You can refuse to call them hackers, everyone is entitled to be wrong about something.
Kevin Mitnick was a prolific hacker who used social engineering regularly to infiltrate, and hackers still do today. Humans are a massive weak point in any org, that’s why we have to take quarterly training not to be a moron and let someone into our network through doing something stupid.
Mitnick was also a hacker, but I never considered his social engineering feats as hacking themselves. They were definitely what let him accomplish his goals though and I consider those skills adjacent, just like lock picking. If you see someone picking a lock, I doubt your brain says “OMG a hacker!”.
Defcon would disagree. I’ve watched so many presenters talk about all forms of penetration testing, many of which used social engineering and lockpicking as a way to create exploitable vulnerabilities in networks. Whether or not you care to call them hackers… It doesn’t really matter, won’t stop them from hacking.
Real hackers social-engineered their way into high security systems decades before the first blue haired femboy nerd proudly announced “Btw i am usin Arch!”
Tbf, some of the best hackers were social engineering their way into the backend just by calling up certain support numbers in the 80s
I refuse to call social engineers hackers, conmen is more fitting.
You can refuse to call them hackers, everyone is entitled to be wrong about something.
Kevin Mitnick was a prolific hacker who used social engineering regularly to infiltrate, and hackers still do today. Humans are a massive weak point in any org, that’s why we have to take quarterly training not to be a moron and let someone into our network through doing something stupid.
Mitnick was also a hacker, but I never considered his social engineering feats as hacking themselves. They were definitely what let him accomplish his goals though and I consider those skills adjacent, just like lock picking. If you see someone picking a lock, I doubt your brain says “OMG a hacker!”.
Defcon would disagree. I’ve watched so many presenters talk about all forms of penetration testing, many of which used social engineering and lockpicking as a way to create exploitable vulnerabilities in networks. Whether or not you care to call them hackers… It doesn’t really matter, won’t stop them from hacking.
The weakest link in cybersecurity are usually the users after all.
Hacking is making something work in an unconventional or unexpected way. Social engineers hack people in that way.
Real hackers social-engineered their way into high security systems decades before the first blue haired femboy nerd proudly announced “Btw i am usin Arch!”