Mitnick K.D., Simon V.L. - The Art of Deception (2003)(en)

Employee directory check

Verify that requester is listed in online directory.

Requester's manager verification

Call requester's manager using phone number listed in company directory.

Requester's department or workgroup verification

Call requester's department or workgroup and determine that requester is still employed by company.

Procedure to Determine Need to Know

ACTION / DESCRIPTION

Consult job tide/ workgroup/ responsibilities list

Check published lists of which employees are entitled to specific classified information.

Obtain authority from manager

Contact your manager, or the manager of the requester, for authority to comply with the request.

Obtain authority from the information Owner or designee

Ask Owner of information if requester has a need to know.

Obtain authority with an automated tool

Check proprietary software database for authorized personnel.

Criteria for Verifying Non-Employees

CRITERION / ACTION

Relationship

Verify that requester's firm has a vendor, strategic partner, or other appropriate relationship.

Identity

Verify requester's identity and employment status at the vendor/partner firm.

Nondisclosure

Verify that the requester has a signed nondisclosure agreement on file.

Access

Refer the request to management when the information is classified above Internal.

Data Classification

CLASSIFICATION / DESCRIPTION / PROCEDURE

Public

Can be freely released to the public

No need to verify.

Internal

For use within the company

Verify identity of requester as active employee or verify nondisclosure agreement on file and management approval for non employees.

Data Classification (Continued)

CLASSIFICATION / DESCRIPTION / PROCEDURE

Private

Information of a personal nature intended for use only within the organization

Verify identity of requester as active employee or only within non employee with the organization, authorization. Check with human resources department to disclose Private information to authorized employees or external requesters.

Confidential

Shared only with people with an absolute need to know within the organization

Verify identity of requester and need to know from designated information Owner. Release only with prior written consent of manager, or information Owner or designee. Check for nondisclosure agreement on file. Only management personnel may disclose to persons not employed by the company.

SOURCES

CHAPTER 1

BloomBecker, Buck. 1990. Spectacular Computer Crimes: What They Are and How They Cost American Business Half a Billion Dollars a Dar. Irwin Professional Publishing.

Littman, Jonathan. 1997. The Fugitive Game: Online with Kevin Mitnick. Little Brown & Co.

Penenberg, Adam L. April 19, 1999. "The Demonizing of a Hacker." Forbes.

CHAPTER 2

The Stanley Rifldn story is based on the following accounts:

Computer Security Insitute. Undated. "Financial losses due to Internet intrusions, trade secret theft and other cyber crimes soar." Press release. Epstein, Edward Jay. Unpublished. "The Diamond Invention." Holwick, Rev. David. Unpublished account.

Mr. Rifkin himself was gracious in acknowledging that accounts of his exploit differ because he has protected his anonymity by declining to be interviewed.

CHAPTER 16

Cialdini, Robert B. 2000. Influence: Science and Practice, 4th edition. Allyn and Bacon.

Cialdini, Robert B. February 2001. "The Science of Persuasion." Scientific American. 284:2.

CHAPTER 1 7

Some policies in this chapter are based on ideas contained in: Wood, Charles Cresson. 1999. "Information Security Policies Made Easy." Baseline Software.

Acknowledgments

FROM KEVIN MITNICK

True friendship has been defined as one mind in two bodies; not many people in anyone's life can be called a true friend. Jack Biello was a loving and caring person who spoke out against the extraordinary mistreatment I endured at the hands of unethical journalists and overzealous government prosecutors. He was a key voice in the Free Kevin movement and a writer who had an extraordinary talent for writing compelling articles exposing the information that the government doesn't want you to know. Jack was always there to fearlessly speak out on my behalf and to work together with me preparing speeches and articles, and, at one point, represented me as a media liaison.

This book is therefore dedicated with love to my dearest friend Jack Biello, whose recent death from cancer just as we finished the manuscript has left me feeling a great sense of loss and sadness.

This book would not have been possible without the love and support of my family. My mother, Shelly Jaffe, and my grandmother, Reba Vartanian, have given me unconditional love and support throughout my life. I am so fortunate to have been raised by such a loving and dedicated mother, who I also consider my best friend. My grandmother has been like a second morn to me, providing me with the same nurturing and love that only a mother could give. As caring and compassionate people, they've taught me the principles of caring about others and lending a helping hand to the less fortunate. And o, by imitating the pattern of giving and caring, I in a sense follow the paths of their lives. I hope they'll forgive me for putting them in second place during the process of writing this book, passing up chances to see them with the excuse of work and

deadlines to meet. This book would not have been possible without their continued love and support that I'll forever hold close to my heart.

How I wish my dad, Alan Mitnick, and my brother, Adam Mitnick, would have lived long enough to break open a bottle of champagne with me on the day this book first appears in a bookstore. As a salesman and business owner, my father taught me many of the finer things that I will never forget. During the last months of my Dad's life I was fortunate enough to be able to be at his side to comfort him the best I could, but it was a very painful experience from which I still have not recovered.

My aunt Chickie Leventhal will always have a special place in my heart; although she was disappointed with some of the stupid mistakes I've made, nevertheless she was always there for me, offering her love and support. During my intense devotion to writing this book, I sacrificed many opportunities to join her, my cousin, Mitch Leventhal, and her boyfriend, Dr. Robert Berkowitz, for our weekly Shabbat celebration.

I must also give my warmest thanks to my mother's boyfriend, Steven Knittle, who was there to fill in for me and provide my mother with love and support.

My dad's brother clearly deserves much praise; one could say I inherited my craft of social engineering from Uncle Mitchell, who knew how to manipulate the world and its people in ways that I never even hope to understand, much less master. Lucky for him, he never had my passion for computing technology during the years he used his charming personality to influence anyone he desired. He will always hold the title of the grand-master social engineer.

And as I write these acknowledgements, I realize I have so many people to thank and to express appreciation to for offering their love, friendship, and support. I cannot begin to remember the names of all the kind and generous people that I've met in recent years, but suffice it to say I would need a computer to store them all. There have been so many people from all over the world who have written to me with words of encouragement, praise, and support. These words have meant a great deal to me, especially during the times I needed it most.

I'm especially thankful to all my supporters who stood by me and spent their valuable time and energy getting the word out to anyone who would

listen, voicing their concern and objection over my unfair treatment and the hyperbole created by those who sought to profit from the "The Myth of Kevin Mitnick."

I have had the extraordinary fortune of being teamed up with best-selling author Bill Simon, and we worked diligently together despite our different work patterns. Bill is highly organized, rises early, and works in a deliberate and well-planned style. I'm grateful that Bill was kind enough to accommodate my late-night work schedule. My dedication to this project

and long working hours kept me up well into the early morning that conflicted with Bill's regular working schedule.

Not only was I lucky to be teamed with someone who could transform my ideas into sentences worthy of a sophisticated reader, but also Bill is (mostly) a very patient man who put up with my programmer's style of focusing on the details. Indeed we made it happen. Still, I want to apologize

to Bill in these acknowledgments that I will always regret being the

one, because of my orientation to accuracy and detail, who caused him to be late for a deadline for the first and only time in his long writing career. He has a writer's pride that I have finally come to understand and share; we hope to do other books together.

The delight of being at the Simon home in Rancho Santa Fe to work and to be pampered by Bill's wife, Arynne, could be considered a highlight

of this writing project. Arynne's conversation and cooking will battle in my memory for first place. She is a lady of quality and wisdom, full of fun,

who has created a home of warmth and beauty. And I'll never drink a diet soda again without hearing Arynne's voice in the back of my mind admonishing me on the dangers of Aspartame,

Stacey Kirkland means a great deal to me. She has dedicated many hours of her time assisting me on the Macintosh to design the charts and graphics

that helped give visual authority to my ideas. I admire her wonderful qualities; she is truly a loving and compassionate person who deserves only

the good things in life. She gave me encouragement as a caring friend and

is someone who I care deeply about. I wish to thank her for all her loving support, and for being there for me whenever I needed it.