The Art of Deception: Controlling the Human Element of Security / Edition 1

The Art of Deception: Controlling the Human Element of Security / Edition 1

4.1 25
by Kevin D. Mitnick, William L. Simon, Steve Wozniak
     
 

View All Available Formats & Editions

ISBN-10: 0471237124

ISBN-13: 9780471237129

Pub. Date: 10/11/2002

Publisher: Wiley

The world's most infamous hacker offers an insider's view of the low-tech threats to high-tech security
Kevin Mitnick's exploits as a cyber-desperado and fugitive form one of the most exhaustive FBI manhunts in history and have spawned dozens of articles, books, films, and documentaries. Since his release from federal prison, in 1998, Mitnick has turned his

Overview

The world's most infamous hacker offers an insider's view of the low-tech threats to high-tech security
Kevin Mitnick's exploits as a cyber-desperado and fugitive form one of the most exhaustive FBI manhunts in history and have spawned dozens of articles, books, films, and documentaries. Since his release from federal prison, in 1998, Mitnick has turned his life around and established himself as one of the most sought-after computer security experts worldwide. Now, in The Art of Deception, the world's most notorious hacker gives new meaning to the old adage, "It takes a thief to catch a thief."
Focusing on the human factors involved with information security, Mitnick explains why all the firewalls and encryption protocols in the world will never be enough to stop a savvy grifter intent on rifling a corporate database or an irate employee determined to crash a system. With the help of many fascinating true stories of successful attacks on business and government, he illustrates just how susceptible even the most locked-down information systems are to a slick con artist impersonating an IRS agent. Narrating from the points of view of both the attacker and the victims, he explains why each attack was so successful and how it could have been prevented in an engaging and highly readable style reminiscent of a true-crime novel. And, perhaps most importantly, Mitnick offers advice for preventing these types of social engineering hacks through security protocols, training programs, and manuals that address the human element of security.

Product Details

ISBN-13:
9780471237129
Publisher:
Wiley
Publication date:
10/11/2002
Edition description:
New Edition
Pages:
368
Sales rank:
734,735
Product dimensions:
6.00(w) x 9.00(h) x 1.00(d)

Table of Contents

Foreword.

Preface.

Introduction.

Part 1: Behind the Scenes.

Chapter 1: Security's Weakest Link.

Part 2: The Art of the Attacker.

Chapter 2: When Innocuous Information Isn't.

Chapter 3: The Direct Attack: Just Asking for It.

Chapter 4: Building Trust.

Chapter 5: "Let Me Help You".

Chapter 6: "Can You Help Me?".

Chapter 7: Phony Sites and Dangerous Attachments.

Chapter 8: Using Sympathy, Guilt, and Intimidation.

Chapter 9: The Reverse Sting.

Part 3: Intruder Alert.

Chapter 10: Entering the Premises.

Chapter 11: Combining Technology and Social Engineering.

Chapter 12: Attacks on the Entry-Level Employee.

Chapter 13: Clever Cons.

Chapter 14: Industrial Espionage.

Part 4: Raising the Bar.

Chapter 15: Information Security Awareness and Training.

Chapter 16: Recommended Corporate Information Security Policies.

Security at a Glance.

Sources.

Acknowledgements.

Index.

Customer Reviews

Average Review:

Write a Review

and post it to your social network

     

Most Helpful Customer Reviews

See all customer reviews >

Art of Deception 4.2 out of 5 based on 0 ratings. 25 reviews.
Anonymous More than 1 year ago
Powerful book. I strongly recommend it!
Anonymous More than 1 year ago
I thought this book would be a lesson on HOW to social engineer, but unfortunately it is just a interesting corporate handbook. Provides a couple of interesting stories and techniques but I'd like to see a guidebook to ethical social engineering. Good read!
Anonymous More than 1 year ago
Anonymous More than 1 year ago
This was an extraordinary book! Locke
Anonymous More than 1 year ago
Anonymous More than 1 year ago
Anonymous More than 1 year ago
Anonymous More than 1 year ago
Anonymous More than 1 year ago
Anonymous More than 1 year ago
Anonymous More than 1 year ago
Anonymous More than 1 year ago
Anonymous More than 1 year ago
Anonymous More than 1 year ago
Anonymous More than 1 year ago
Anonymous More than 1 year ago
David9 More than 1 year ago
This is a highly enjoyable collection of short stories demonstrating social engineering fundamentals. It's Scams 101 written by a highly credible author. Each method chapter draws from street experience and is analyzed for comprehension and defense, This is a real eye-opener for those of us sheltered in corporate office jobs or academia. The first two thirds of the book are the method chapters, while the remaining third is a rather dry sequence of corporate policy recommendations. The recommendations seem stale, but they establish ample justification for your boss to buy it for you. (Perhaps another scam pulled off by Mitnick?). If I have any criticism it is that, despite the title, the book concentrates on the defensive side of the 'art'. There are no lists of suggested exercises to practice each method; instead short case analyses are concluded with steps to avoid being a victim. Also, the acknowledgements section is plainly a nauseous gush. The writing style of the bulk of the book is great though: easy and engrossing. If you tore off the last third of the book, it would stand on its own as a must-read for anyone interested in modern deception and fraud.
Anonymous More than 1 year ago
Anonymous More than 1 year ago
Guest More than 1 year ago
This book is undoubtably a good read. It kept my intrest the whole way through. I am a social engineer but i wanted to learn more about this subject so i picked up this book and my skills improved alot. I only use my social engineering skills for talking my way out of on into things i dont think its worth the risk of diong some of the things in this book. SO DONT ATTEMPT ANY THING U READ IN THIS BOOK!!!!
Guest More than 1 year ago
Never in my life have books kept my attention, but I must say this book is truly amazing! I love the wording and the storys that are used. I have learned so much from Kevin.
Guest More than 1 year ago
This book is easily one of the greatest books that I have read to date and would recommend any book written by the great coder and computer enthusiast Kevin Mitnick. If you want a book that not only tells of the attack side of a computer intrusion, but also the tracking side, then this book is the one for you. I also strongly recommend that big companies have all employees that work with sensitive data to read this book to protect against social engineering.
Guest More than 1 year ago
Kevin Mitnick¿s ¿The Art of Deception¿ is his greatest (to date) successful attempt of the ¿hacking¿ on a mass scale. Not only he got to disseminate the craft cleverly bypassing probation restrictions, but also in doing so he legitimately got paid. Bravo. The content - amusing (hence 3 stars) mix of anecdotes and corporate manuals, presents no news to a professional. Better books were written on the subject. It is also unfortunate that the term "social engineering" stuck, though the desire of a con man to call himself an artist is understood.
Guest More than 1 year ago
In The Art of Deception, Kevin D. Mitnick, a corporate security consultant who was once arrested for computer hacking, has written a fascinating book about how to control security lapses due to the ¿human element.¿ With writer William L. Simon, he describes how con artists use social engineering to gain information by lying to pass themselves off as insiders. By being sensitive to human behavior and taking advantage of trust, they learn to bypass your security systems. The book teaches you how to ward off such threats and educate employees. Yet, problematically, this information could also help con artists be more sophisticated. In any case, this highly informative, engaging book includes sample conversations that open the door to information, along with tips about how various cons are used and what to do about them. We from getAbstract recommend this book to corporate officers, information managers, human resource directors and security personnel, but don¿t tell anybody.
Guest More than 1 year ago
Only the most arrogant Sys Admin, Manager or simple reader would read these tales and not wonder WHEN one of Mitnick's described social engineering techniques has been used on them or their colleagues. The book flows smoothly and demonstrates clearly how vulnerable EVERYONE is to manipulation. I was surprised and pleased that such a book is not banned. It reads much like a 'bad guys' HOWTO--But, since this info is already available to those who would take advantage, making the info available to the community at large educates and strengthens the rest of us. If only Senior Execs would read this book and learn--they could take us all a huge step forward; toward securing and protecting the data we are responsible for. And everyone, from the medtech to the artist, even those without computers to defend, would benefit by reading it. It teaches us definitively about human nature and human vulnerabilities. The book is about INFORMATION--how people try to steal or manipulate it, and how we can protect our information and ourselves. Mitnick, while never truly reviled by computer folks, may have just redeemed himself in Society. I'd be tempted to give him his freedom and his modem back, with the implicit request that he hack only to 'do good'. I paid $30ish for the book in-store, and wouldn't sell it off for less than a $100. It's always the stuff that seems so obvious once you read it, that you really do need to read and know. Mitnick and Simon are providing a gift of understanding. Take it. READ IT.