 |
| The most vulnerable part of a system. |
The single most problem
with keeping a system secure is the human element in it. Even if you make a
computer’s firewall as tough as you can, the single most vulnerable element is
the person using it. People can:
- Be deceived
- Make mistakes
- Be vulnerable of too much empathy
- Be social engineered into giving secrets away
 |
| Kevin Mitnick quote on cyber security. |
The person most
responsible for bringing the term “social engineering” to light is Kevin
Mitnick. He spent a lot of time in the 80s and 90s using deception and
manipulation to get secrets from companies. He did not sell these secrets, but
he did expose how vulnerable these companies were from the people working in
the company. You can make a firewall as strong as you want, but if you don’t
have proper security protocol for your employees then that firewall becomes
meaningless. A lot of what Mitnick did was appeal to people’s sense of empathy
and he also used common sense. Most of the time the information he needed to
manipulate people was accessible with a phone book.
 |
| Anonymous's mantra. |
In order for
cyber security to be stronger, first there needs to be a revision of taking the
human element out. Once the human element is out you take out a huge percent of
the fault. The fault of cyber security does not lie all on human error, but the
human element is something that can be dealt with. A new introduction into the
tech world is the existence of Artificial Intelligence systems. Maybe it might
be possible in the future to have a computer build its own firmware to protect
itself. In that system, the computer would exist by itself and would control its
own well-being. Until that point, I think the most cyber security control we
can have is to try to stay ahead of the hackers who are trying to expose the
vulnerabilities. But with so many new hackers from all over the world, this
might be too much of a task to undertake.
From reading this post I learned that one of the biggest obstacles for cyber security in the human involvement or human element of it. Hackers and others who would want to get past measures placed by Cyber Security are able to use other techniques such as “Social Engineering” outside of trying to find back doors or weaknesses in a network to access otherwise secure information. This “Social Engineering” is the ability or act of someone manipulating an individual with access to the secure information into disclosing it or giving up weaknesses in the code that protects it. This post brings up some thoughts that I would like to learn more about such as what other aspects or problems does the human element bring up for cyber security.
ReplyDeleteYeah, a lot of the problems from computer hacking come from the human aspect of it. Human error in coding, human error in loopholes, human error from giving away information that could lead to a security flaw. This article focuses on the last point because it does happen where a secretary gives away log-in information for a server because the person on the other side of the line was able to produce enough "proof" that he worked for the company. Human engineering plays into people's natural need to help and it takes advantage of that.
Delete