Social Engineering from the Detective Perspective

Presented at ShmooCon 2023, Jan. 20, 2023, 5:30 p.m. (30 minutes).

Social Engineering is nothing new, and while most people know this they don’t fully appreciate how police and others use specific elements of the craft to get past our defenses. In this short talk, I go over two of the major techniques that police and hostage negotiators use to get results. Primarily these methods are lumped into two main groupings: Hard and Soft. I discuss how the hard method is what most people think of as the typical interrogation where pressure is slowly increased until a strong emotional reaction is obtained from the target. I talk about how the soft method includes skills normally associated with hostage negotiators and social workers, and how the two basic methods are often combined to great effect. I give examples from both policing and from cyber security, and discuss ways to protect yourself and your company from those who would use these methods against you.

Presenters:

• Tom Howard
  Tom Howard has a long history of using his ‘gift of gab’ to achieve specific human outcomes. He first honed this skill working tech support at Dell in the late 90’s, and further honed it as a Detective and Hostage Negotiator for the Austin Police Department in Austin, Texas. A former Marine Corps infantryman, Tom has been a cyber operator in the Air Force for the past 5 years and does the same in his current role with Zetier, a cyber engineering company.

Similar Presentations:

• REcon 2011 / The Future of Social Engineering
• DeepSec 2015 „DeepSec No. 9“ / Social Engineering and Security Awareness
• DeepSec 2013 „Secrets, Failures, and Visions“ / Social Engineering Awareness Training - One Day Training Course