Title: The Art of Intrusion
The Real Stories behind the Exploits of Hackers, Intruders & Deceivers
Authors: Kevin D Mitnick & William L Simon
Publisher: Wiley Publishing
Kevin D Mitnick was one of the best-known hackers in the USA before he decided to go straight. William L Simon is an award-winning author.
The tools available to hackers are such that no system is safe. Only those in the business realise just how smart and well organised are today’s hackers.
If you want to secure your security system, the best person to engage is a former hacker as they have the best background to know how to secure the system. It takes a hacker’s mentality to know the vulnerable points of the system.
The quality of the security systems in place will often dictate not on whether the system can be broken into but how long it takes. It would appear that hackers who are determined to crack a particular computer system are generally able to do so.
The most amusing chapter is the one on social engineering. This is the gentle art of a person using social skills to break into sites physically to gain access to parts of the organisation that should be impenetrable.
Much depends on how good the social engineer is at chatting up staff and appearing to be a legitimate member of the staff. This is possibly the easiest way to ‘hack’ into the organisation largely because most staff (including security) are easily hoodwinked by a persuasive stranger.
Where the password is a dictionary word, it takes only minutes to crack it. The best passwords are those that are random and composed of a combination of alpha-numerals. A password such as a2H8Ys3X would be difficult to crack.
The problem is how to remember it without writing it down!
This is one of the few books that I have read recently that has not been printed in China. This one is printed on poor quality paper and the print on the left-hand pages is so close to the gutter that it is difficult to read.
This book may be a valuable investment if only it makes the reader more careful in choosing passwords or indeed in choosing a password. Several hacks were facilitated by systems administrators who did not bother even to change the passwords that came with the systems. The most common password was: ‘password’!
Dr Jeff Wooller
President of the Institute of Professional Financial Managers, IPFM.
For further book reviews see: www.hrzone.co.uk/community/reviews