The Art of Deception: Controlling the Human Element of Security

The Art of Deception: Controlling the Human Element of Security

NOOK Book(eBook)

$10.99 $16.95 Save 35% Current price is $10.99, Original price is $16.95. You Save 35%.
View All Available Formats & Editions

Available on Compatible NOOK Devices and the free NOOK Apps.
WANT A NOOK?  Explore Now
LEND ME® See Details


The world's most infamous hacker offers an insider's view of the low-tech threats to high-tech security
Kevin Mitnick's exploits as a cyber-desperado and fugitive form one of the most exhaustive FBI manhunts in history and have spawned dozens of articles, books, films, and documentaries. Since his release from federal prison, in 1998, Mitnick has turned his life around and established himself as one of the most sought-after computer security experts worldwide. Now, in The Art of Deception, the world's most notorious hacker gives new meaning to the old adage, "It takes a thief to catch a thief."
Focusing on the human factors involved with information security, Mitnick explains why all the firewalls and encryption protocols in the world will never be enough to stop a savvy grifter intent on rifling a corporate database or an irate employee determined to crash a system. With the help of many fascinating true stories of successful attacks on business and government, he illustrates just how susceptible even the most locked-down information systems are to a slick con artist impersonating an IRS agent. Narrating from the points of view of both the attacker and the victims, he explains why each attack was so successful and how it could have been prevented in an engaging and highly readable style reminiscent of a true-crime novel. And, perhaps most importantly, Mitnick offers advice for preventing these types of social engineering hacks through security protocols, training programs, and manuals that address the human element of security.

Product Details

ISBN-13: 9780764538391
Publisher: Wiley
Publication date: 08/04/2011
Sold by: Barnes & Noble
Format: NOOK Book
Pages: 368
Sales rank: 213,704
File size: 1 MB

About the Author

Kevin Mitnick is the founder of Defensive Thinking, an information security firm, and speaks widely on security issues. He has appeared on 60 Minutes and elsewhere in the media, and his exploits have spawned several bestselling books, including The Fugitive Game.

William Simon is the bestselling author of more than twenty books.

Table of Contents




Part 1: Behind the Scenes.

Chapter 1: Security's Weakest Link.

Part 2: The Art of the Attacker.

Chapter 2: When Innocuous Information Isn't.

Chapter 3: The Direct Attack: Just Asking for It.

Chapter 4: Building Trust.

Chapter 5: "Let Me Help You".

Chapter 6: "Can You Help Me?".

Chapter 7: Phony Sites and Dangerous Attachments.

Chapter 8: Using Sympathy, Guilt, and Intimidation.

Chapter 9: The Reverse Sting.

Part 3: Intruder Alert.

Chapter 10: Entering the Premises.

Chapter 11: Combining Technology and Social Engineering.

Chapter 12: Attacks on the Entry-Level Employee.

Chapter 13: Clever Cons.

Chapter 14: Industrial Espionage.

Part 4: Raising the Bar.

Chapter 15: Information Security Awareness and Training.

Chapter 16: Recommended Corporate Information Security Policies.

Security at a Glance.




Customer Reviews

Most Helpful Customer Reviews

See All Customer Reviews

Art of Deception 4.1 out of 5 based on 0 ratings. 32 reviews.
fakelvis on LibraryThing More than 1 year ago
I had high hopes for this book: I've followed Mitnick's story for over a decade and have thoroughly enjoyed many of the books written about him and his exploits. I expected The Art of Deception to be no exception. Except it was.The Art of Deception is more of a IT professional's handbook for preventing social engineering attacks on a corporation. There are two problems with this:1) It's absolutely not, in any way, a book for casual readers looking to understand and discover some insights on the psychology of deception in a technical environment. If that's what you want, look elsewhere.2) If an IT security professional working for any company needs a book this big to understand how to protect about social engineering... well they are in serious need of a career counselor and should consider a new profession.*There's one more problem with the book: it's far too long, the stories are endlessly repetitive, and, well, everything else. Avoid.*OK, that may be hyperbolic. But hear this, IT security professionals: buy this book, read the first chapter, then close it. Everything you need to know is in the first chapter.
AK_Doug on LibraryThing More than 1 year ago
This is a great collection of stories that illustrates the biggest security hole in every organization: the people.
nderdog on LibraryThing More than 1 year ago
Great information that is never really outdated. I've passed this one around to all of my IS co-workers. A good way to try and think like a bad guy to educate users about how to handle situations and to know who they're dealing with.
mcandre on LibraryThing More than 1 year ago
Hand a copy to all IT staff, then another copy to all general staff. This book shows that fooling people is far easier than fooling computer systems.
Miche11e on LibraryThing More than 1 year ago
I started reading this book to my son, who was enjoying it immensely, then stopped when I decided it was totally inappropriate matter for an inquisitive 9 year old. Kevin was released from prison last year after being found guilty of hacking into computer systems. Kevin's premise is simple. People are the security's weakest link.I enjoyed reading this, although I admit, the book gets rather boring after a while. But the first few chapters should be essential reading for everyone to raise awareness of how easy it is to steal personal information. Especially from people in Bruce county who are soooooo friendly and helpful. If you get tired of Kevin's bragging, just skip to his recommendations in chapter 16.
rivkat on LibraryThing More than 1 year ago
Full of illustrations of Mitnick's points; very interesting, especially if you're a writer looking for social engineering scenarios for characters to get information they shouldn't have.
Anonymous More than 1 year ago
If you need to hack into any database, delete record, improve credit score, spy on whatsapp, text, phone, emails, as long as it's hack contact Blackhatthacker @ v ia Email he is great, you won't be disappointed, cheap and fast, he saved my relationship Tell him Anderson
Anonymous More than 1 year ago
Powerful book. I strongly recommend it!
Anonymous More than 1 year ago
I thought this book would be a lesson on HOW to social engineer, but unfortunately it is just a interesting corporate handbook. Provides a couple of interesting stories and techniques but I'd like to see a guidebook to ethical social engineering. Good read!
Anonymous More than 1 year ago
Anonymous More than 1 year ago
This was an extraordinary book! Locke
Anonymous More than 1 year ago
Anonymous More than 1 year ago
Anonymous More than 1 year ago
Anonymous More than 1 year ago
Anonymous More than 1 year ago
Anonymous More than 1 year ago
Anonymous More than 1 year ago
Anonymous More than 1 year ago
Anonymous More than 1 year ago
Anonymous More than 1 year ago
Anonymous More than 1 year ago
Anonymous More than 1 year ago
David9 More than 1 year ago
This is a highly enjoyable collection of short stories demonstrating social engineering fundamentals. It's Scams 101 written by a highly credible author. Each method chapter draws from street experience and is analyzed for comprehension and defense, This is a real eye-opener for those of us sheltered in corporate office jobs or academia. The first two thirds of the book are the method chapters, while the remaining third is a rather dry sequence of corporate policy recommendations. The recommendations seem stale, but they establish ample justification for your boss to buy it for you. (Perhaps another scam pulled off by Mitnick?). If I have any criticism it is that, despite the title, the book concentrates on the defensive side of the 'art'. There are no lists of suggested exercises to practice each method; instead short case analyses are concluded with steps to avoid being a victim. Also, the acknowledgements section is plainly a nauseous gush. The writing style of the bulk of the book is great though: easy and engrossing. If you tore off the last third of the book, it would stand on its own as a must-read for anyone interested in modern deception and fraud.
Anonymous More than 1 year ago