Book review:
Art of Deception: Controlling the Human Element of Security
A Tour De Force Of Social Engineering Know How
With a forward by Steve Wozniak
Kevin Mitnick’s exploits as a cyber-desperado and fugitive from one of the most exhaustive FBI manhunts in history have spawned dozens of articles, books, films, and documentaries. Since his release from federal prison in 2000, Mitnick has turned his life around and established himself as one of the most sought-after computer security experts worldwide. Now, in The Art Of Deception, the world’s most famous hacker gives new meaning to the old adage, “It takes a thief to catch a thief.”
Inviting you into the complex mind of the hacker, Mitnick provides realistic scenarios of cons, swindles, and social engineering attacks on business – and the consequences. Focusing on the human factors involved with information security, Mitnick explains why all the firewalls and encryption protocols in the world will never be enough to stop a savvy grifter intent on rifling a corporate database or an irate employee determined to crash a system. He illustrates just how susceptible even the most locked-down information systems are to a determined con artist impersonating an IRS agent or any other seemingly innocent character. Narrated from the points of view of both the attacker and the victim, The Art Of Deception explores why each attack was so successful – and how it could have been averted – in an engaging and highly readable manner reminiscent of a true-crime novel.
Most importantly, Mitnick redeems his former life of crime by providing specific guidelines for developing protocols, training programs, and manuals to ensure that a company’s sophisticated technical security investment will not be for naught. He shares his advice for preventing security vulnerability in the hope that people will be mindfully on guard for an attack from the gravest risk of all – human nature.
From ThinkGeek