Titel: Art of Deception C
Autor/en: Mitnick, Simon
Controlling the Human Element of Security.
HC gerader Rücken kaschiert.
John Wiley & Sons
27. September 2002 - gebunden - 372 Seiten
The world's most infamous hacker offers an insider's view of the low-tech threats to high-tech security
Kevin Mitnick's exploits as a cyber-desperado and fugitive form one of the most exhaustive FBI manhunts in history and have spawned dozens of articles, books, films, and documentaries. Since his release from federal prison, in 1998, Mitnick has turned his life around and established himself as one of the most sought-after computer security experts worldwide. Now, in The Art of Deception, the world's most notorious hacker gives new meaning to the old adage, "It takes a thief to catch a thief."
Focusing on the human factors involved with information security, Mitnick explains why all the firewalls and encryption protocols in the world will never be enough to stop a savvy grifter intent on rifling a corporate database or an irate employee determined to crash a system. With the help of many fascinating true stories of successful attacks on business and government, he illustrates just how susceptible even the most locked-down information systems are to a slick con artist impersonating an IRS agent. Narrating from the points of view of both the attacker and the victims, he explains why each attack was so successful and how it could have been prevented in an engaging and highly readable style reminiscent of a true-crime novel. And, perhaps most importantly, Mitnick offers advice for preventing these types of social engineering hacks through security protocols, training programs, and manuals that address the human element of security.
Part 1: Behind the Scenes.
Chapter 1: Security's Weakest Link.
Part 2: The Art of the Attacker.
Chapter 2: When Innocuous Information Isn't.
Chapter 3: The Direct Attack: Just Asking for It.
Chapter 4: Building Trust.
Chapter 5: "Let Me Help You".
Chapter 6: "Can You Help Me?".
Chapter 7: Phony Sites and Dangerous Attachments.
Chapter 8: Using Sympathy, Guilt, and Intimidation.
Chapter 9: The Reverse Sting.
Part 3: Intruder Alert.
Chapter 10: Entering the Premises.
Chapter 11: Combining Technology and Social Engineering.
Chapter 12: Attacks on the Entry-Level Employee.
Chapter 13: Clever Cons.
Chapter 14: Industrial Espionage.
Part 4: Raising the Bar.
Chapter 15: Information Security Awareness and Training.
Chapter 16: Recommended Corporate Information Security Policies.
Security at a Glance.
KEVIN MITNICK is a security consultant to corporations worldwide and a cofounder of Defensive Thinking, a Los Angeles-based consulting firm (defensivethinking.com). He has testified before the Senate Committee on Governmental Affairs on the need for legislation to ensure the security of the government's information systems. His articles have appeared in major news magazines and trade journals, and he has appeared on Court TV, Good Morning America, 60 Minutes, CNN's Burden of Proof and Headline News. He has also been a keynote speaker at numerous industry events and has hosted a weekly radio show on KFI AM 640 Los Angeles.
WILLIAM SIMON is a bestselling author of more than a dozen books and an award-winning film and television writer.
"...an interesting read..." (www.infosecnews.com, 17 July 2002)
"...highly entertaining...will appeal to a broad audience..." (Publishing News, 26 July 2002)
"required reading for IT professionals, [and] is highly recommended for public, academic, and corporate libraries." (Library Journal, August 2002)
"This is Mitnick's account, complete with advice for how to protect yourself from similar attacks. I believe his story." (Wired, October 2002)
"does deliver on 'social engineering' exercises." And "[o]ne way or another, you'll find the information useful." (Red Herring, October 2002)
"Mitnick outlines dozens of social engineering scenarios in his book, dissecting the ways attackers can easily exploit what he describes as 'that natural human desire to help others and be a good team player.'" (Wired.com, October 3, 2002)
"Most of the book, coauthored by William Simon ..., is a series of fictional episodes depicting the many breathtakingly clever ways that hackers can dupe trusting souls into breaching corporate and personal security - information as simple as an unlisted phone number or as complicated as plans for a top-secret product under development." (Forbes, October 14, 2002)
"...the book describes how people can get sensitive information without even stepping near a computer through 'social engineering' -- the use of manipulation or persuasion to deceive people by convincing them that you are someone else." (CNN.com's Technology section, October 9, 2002)
"...engaging style...fascinating true stories..." (The CBL Source, October/December 2002)
"...the book describes how people can get information without even stepping near a computer..." (CNN, 16 October 2002)
"...each vignette reads like a mini-cybermystery thriller...I willingly recommend The Art of Deception. It could save you from embarrassment or an even worse fate..." (zdnet.co.uk, 15 October 2002)
"...details the ways that employees can inadvertently leak information that can be exploited by hackers to compromise computer systems...the book is scary in ways that computer security texts usually do not manage to be..." (BBC online, 14 October 2002)
"...more educational than tell-all..." (Forbes, 2 October 2002)
"...would put a shiver into anyone responsible for looking after valuable computer data...the exploits are fictional but realistic...the book is about hacking peoples heads..." (The Independent, 21 October 2002)
"...the key strength of The Art of Deception is the stream of anecdotes - with explanations about how and why hacks succeed...provides a solid basis for staff training on security..." (Information Age, October 2002)
"...should be on the list of required reading. Mitnick has done an effective job of showing exactly what the greatest threat of attack is - people and their human nature..." (Unix Review, 18 October 2002)