Social Engineering Defeats Security at DEFCON

Reporting the details of the penetration testing conducted at the August 2011 DEFCON, researchers from reported that by using social engineering techniques they were able trick employees into compromising the security of all 14 Fortune 500 companies that participated in DEFCON 19.

The report, from the firm is for free with registration.


2 Responses to Social Engineering Defeats Security at DEFCON

  1. […] The unnamed FBI official’s observation that the attack was not that sophisticated and no systems were compromised missed the crucial lesson of this incident — a successful cybertattack doesn’t have to be technically sophisticated in order to be successful.  This incident demonstrates an important principle of security — attack the people because it is easier to hack people than systems. […]

  2. […] frequently infiltrate networks by attacking the people who use the network rather than the network itself.  How do the hacker’s attack the people? A […]