the art of deception: controlling the human element of security by kevin d. mitnick, william l....

8
The Art of Deception: Controlling the Human Element of Security by Kevin D. Mitnick , William L. Simon , Steve Wozniak Presented by- Dipti Singhal Janish Jindal

Upload: claribel-henderson

Post on 18-Jan-2018

220 views

Category:

Documents


0 download

DESCRIPTION

“I went to prison for my hacking. Now people hire me to do the same things I went to prison for, but in a legal and beneficial way.” – Kevin D. Mitnick

TRANSCRIPT

Page 1: The Art of Deception: Controlling the Human Element of Security by Kevin D. Mitnick, William L. Simon, Steve Wozniak Kevin D. MitnickWilliam L. SimonSteve

The Art of Deception: Controlling the Human

Element of Securityby Kevin D. Mitnick, William L. Simon, 

Steve Wozniak 

Presented by-Dipti SinghalJanish Jindal

Page 2: The Art of Deception: Controlling the Human Element of Security by Kevin D. Mitnick, William L. Simon, Steve Wozniak Kevin D. MitnickWilliam L. SimonSteve

About the author - Kevin Mitnick• Controversial American computer security consultant,

author and hacker.• Best sellers – The Art of Invisibility, Ghost in the Wires,

The Art of Intrusion and The Art of Deception.• Infamous due to his high-profile 1995 arrest and later five

years in prison for various computer and communication-related crimes.• Now runs a firm named Mitnick Security Consulting, LLC

that helps test a company’s security strengths, weaknesses, and potential loopholes.

Page 3: The Art of Deception: Controlling the Human Element of Security by Kevin D. Mitnick, William L. Simon, Steve Wozniak Kevin D. MitnickWilliam L. SimonSteve

“I went to prison for my hacking. Now people hire me to do the same things I went to prison for, but in a legal and beneficial way.” – Kevin D. Mitnick

Page 4: The Art of Deception: Controlling the Human Element of Security by Kevin D. Mitnick, William L. Simon, Steve Wozniak Kevin D. MitnickWilliam L. SimonSteve

Overview of the book• Focuses on the human factors involved with information security and

social engineering.• The book is divided into four parts-

Part 1: Reveals security’s weakest links vulnerable to social engineering attacks. Part 2 and 3: Introduces social engineering threats ranging from simple individual attacks to high level organisational attacks.

Part 4: Outlines recommended corporate information security policies, and an associated training program on information security awareness.

“It takes a thief to catch a thief”

Page 5: The Art of Deception: Controlling the Human Element of Security by Kevin D. Mitnick, William L. Simon, Steve Wozniak Kevin D. MitnickWilliam L. SimonSteve

Positives of the book

• Introduces a whole new perspective of viewing hacking by exploiting human gullibility in comparison to other hacking related books mainly focussing only on technicalities.• Uses a number of real world examples to explain the potential

threats and their preventive measures.• Covers readers from non-technical background also, as every

technical aspect if used is well explained.

Page 6: The Art of Deception: Controlling the Human Element of Security by Kevin D. Mitnick, William L. Simon, Steve Wozniak Kevin D. MitnickWilliam L. SimonSteve

Negatives of the book

• Elimination of the redundant matter from the book would have benefitted the readers.• A few impractical security advises are given. Eg. A) Don't write passwords down B) Don't use simple passwords C) Change passwords monthly

Page 7: The Art of Deception: Controlling the Human Element of Security by Kevin D. Mitnick, William L. Simon, Steve Wozniak Kevin D. MitnickWilliam L. SimonSteve

Why one should read this book?

To protect oneself from the potential social engineering attacks

Page 8: The Art of Deception: Controlling the Human Element of Security by Kevin D. Mitnick, William L. Simon, Steve Wozniak Kevin D. MitnickWilliam L. SimonSteve