security
awareness
training
access
control
security
solutions
auditing
infsec
medical
records
HIPAA
social
engineering
people
hacking
industrial
espionage
business
intelligence
hackers for hire
competitive
intelligence
operational
physical
technical
personnel
security
systems
Gramm-Leach-Bliley Act
GLBA
employee
training
requirements
infosec
counter
surveillance
countermeasures
information
warfare
spyware
information
security
education
industrial
spying
corporate
spies
privacy
consultants
identity
theft
confidential
private
cryptography
coersion
fear
compassion
Do those words mean anything to you?
They will.
 |
|
|
|
|
|
|
 |
|
|
|
|
|
The Manual |
|
|
|
security
awareness
training
access
control
security
solutions
auditing
infsec
medical
records
HIPAA
social
engineering
people
hacking
industrial
espionage
business
intelligence
hackers for hire
competitive
intelligence
operational
physical
technical
personnel
security
systems
Gramm-Leach-Bliley Act
GLBA
employee
training
requirements
infosec
counter
surveillance
countermeasures
information
warfare
spyware
information
security
education
industrial
spying
corporate
spies
privacy
consultants
identity
theft
confidential
private
cryptography
coersion
fear
compassion
Do those words mean anything to you?
They will.
Or "This could never happen to ME"
7:45pm. The phone rings; you look at the Caller ID and it's your biggest client: "Our competition just announced that they are going to be moving into the north-western territory. I don't have to tell you that was our idea first but now we're screwed because we don't just lose the surprise factor, we also have lost the territory to any real sales opportunities. HOW could they know our plans before we announced them?"
8:02pm. It's them again: "OH MY GOD!! They don't just have our future sales plans, they have our new product ideas. This is a disaster, I can't believe that someone could simply get our sales strategy as well as our unreleased product schematics. We have the finest computer security that money can buy so how did they steal all our ideas without anyone knowing about it?"
8:07pm. You know who, again:
"We are
doomed. While
trying to email our network administrator, the computer just froze,
said we have a virus, reset and now every computer in the office says
the same thing 'Invalid Operating System, Please insert system disk.' I
have a feeling we have been set up for a major disaster. Is
there anything we can do about this?"
This
is one of many stories that you will rarely hear about since companies
have to keep good public relations or else stockholders/partners lose
their minds and the business goes kaput. Theft of passwords, medical
history
records, credit card information, shipping manifests, sales
projections, financial reports, social security numbers, patent ideas,
and much more information, free services and goods than you can imagine
are all at risk when your employees aren't trained to deal with someone
who has their sights set on destroying you. Security awareness training
and "alternate" security solutions are the only means of preventing
these forms of attacks. The old adage 'it takes one to know one' fits
perfectly because your average joe-schmo security guard or network
administrator have little clue how any of this is done because even if
they took special training, they
simply don't teach it in their classes, ever.
Technical Security,
Operational
Security, Physical Security,
Personnel Security,
Security Awareness
Training
The
scenario above
could happen to your company and the thing that is completely
outrageous is that it could be done LEGALLY! Yes,
legally,
since some 97.3%
of
the techniques used by social engineers(people hackers) never involve
them using a computer to intrude on your network, most of them don't
trespass and there are no laws whatsoever against one of your employees
giving them the information they ask for, and, if that weren't enough,
the information that is asked of them will seem entirely appropriate to
give to the person who is asking thereby bypassing your firewalls and
technical
security altogether. That's scary, huh.This is information warfare
we're talking about here, not a "simple" cybercrime that can usually be
prevented by the standard methods. Do they use surveillance? Do
you need
counter-surveillance? Preventing these techniques is crucial in many
industries: banking, research and development, insurance, medical,
billing, and especially any agency or business that has to be HIPAA
compliant and realizes the consequences of a breach of your security.
Welcome
to People Hacking. Committed to preventing industrial
espionage, stopping competitive intelligence, reducing the effects of
corporate sabotage and information theft one
company at a time. We increase security awareness
by outlining the
concepts of how spies truly are everywhere and if you have anything to
hide from anyone, your
competition might be looking to find what that is. By analyzing your
situation, most damage from attacks can be prevented entirely. Your
competition
could have someone invisibly and silently profiling your company to
extract information or even sabotaging your whole business. Maybe not
but do you really want to risk it and have it happen to
you unexpectedly? Lawsuits
are popping up everywhere from people who have had their confidential
information stolen from companies that were supposed to be protecting
it and new federal guidelines are awarding huge damages to these
people. Wouldn't you like the peace of mind knowing that your employees
are working in your favor in
this situation now.
Check out this article
about how people hackers are using a persuasion tool called
neurolinguistic programming(NLP) to lull their victims into gleefully
handing over private information and you can get
a glimpse into the horrifying future of people hacking technology. Or a
primer
on the psychology of social engineering; it's not even remotely
complete but it'll show you just about one percent of what kind of
attacks are available to the average people hacker.