Announcement

Collapse
No announcement yet.

The Art of Deception

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Mr. Security
    replied
    Originally posted by 1stWatch
    .....
    Interesting take. Two intruders end up at the production line of a helicopter plant since they end up being convincing to the security guards at the facility. The moral of this is to know and follow your procedural requirements and think about everything said around you.
    Actually, this guard did exercise due diligence in trying to authenticate the "visitors." This is what he did right:

    *Observed the two w/o ID
    * Stopped them and asked for ID. Refused to be distracted by small talk.
    * Requested that they accompany him to the security office.
    * Verified that the contact information was on-file in the computer.
    * Actually contacted a company representative.

    His only mistake was letting the visitor take over the phone. The problem is that clients DO NOT want their employees and visitors to feel like they are in a level 4 correctional facility. There is a fine line between enforcing security rules to the letter of the law and not irritating the client.

    If the client REALLY wants a no exception policy and backs you up on it, then all well in good. Most put it in writing, but DO want you to be balanced and use common sense. It's a catch 22 sometimes.

    Leave a comment:


  • Michael Ledgerwood
    replied
    We get criminals who flee from LE and jump our fence thinking their safe to hide out in our factory. They promptly learn that 1 we will slap the cuffs on you just as quick and 2 we will gladly allow pd in to hunt for you.

    Leave a comment:


  • N. A. Corbier
    replied
    My man Kevin Mitnick. Feared hacker, security consultant, ex felon. I routinely preach social engineering defense. I offer to train conventional security personnel in information warfare awareness and social engineering defense, as well as Joe Corporate.

    This article is the exact thing I preach about. Everyone from the secretary to the janitor needs to be aware of information security, social engineering attacks, and how they fit into the information battlesphere. (I love those big words.)

    I have penetrated office buildings at night, during the day, etc. Sometimes on purpose, sometimes accidently. With a little con and a little forethought, you can get deep. Passwords, names, contacts, etc....

    Leave a comment:


  • 1stWatch
    started a topic The Art of Deception

    The Art of Deception

    http://www.nypress.com/19/16/news&columns/feature.cfm

    Interesting take. Two intruders end up at the production line of a helicopter plant since they end up being convincing to the security guards at the facility. The moral of this is to know and follow your procedural requirements and think about everything said around you.

Leaderboard

Collapse
Working...
X