Security expert Chris Nickerson is often asked by clients to conduct penetration testing of their on-site security. Watch Nickerson and his team pull off a $24,000 heist in this video.
Nickerson and crew recently took on such an exercise for a client he describes as “a retail company with a large call center.” With some prep work, Nickerson says the team was able gain access to the company’s network and database quite easily. Read on to find out how they did it and what lessons you can take away for shoring up your organization’s defenses.
Write a 100 word reflection
someone wrote this
do not copy anything from here
Chis Nickerson and his tiger team of penetration professionals was hired to conduct a penetration test for Jason of Beverly Hills which specializes in customized jewelry for Hollywood personalities. Although they were not able to enter the facility using “break-in” techniques, they were able to walk in through the front door. They use a variety in social engineering tactics to “sweet talk” their way inside. Social engineering is a deceptive way for individuals or groups, primarily using the skill of charm and acceptance, to gain access to confidential resources or information that they would normally not be authorized (Hulme & Goodchild, 2017). It can be done in person, telephone, email, and most any other form of communication.
As part of the tiger team’s social engineering strategy, they were able to get an employee to put there thumb drive in her desktop computer, thus, granting them access to the corporate database via a program running from the thumb drive. While there, no one of the employees there ask them for any credentials to show that they were magazine representatives. It was quite easy for them to roam around the company with no challenges from the employees. The team was able to gather intelligence for their test by taking pictures (with no challenges), wearing a hat cam, and social networking activities with employees. They also used a technique to glean information from the front door HID and used the information. An overall excellent use of social network was displayed in this video and clearly shows that the organization could use some user awareness and training.
Hulme, G. and Goodchild, J. (2017). What is social engineering? How criminals take advantage of human behavior. Retrieved from https://www.csoonline.com/article/2124681/social-engineering/what-is-social-engineering.html
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.Read more
Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.Read more
Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.Read more
Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.Read more
By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.Read more