnson," but that wasn't the target used for the actual social engineering attack. To obtain information on Joe, the private investigator, Keith, had to hack the Social Security Administration (SSA).
Many times in a social engineering audit this option will present itself. This section covers some of the methods he used to accomplish this goal, but suffice it to say that hacking the SSA is a very slippery slope. As the story unfolds you will see how dangerous this particular hack was.
8.2.2. The Story
Joe Johnson was married to a very wealthy woman. He had knowingly used tens of thousands of her dollars to invest in one of his ideas. That idea grew into a multimillion-dollar organization.
As things happen, their marriage was not too solid, so they decided to divorce. During the divorce proceedings, soon to be ex-Mrs. Johnson "knew" he was hiding his ...
Get Social Engineering: The Art of Human Hacking now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
