Karan Bansal, profile picture
Uploaded byKaran Bansal
PPTX, PDF1,813 views

Kevin Mitnick

Kevin Mitnick was a famous hacker who was convicted of computer crimes and theft of intellectual property. He began hacking at age 12 and used social engineering to steal passwords from company systems. Social engineering involves manipulating people to gain access to information through deception. Mitnick advocates for security policies and personnel training to reduce the vulnerability of the human element, as social engineering is difficult to defend against through technical measures alone.

Software
Related topics:
Social Engineering

Embed presentation

Downloaded 69 times
The Art of Deception
Kevin Mitnick Famous Social Engineer Hacker • Went to prison for hacking • Became ethical hacker "People are generally helpful, especially to someone who is nice, knowledgeable or insistent."
Kevin Mitnick  Arrested and convicted on several counts of computer crime, including hacking and theft of intellectual property
Kevin Mitnick  Arrested and convicted on several counts of computer crime, including hacking and theft of intellectual property  Began at age 12 with faking punch cards for the bus system to gain free rides and continued on to phone phreaking.
Kevin Mitnick  Arrested and convicted on several counts of computer crime, including hacking and theft of intellectual property  Began at age 12 with faking punch cards for the bus system to gain free rides and continued on to phone phreaking.  Used social engineering to steal passwords to company systems.
Kevin Mitnick  Arrested and convicted on several counts of computer crime, including hacking and theft of intellectual property  Began at age 12 with faking punch cards for the bus system to gain free rides and continued on to phone phreaking.  Used social engineering to steal passwords to company systems  He still believes this is far easier to do, even today, than hacking into a system.
Kevin Mitnick  Arrested and convicted on several counts of computer crime, including hacking and theft of intellectual property  Began at age 12 with faking punch cards for the bus system to gain free rides and continued on to phone phreaking.  Used social engineering to steal passwords to company systems  He still believes this is far easier to do, even today, than hacking into a system.  Since his release from prison, Kevin has started his own computer security company and gives talks around the country about social engineering and other security topics.
What is Social Engineering?
What is Social Engineering? • Attacker uses human interaction to obtain or compromise information
What is Social Engineering? • Attacker uses human interaction to obtain or compromise information • Attacker my appear unassuming or respectable o Pretend to be a new employee, repair man, etc. o May even offer credentials
What is Social Engineering? • Attacker uses human interaction to obtain or compromise information • Attacker my appear unassuming or respectable o Pretend to be a new employee, repair man, etc. o May even offer credentials • By asking questions, the attacker may piece enough information together to infiltrate a companies network o May attempt to get information from many sources
Kevin Mitnick - Art of Deception:
Kevin Mitnick - Art of Deception: • "People inherently want to be helpful and therefore are easily duped"
Kevin Mitnick - Art of Deception: • "People inherently want to be helpful and therefore are easily duped" • "They assume a level of trust in order to avoid conflict"
Kevin Mitnick - Art of Deception: • "People inherently want to be helpful and therefore are easily duped" • "They assume a level of trust in order to avoid conflict" • "It's all about gaining access to information that people think is innocuous when it isn't"
Kevin Mitnick - Art of Deception: • "People inherently want to be helpful and therefore are easily duped" • "They assume a level of trust in order to avoid conflict" • "It's all about gaining access to information that people think is innocuous when it isn't" • Here a nice voice on the phone, we want to be helpful
Kevin Mitnick - Art of Deception: • "People inherently want to be helpful and therefore are easily duped" • "They assume a level of trust in order to avoid conflict" • "It's all about gaining access to information that people think is innocuous when it isn't" • Here a nice voice on the phone, we want to be helpful • Social engineering cannot be blocked by technology alone
Examples of Social Engineering
Examples of Social Engineering • Kevin Mitnick talks his way into central Telco office
Examples of Social Engineering • Kevin Mitnick talks his way into central Telco office o Tells guard he will get a new badge
Examples of Social Engineering • Kevin Mitnick talks his way into central Telco office o Tells guard he will get a new badge o Pretend to work there, give manager name from another branch
Examples of Social Engineering • Kevin Mitnick talks his way into central Telco office o Tells guard he will get a new badge o Pretend to work there, give manager name from another branch o Fakes a phone conversation when caught
Examples of Social Engineering • Kevin Mitnick talks his way into central Telco office o Tells guard he will get a new badge o Pretend to work there, give manager name from another branch o Fakes a phone conversation when caught • Free food at McDonalds
Examples of Social Engineering • Kevin Mitnick talks his way into central Telco office o Tells guard he will get a new badge o Pretend to work there, give manager name from another branch o Fakes a phone conversation when caught • Free food at McDonalds
Live Example
Live Example • Convinced friend that I would help fix their computer
Live Example • Convinced friend that I would help fix their computer • People inherently want to trust and will believe someone when they want to be helpful
Live Example • Convinced friend that I would help fix their computer • People inherently want to trust and will believe someone when they want to be helpful • Fixed minor problems on the computer and secretly installed remote control software
Live Example • Convinced friend that I would help fix their computer • People inherently want to trust and will believe someone when they want to be helpful • Fixed minor problems on the computer and secretly installed remote control software • Now I have total access to their computer through ultravnc viewer
Weakest Link?
Weakest Link? • No matter how strong your: o Firewalls o Intrusion Detection Systems o Cryptography o Anti-virus software
Weakest Link? • No matter how strong your: o Firewalls o Intrusion Detection Systems o Cryptography o Anti-virus software • You are the weakest link in computer security! o People are more vulnerable than computers
Weakest Link? • No matter how strong your: o Firewalls o Intrusion Detection Systems o Cryptography o Anti-virus software • You are the weakest link in computer security! o People are more vulnerable than computers • "The weakest link in the security chain is the human element" -Kevin Mitnick
Conclusion  Social Engineering will always exist, and it is extremely difficult to defend against, but the success of such attacks can be decreased substantially with proper policy and personnel training
Policy from a Social Engineer “The Art of Deception” – K. Mitnick
Policy from a Social Engineer “The Art of Deception” – K. Mitnick Kevin Mitnick outlines an excellent security policy at the end of the book with detailed reasoning at every level to defend against Social Engineering Attacks.
Policy from a Social Engineer “The Art of Deception” – K. Mitnick Kevin Mitnick outlines an excellent security policy at the end of the book with detailed reasoning at every level to defend against Social Engineering Attacks. This book teaches you the tricks of deception so that you can learn how to protect against them.
Policy from a Social Engineer “The Art of Deception” – K. Mitnick Kevin Mitnick outlines an excellent security policy at the end of the book with detailed reasoning at every level to defend against Social Engineering Attacks. This book teaches you the tricks of deception so that you can learn how to protect against them. This is a must read for all security professionals.
Questions?

More Related Content

PPTX
Social Engineering new.pptx
bySanthosh Prabhu
 
PPTX
Kevin mitnick
byrahulkumardevgan
 
PPTX
Cyber security Information security
byAYESHA JAVED
 
PPTX
Cyber Crime - What is Cyber Crime
byAdeel Rasheed
 
PPTX
HACKING
byD's Surti
 
PPTX
Presentation of Social Engineering - The Art of Human Hacking
bymsaksida
 
PPTX
CYBER SECURITY
byPranjalShah18
 
PPT
Spoofing
byGreater Noida Institute Of Technology
 
Social Engineering new.pptx
bySanthosh Prabhu
 
Kevin mitnick
byrahulkumardevgan
 
Cyber security Information security
byAYESHA JAVED
 
Cyber Crime - What is Cyber Crime
byAdeel Rasheed
 
HACKING
byD's Surti
 
Presentation of Social Engineering - The Art of Human Hacking
bymsaksida
 
CYBER SECURITY
byPranjalShah18
 
Spoofing
byGreater Noida Institute Of Technology
 

What's hot

PPTX
Cybercrime
byKomal003
 
PPTX
Pranavi verma-cyber-security-ppt
byPranaviVerma
 
PPTX
Introduction of cryptography and network security
byNEHA PATEL
 
PPTX
Ethical Hacking PPT (CEH)
byUmesh Mahawar
 
PPTX
Cyber security presentation
bysweetpeace1
 
PPTX
Cybersecurity
byEng Hasan Shamroukh CISCO Exams Author
 
PDF
Social Engineering Basics
byLuke Rusten
 
PPTX
Social engineering hacking attack
byPankaj Dubey
 
PPTX
Ethical hacking
byInstitute of Information Security (IIS)
 
PPTX
PowerPoint Presentation On Ethical Hacking in Brief (Simple)
byShivam Sahu
 
PDF
14 tips to increase cybersecurity awareness
byMichel Bitter
 
PDF
EC-Council Certified Ethical Hacker (CEH) v9 - Hackers are here. Where are you?
byITpreneurs
 
PPTX
Cyber crime.pptx
byDawood Faheem Abbasi
 
PDF
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
byEdureka!
 
PPTX
Cybercrime and security
bySheetal Kandhare
 
PDF
La sécurité informatique expliquée aux salariés
byNRC
 
PPTX
Cybercrime a growing threat of 21 st century !!!
byAsma Hossain
 
PPTX
Ethical hacking
byAlapan Banerjee
 
PPTX
DNS Security, is it enough?
byZscaler
 
PDF
The Dark web - Why the hidden part of the web is even more dangerous?
byPierluigi Paganini
 
Cybercrime
byKomal003
 
Pranavi verma-cyber-security-ppt
byPranaviVerma
 
Introduction of cryptography and network security
byNEHA PATEL
 
Ethical Hacking PPT (CEH)
byUmesh Mahawar
 
Cyber security presentation
bysweetpeace1
 
Cybersecurity
byEng Hasan Shamroukh CISCO Exams Author
 
Social Engineering Basics
byLuke Rusten
 
Social engineering hacking attack
byPankaj Dubey
 
Ethical hacking
byInstitute of Information Security (IIS)
 
PowerPoint Presentation On Ethical Hacking in Brief (Simple)
byShivam Sahu
 
14 tips to increase cybersecurity awareness
byMichel Bitter
 
EC-Council Certified Ethical Hacker (CEH) v9 - Hackers are here. Where are you?
byITpreneurs
 
Cyber crime.pptx
byDawood Faheem Abbasi
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
byEdureka!
 
Cybercrime and security
bySheetal Kandhare
 
La sécurité informatique expliquée aux salariés
byNRC
 
Cybercrime a growing threat of 21 st century !!!
byAsma Hossain
 
Ethical hacking
byAlapan Banerjee
 
DNS Security, is it enough?
byZscaler
 
The Dark web - Why the hidden part of the web is even more dangerous?
byPierluigi Paganini
 

Similar to Kevin Mitnick

PPTX
Social engineering
byMaulik Kotak
 
PDF
Kevin Mitnick - The Art of Deception
byRaGaZoMe
 
PDF
nghe thuat lua dao
byHung Pham Thai
 
PDF
Pavlos_Isaris_final_report
byPavlos Isaris
 
PDF
Social engineering
byankushmohanty
 
PPTX
Social engineering
byAlexander Zhuravlev
 
PPT
Social Engineering | #ARMSec2015
byHovhannes Aghajanyan
 
PDF
White Paper: Social Engineering and Cyber Attacks: The Psychology of Deception
byEMC
 
PPTX
Conference about Social Engineering (by Wh0s)
byMarta Barrio Marcos
 
DOCX
ITE516 A3
byJon Newson
 
PPTX
Social engineering-Attack of the Human Behavior
byJames Krusic
 
PDF
socialengineering-100519023327-phpapp02.pdf
byPradmohanSinghTomar1
 
PPTX
Introduction to Social engineering | Techniques of Social engineering
byPrem Lamsal
 
PPT
Social Engineering: "The Cyber-Con"
byabercius24
 
PPTX
Social Engineering By Rakesh Nagekar
bynforceit
 
PDF
Social engineering
byBola Oduyale
 
PPTX
Social engineering
byVîñàý Pãtêl
 
PDF
Airport IT&T 2013 John McCarthy
byRussell Publishing
 
PPTX
Social engineering 101 or The Art of How You Got Owned by That Random Stranger
bySteven Hatfield
 
PPTX
Unmasking-Social-Engineering-Attacks.pptx
byeswaransk38
 
Social engineering
byMaulik Kotak
 
Kevin Mitnick - The Art of Deception
byRaGaZoMe
 
nghe thuat lua dao
byHung Pham Thai
 
Pavlos_Isaris_final_report
byPavlos Isaris
 
Social engineering
byankushmohanty
 
Social engineering
byAlexander Zhuravlev
 
Social Engineering | #ARMSec2015
byHovhannes Aghajanyan
 
White Paper: Social Engineering and Cyber Attacks: The Psychology of Deception
byEMC
 
Conference about Social Engineering (by Wh0s)
byMarta Barrio Marcos
 
ITE516 A3
byJon Newson
 
Social engineering-Attack of the Human Behavior
byJames Krusic
 
socialengineering-100519023327-phpapp02.pdf
byPradmohanSinghTomar1
 
Introduction to Social engineering | Techniques of Social engineering
byPrem Lamsal
 
Social Engineering: "The Cyber-Con"
byabercius24
 
Social Engineering By Rakesh Nagekar
bynforceit
 
Social engineering
byBola Oduyale
 
Social engineering
byVîñàý Pãtêl
 
Airport IT&T 2013 John McCarthy
byRussell Publishing
 
Social engineering 101 or The Art of How You Got Owned by That Random Stranger
bySteven Hatfield
 
Unmasking-Social-Engineering-Attacks.pptx
byeswaransk38
 

Recently uploaded

PDF
Massage Booking App Development Company
byV3CUBE TECHNOLABS
 
PDF
2026 Safety Roadmap: Systems, Skills, and Scale for EHS Leaders
byTECH EHS Solution
 
PDF
20260201 [FOSDEM] gomodjail - library sandboxing for Go modules.pdf
byAkihiro Suda
 
PPTX
HR Software for Construction: Smarter Workforce & Payroll Management
byhelixtahr
 
PDF
Build a Scalable On-Demand Courier Service App
byV3CUBE TECHNOLABS
 
PDF
Track Phone Location on iPhone (2026)_ What Actually Works, What’s a Scam, an...
byOlive Dimitrescu
 
PDF
apidays Australia 2025 | Build Your First MCP Server with Postman Flows
byapidays
 
PDF
apidays Amsterdam 2025 | Making AI work for you as an API Product Manager
byapidays
 
PPTX
GraphQL Day Paris 2025 | Bringing DevOps to GraphQL with the Apollo GraphOS O...
byapidays
 
PDF
Animated Safety Induction: A Smarter Way to Onboard for Workplace Safety
byTECH EHS Solution
 
PDF
Artificial Intelligence Planning (Harinath Palavalli)
byHarinath Palavalli
 
PPTX
Best Digital Marketing Company in Lucknow
bydigitallearning9277
 
PPTX
Device Repair and Maintenance Management
byAxisTechnolabs
 
PDF
Track Phone Location Free by Number (2026)_ What’s Real, What’s a Scam, and t...
byRachel Green
 
PDF
apidays Australia 2025 | Orchestrator vs. Choreography
byapidays
 
PPTX
BUSY Software Business Management Solution.pptx
byMoving Cloud
 
PDF
software architecture for busy developers
byMuhammadAwaisQaisran
 
PDF
Taxi App UIUX Design for Seamless Ride Booking
byV3CUBE TECHNOLABS
 
PDF
JFokus 2026 - Please pass the salt- Serve up passwords with a side of entropy...
byOrtus Solutions, Corp
 
PDF
Metrics, Logs, Traces, and Mayhem_ Introducing an observability adventure gam...
byImma Valls Bernaus
 
Massage Booking App Development Company
byV3CUBE TECHNOLABS
 
2026 Safety Roadmap: Systems, Skills, and Scale for EHS Leaders
byTECH EHS Solution
 
20260201 [FOSDEM] gomodjail - library sandboxing for Go modules.pdf
byAkihiro Suda
 
HR Software for Construction: Smarter Workforce & Payroll Management
byhelixtahr
 
Build a Scalable On-Demand Courier Service App
byV3CUBE TECHNOLABS
 
Track Phone Location on iPhone (2026)_ What Actually Works, What’s a Scam, an...
byOlive Dimitrescu
 
apidays Australia 2025 | Build Your First MCP Server with Postman Flows
byapidays
 
apidays Amsterdam 2025 | Making AI work for you as an API Product Manager
byapidays
 
GraphQL Day Paris 2025 | Bringing DevOps to GraphQL with the Apollo GraphOS O...
byapidays
 
Animated Safety Induction: A Smarter Way to Onboard for Workplace Safety
byTECH EHS Solution
 
Artificial Intelligence Planning (Harinath Palavalli)
byHarinath Palavalli
 
Best Digital Marketing Company in Lucknow
bydigitallearning9277
 
Device Repair and Maintenance Management
byAxisTechnolabs
 
Track Phone Location Free by Number (2026)_ What’s Real, What’s a Scam, and t...
byRachel Green
 
apidays Australia 2025 | Orchestrator vs. Choreography
byapidays
 
BUSY Software Business Management Solution.pptx
byMoving Cloud
 
software architecture for busy developers
byMuhammadAwaisQaisran
 
Taxi App UIUX Design for Seamless Ride Booking
byV3CUBE TECHNOLABS
 
JFokus 2026 - Please pass the salt- Serve up passwords with a side of entropy...
byOrtus Solutions, Corp
 
Metrics, Logs, Traces, and Mayhem_ Introducing an observability adventure gam...
byImma Valls Bernaus
 

Kevin Mitnick

  • 1.
    The Art ofDeception
  • 2.
    Kevin Mitnick FamousSocial Engineer Hacker • Went to prison for hacking • Became ethical hacker "People are generally helpful, especially to someone who is nice, knowledgeable or insistent."
  • 3.
    Kevin Mitnick Arrested and convicted on several counts of computer crime, including hacking and theft of intellectual property
  • 4.
    Kevin Mitnick Arrested and convicted on several counts of computer crime, including hacking and theft of intellectual property  Began at age 12 with faking punch cards for the bus system to gain free rides and continued on to phone phreaking.
  • 5.
    Kevin Mitnick Arrested and convicted on several counts of computer crime, including hacking and theft of intellectual property  Began at age 12 with faking punch cards for the bus system to gain free rides and continued on to phone phreaking.  Used social engineering to steal passwords to company systems.
  • 6.
    Kevin Mitnick Arrested and convicted on several counts of computer crime, including hacking and theft of intellectual property  Began at age 12 with faking punch cards for the bus system to gain free rides and continued on to phone phreaking.  Used social engineering to steal passwords to company systems  He still believes this is far easier to do, even today, than hacking into a system.
  • 7.
    Kevin Mitnick Arrested and convicted on several counts of computer crime, including hacking and theft of intellectual property  Began at age 12 with faking punch cards for the bus system to gain free rides and continued on to phone phreaking.  Used social engineering to steal passwords to company systems  He still believes this is far easier to do, even today, than hacking into a system.  Since his release from prison, Kevin has started his own computer security company and gives talks around the country about social engineering and other security topics.
  • 9.
    What is SocialEngineering?
  • 10.
    What is SocialEngineering? • Attacker uses human interaction to obtain or compromise information
  • 11.
    What is SocialEngineering? • Attacker uses human interaction to obtain or compromise information • Attacker my appear unassuming or respectable o Pretend to be a new employee, repair man, etc. o May even offer credentials
  • 12.
    What is SocialEngineering? • Attacker uses human interaction to obtain or compromise information • Attacker my appear unassuming or respectable o Pretend to be a new employee, repair man, etc. o May even offer credentials • By asking questions, the attacker may piece enough information together to infiltrate a companies network o May attempt to get information from many sources
  • 13.
    Kevin Mitnick -Art of Deception:
  • 14.
    Kevin Mitnick -Art of Deception: • "People inherently want to be helpful and therefore are easily duped"
  • 15.
    Kevin Mitnick -Art of Deception: • "People inherently want to be helpful and therefore are easily duped" • "They assume a level of trust in order to avoid conflict"
  • 16.
    Kevin Mitnick -Art of Deception: • "People inherently want to be helpful and therefore are easily duped" • "They assume a level of trust in order to avoid conflict" • "It's all about gaining access to information that people think is innocuous when it isn't"
  • 17.
    Kevin Mitnick -Art of Deception: • "People inherently want to be helpful and therefore are easily duped" • "They assume a level of trust in order to avoid conflict" • "It's all about gaining access to information that people think is innocuous when it isn't" • Here a nice voice on the phone, we want to be helpful
  • 18.
    Kevin Mitnick -Art of Deception: • "People inherently want to be helpful and therefore are easily duped" • "They assume a level of trust in order to avoid conflict" • "It's all about gaining access to information that people think is innocuous when it isn't" • Here a nice voice on the phone, we want to be helpful • Social engineering cannot be blocked by technology alone
  • 19.
    Examples of SocialEngineering
  • 20.
    Examples of SocialEngineering • Kevin Mitnick talks his way into central Telco office
  • 21.
    Examples of SocialEngineering • Kevin Mitnick talks his way into central Telco office o Tells guard he will get a new badge
  • 22.
    Examples of SocialEngineering • Kevin Mitnick talks his way into central Telco office o Tells guard he will get a new badge o Pretend to work there, give manager name from another branch
  • 23.
    Examples of SocialEngineering • Kevin Mitnick talks his way into central Telco office o Tells guard he will get a new badge o Pretend to work there, give manager name from another branch o Fakes a phone conversation when caught
  • 24.
    Examples of SocialEngineering • Kevin Mitnick talks his way into central Telco office o Tells guard he will get a new badge o Pretend to work there, give manager name from another branch o Fakes a phone conversation when caught • Free food at McDonalds
  • 25.
    Examples of SocialEngineering • Kevin Mitnick talks his way into central Telco office o Tells guard he will get a new badge o Pretend to work there, give manager name from another branch o Fakes a phone conversation when caught • Free food at McDonalds
  • 26.
  • 27.
    Live Example •Convinced friend that I would help fix their computer
  • 28.
    Live Example •Convinced friend that I would help fix their computer • People inherently want to trust and will believe someone when they want to be helpful
  • 29.
    Live Example •Convinced friend that I would help fix their computer • People inherently want to trust and will believe someone when they want to be helpful • Fixed minor problems on the computer and secretly installed remote control software
  • 30.
    Live Example •Convinced friend that I would help fix their computer • People inherently want to trust and will believe someone when they want to be helpful • Fixed minor problems on the computer and secretly installed remote control software • Now I have total access to their computer through ultravnc viewer
  • 31.
  • 32.
    Weakest Link? •No matter how strong your: o Firewalls o Intrusion Detection Systems o Cryptography o Anti-virus software
  • 33.
    Weakest Link? •No matter how strong your: o Firewalls o Intrusion Detection Systems o Cryptography o Anti-virus software • You are the weakest link in computer security! o People are more vulnerable than computers
  • 34.
    Weakest Link? •No matter how strong your: o Firewalls o Intrusion Detection Systems o Cryptography o Anti-virus software • You are the weakest link in computer security! o People are more vulnerable than computers • "The weakest link in the security chain is the human element" -Kevin Mitnick
  • 35.
    Conclusion  SocialEngineering will always exist, and it is extremely difficult to defend against, but the success of such attacks can be decreased substantially with proper policy and personnel training
  • 36.
    Policy from aSocial Engineer “The Art of Deception” – K. Mitnick
  • 37.
    Policy from aSocial Engineer “The Art of Deception” – K. Mitnick Kevin Mitnick outlines an excellent security policy at the end of the book with detailed reasoning at every level to defend against Social Engineering Attacks.
  • 38.
    Policy from aSocial Engineer “The Art of Deception” – K. Mitnick Kevin Mitnick outlines an excellent security policy at the end of the book with detailed reasoning at every level to defend against Social Engineering Attacks. This book teaches you the tricks of deception so that you can learn how to protect against them.
  • 39.
    Policy from aSocial Engineer “The Art of Deception” – K. Mitnick Kevin Mitnick outlines an excellent security policy at the end of the book with detailed reasoning at every level to defend against Social Engineering Attacks. This book teaches you the tricks of deception so that you can learn how to protect against them. This is a must read for all security professionals.
  • 40.