Social Engineering and Hacking Skills Put to the Test at HITB 2012 Amsterdam

As we’ve mentioned on previous occasions, this year’s Hack in the Box (HITB) security conference in Amsterdam will feature a lot of great speakers and challenges. One of these will be the “Social Engineering and CTF Challenge” created and run by Sogeti Nederland B.V.

“With #SSEC2012, Sogeti Nederland is very excited to bring a social engineering element into this year’s HITBSecConf. The human factor is often referred to as the weak link in infosecurity defenses,” revealed Martin Visser, a senior security specialist.

“This challenge is aimed to not only highlight the human risk factor, but to also demonstrate the ease with which it can be compromised. Knowing what are the common pretext strategies used to fraud employees is key in protecting organisations from social engineering attacks.”

The competitor’s skills will certainly be put to the test in the contest whose purpose is to raise awareness on attacks that target the weakest link in cybersecurity, the human factor.

Over the course of two days participants will have to hack into wireless routers, social engineer the employees of high-profile Dutch companies and solve a challenge in Sogeti’s CTF web app.

For the social engineering part, contestants will have to trick company employees into performing certain tasks or handing out certain pieces of information. Of course, they will not have to obtain passwords or other sensitive data, but less significant details such as the name of the company’s catering company.

“The human element remains a major potential security vulnerability in any organisation. Verizon’s 2011 Data Breach Investigations report showed that 11% of breaches are from social engineering attacks and of these, 44% are from pretexting”, said Dhillon Andrew Kannabhiran, the founder and CEO of HITB.

Users from all around the world can join in on the action since it will be broadcasted via webcam feed and audio stream.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.