book

The Art of Deception: Controlling the Human Element of Security

by Kevin D. Mitnick, William L. Simon, Steve Wozniak

October 2003

Beginner

368 pages

9h 7m

English

Wiley

Read now

Unlock full access

STARTING OUTFrom Phone Phreak to HackerBecoming a Social EngineerFINAL THOUGHTS
1.1. THE HUMAN FACTOR1.2. A CLASSIC CASE OF DECEPTION1.3. THE NATURE OF THE THREAT1.4. ABUSE OF TRUST1.5. TERRORISTS AND DECEPTION1.6. ABOUT THIS BOOK
2.1. THE HIDDEN VALUE OF INFORMATION2.2. CREDITCHEX2.3. THE ENGINEER TRAP2.4. MORE "WORTHLESS" INFO2.5. PREVENTING THE CON
3.1. AN MLAC QUICKIE3.2. YOUNG MAN ON THE RUN3.3. ON THE DOORSTEP3.4. GAS ATTACK3.5. PREVENTING THE CON

4.1. TRUST: THE KEY TO DECEPTION4.2. VARIATION ON A THEME: CARD CAPTURE4.3. THE ONE-CENT CELL PHONE4.4. HACKING INTO THE FEDS4.5. PREVENTING THE CON
5.1. THE NETWORK OUTAGE5.2. A LITTLE HELP FOR THE NEW GAL5.3. NOT AS SAFE AS YOU THINK5.4. PREVENTING THE CON
6.1. THE OUT-OF-TOWNER6.2. SPEAKEASY SECURITY6.3. THE CARELESS COMPUTER MANAGER6.4. PREVENTING THE CON
7.1. "WOULDN'T YOU LIKE A FREE (BLANK)?"7.2. MESSAGE FROM A FRIEND7.3. VARIATIONS ON A THEME7.4. VARIATIONS ON THE VARIATION
8.1. A VISIT TO THE STUDIO8.2. "DO IT NOW"8.3. "MR. BIGG WANTS THIS"8.4. WHAT THE SOCIAL SECURITY ADMINISTRATION KNOWS ABOUT YOU8.5. ONE SIMPLE CALL8.6. THE POLICE RAID8.7. TURNING THE TABLES8.8. PREVENTING THE CON
9.1. THE ART OF FRIENDLY PERSUASION9.2. COPS AS DUPES9.3. PREVENTING THE CON
10.1. THE EMBARRASSED SECURITY GUARD10.2. DUMPSTER DIVING10.3. THE HUMILIATED BOSS10.4. THE PROMOTION SEEKER10.5. SNOOPING ON KEVIN10.6. PREVENTING THE CON
11.1. HACKING BEHIND BARS11.2. THE SPEEDY DOWNLOAD11.3. EASY MONEY11.4. THE DICTIONARY AS AN ATTACK TOOL11.5. PREVENTING THE CON
12.1. THE HELPFUL SECURITY GUARD12.2. THE EMERGENCY PATCH12.3. THE NEW GIRL12.4. PREVENTING THE CON
13.1. THE MISLEADING CALLER ID13.2. VARIATION: THE PRESIDENT OF THE UNITED STATES IS CALLING13.3. THE INVISIBLE EMPLOYEE13.4. THE HELPFUL SECRETARY13.5. TRAFFIC COURT13.6. SAMANTHA'S REVENGE13.7. PREVENTING THE CON
14.1. VARIATION ON A SCHEME14.2. THE NEW BUSINESS PARTNER14.3. LEAPFROG14.4. PREVENTING THE CON
15.1. SECURITY THROUGH TECHNOLOGY, TRAINING, AND PROCEDURES15.2. UNDERSTANDING HOW ATTACKERS TAKE ADVANTAGE OF HUMAN NATURE15.3. CREATING TRAINING AND AWARENESS PROGRAMS15.4. TESTING15.5. ONGOING AWARENESS15.6. WHAT'S IN IT FOR ME?
16.1. WHAT IS A SECURITY POLICY?16.2. DATA CLASSIFICATION16.3. VERIFICATION AND AUTHORIZATION PROCEDURES16.4. MANAGEMENT POLICIES16.5. INFORMATION TECHNOLOGY POLICIES16.6. POLICIES FOR ALL EMPLOYEES16.7. POLICIES FOR TELECOMMUTERS16.8. POLICIES FOR HUMAN RESOURCES16.9. POLICIES FOR PHYSICAL SECURITY16.10. POLICIES FOR RECEPTIONISTS16.11. POLICIES FOR THE INCIDENT REPORTING GROUP
IDENTIFYING A SECURITY ATTACKVERIFICATION AND DATA CLASSIFICATION
CHAPTER 1CHAPTER 2CHAPTER 16CHAPTER 17
FROM KEVIN MITNICKFROM BILL SIMON

Content preview from The Art of Deception: Controlling the Human Element of Security

preface

Some hackers destroy people's files or entire hard drives; they're called crackers or vandals. Some novice hackers don't bother learning the technology, but simply download hacker tools to break into computer systems; they're called script kiddies. More experienced hackers with programming skills develop hacker programs and post them to the Web and to bulletin board systems. And then there are individuals who have no interest in the technology, but use the computer merely as a tool to aid them in stealing money, goods, or services.

Despite the media-created myth of Kevin Mitnick, I am not a malicious hacker.

But I'm getting ahead of myself.

STARTING OUT

My path was probably set early in life. I was a happy-go-lucky kid, but bored. After my father split when I was three, my mother worked as a waitress to support us. To see me then—an only child being raised by a mother who put in long, harried days on a sometimes-erratic schedule—would have been to see a kid on his own almost all his waking hours. I was my own babysitter.

Growing up in a San Fernando Valley community gave me the whole of Los Angeles to explore, and by the age of twelve I had discovered a way to travel free throughout the whole greater L.A. area. I realized one day while riding the bus that the security of the bus transfer I had purchased relied on the unusual pattern of the paper-punch that the drivers used to mark day, time, and route on the transfer slips. A friendly driver, answering my carefully planted question, ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Publisher Resources

ISBN: 9780764542800Purchase book

The Art of Deception: Controlling the Human Element of Security

by Kevin D. Mitnick, William L. Simon, Steve Wozniak

preface

STARTING OUT

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

You might also like

The Art of Social Engineering

The Art of War for Security Managers: 10 Steps to Enhancing Organizational Effectiveness

Social Engineering: The Art of Human Hacking

The Art of Leadership

Publisher Resources

preface

STARTING OUT

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,and much more.

You might also like

The Art of Social Engineering

The Art of War for Security Managers: 10 Steps to Enhancing Organizational Effectiveness

Social Engineering: The Art of Human Hacking

The Art of Leadership

Publisher Resources

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.