When summer hits full swing, you can always count on the tried and true activities that are the hallmarks of these warmer months. School is out, families are embarking on vacation, beachgoers are frying in the sun, and thousands of hackers are preparing to converge on Vegas for arguably the world’s largest hacker conference, DEF CON, during which they often wreak a little havoc on the private sector in the name of fun and raising awareness of security flaws.
Is getting hacked not on your list of typical summer fun? Well, to see how you can avoid it, let’s consider just one of this year’s DEF CON events, billed as a “capture the flag” contest. This contest is a bit lower-tech than you might expect. Rather than hunching over a laptop, cracking a sophisticated computer code to gain access to information systems, this year’s participants need only pick up a phone and engage in “social engineering.” In short, the contestants will be showing off their social engineering prowess by calling the target organization and using all their powers of deception and coercion to extract (within 20 minutes) as many “flags” as possible from the unlucky person who answered the phone. The flags are specific items of information, selected in advance by contest organizers. Who is the target? The unfortunate targets have been selected from among contestant suggestions and so could be any organization except (as DEF CON wisely suggests) government agencies or defense contractors. For more on the rules and particulars, visit the contest site.
Please see full publication below for more information.