When the phone call is more dangerous than malware

During Social Engineer Capture the Flag contest, one of the most prominent and popular annual events at DEF CON 21, a pool of 10 men and 10 women, from diverse backgrounds and experience levels, tested their social engineering abilities against 10 of the biggest global corporations, including Apple, Boeing, Exxon, General Dynamics and General Electric. The complete results of the competition are in, and they don’t bode well for businesses.

“Social engineering has played some role in nearly every major hack you have read about over the last few years, yet this year’s competition clearly illustrates how poorly prepared companies are to defend against socially engineered attacks,” said Chris Hadnagy, Chief Human Hacker, Social-Engineer, Inc.

“While there continues to be improvements in the quality and preparation of the contestants, there have not been any significant improvements by companies to secure information available on the internet and educate and prepare employees against a disciplined social engineer.

SOURCE: net-security.org

Information Security Buzz