Presented at
DerbyCon 2.0 Reunion (2012),
Sept. 28, 2012, 7 p.m.
(50 minutes)
As time goes by, and defenses get stronger, attackers are responding by upping their game as well. Techniques and tactics that defenders must contend with keep escalading, becoming more difficult to content with and track. With that in mind, social engineering is the easiest and quickest way into companies. We have analyzed some of the ways that social engineers manipulate their targets and then interviewed some of the top minds in the world on the subjects of conmen, persuasion, body language and microexpressions. Blending the research of the great minds in these sciences like Dr. Ekman, Joe Navaro and more with the work of scientist in Northern University we have created a new area of research – Nonverbal Human Hacking.
Nonverbal Human Hacking is learning about how the nonverbal communications YOU PORTRAY can influence your targets. It is a mixture of the principles of persuasion, Body language and Microexpressions used to manipulate targets into an emotional state that allows for control.
This speech delves into understanding this avenue that social engineers use so 1) we can identify and protect and 2) as security enthusiast we can utilize these skills in our pentests and audits.
1. Intro
2. Who am I and why listen
3. What is Social Engineering?
4. Statistics
5. Defining aspects of Influence and Persuasion
6. Analyzing nonverbal human hacking and how it is used
7. Defining Body Language Reading
8. Defining Vocal Tones being used
9. Defining microexpressions
10. microexpressions demo
11. scientific research that backs up my claims (mirror neurons)
12. What can we do to mitigate?
13. Q&A
Presenters:
-
Chris Hadnagy / loganWHD
as Chris Hadnagy (loganWHD)
Chris Hadnagy, aka loganWHD presently focuses on the “human” aspect of technology such as social engineering and physical security. Chris has spent time in providing training in many topics around the globe and also has had many articles published in local, national and international magazines and journals.
Chris is an student of Paul Ekman’s training classes on Microexpressions and has spent time learning and educating others on the values of nonverbal communications. He is also the lead developer of Social-Engineer.Org as well as the author of the best-selling book, Social Engineering: The Art of Human Hacking.
He has launched a line of professional social engineering training and pen testing services at Social-Engineer.Com. His goal is to help companies remain secure by educating them on the methods the “bad guys” use. Analyzing, studying, dissecting then performing the very same attacks used by malicious hackers on some of the most recent attacks (i.e. Sony, HB Gary, LockHeed Martin, etc), Chris is able to help companies stay educated and secure.
Chris runs one of the web’s most successful security podcasts, The Social-Engineer.Org Podcast which spends time each monthly analyzing someone who has to use influence and persuasion in their daily lives. By dissecting what they do, we can learn how we can enhance our abilities. That same analysis runs over to the equally popular SEORG Newsletter. After two years, both of these have become a staple in most serious security practices and are used by Fortune 500 companies around the world to educate their staff. Chris can be found online at www.social-engineer.org, www.social-engineer.com and twitter as @humanhacker.
Similar Presentations: