Social engineering disabling targets: Mitnick

05.05.2015
Many cybercriminals are using social engineering to get a foot in the door and gain access to corporate and government systems, says the world's most famous hacker, Kevin Mitnick.

Mitnick -- a former black hat hacker who was wanted by the FBI in the United States after hacking into 40 corporations just for a 'challenge' -- will speak about social engineering on Wednesday night at CeBIT in Sydney.

Learn how smart CIOs are protecting customers from security breaches

Mitnick describes social engineering as using manipulation, deception and influence to get a target to comply with a request to access a network.

Today, as chief white hacker at Mitnick Security, he is hired by organisations to hack into their networks to identify and remedy security holes.

"A lot of attacks these days are because of insecure Web applications that have vulnerabilities that we can exploit in social engineering," he told CIO Australia.

"The foot in the door is through social engineering and then when you are on the corporate or government network, you can use technical exploits to gain access to targeted systems.

"That's how the White House was hacked. Attackers got into the state department using social engineering through a phishing email. Once they hacked into the state department, they were able to worm their way into the White House network because they must have had an extranet."

Read more:Christchurch law firm adopts VDI after earthquake

Meanwhile, Mitnick told CIO that organisations he works with as a white hacker often have a lot of dormant accounts that have not been disabled.

"I also see password patterns. Once as a security tester, I was able to compromise the company and crack or obtain their domain passwords in an Active Directory environment.

"We could determine the patterns that people used so no matter where they have credentials or accounts, we could determine the next credential.

Read more:PRISM revives data sovereignty arguments in Australia

"For example, when Sony was recently hacked, Michael Lynton [CEO of Sony], his domain user account was 'Sonyml3' so I assumed the next password change would have been 'Sonyml4," Mitnick said.

Mitnick said that in his experience, everything has been hackable.

"You can raise the bar extremely high and make it extremely difficult but at the end of the day, everything I have seen out there has been broken. It just depends on timing and resources," he said.

Read more:Australian websites caught up in DNS Changer case

Follow CIO Australia on Twitter and Like us on Facebook... Twitter: @CIO_Australia, Facebook: CIO Australia, or take part in the CIO conversation on LinkedIn: CIO Australia

Follow Byron Connolly on Twitter:@ByronConnolly

(www.cio.com.au)

Byron Connolly