Presentation: Nihilist’s Guide to Wrecking Humans and Systems

Location:

Duration

Duration: 
5:25pm - 6:15pm

Day of week:

Abstract

The fault of the computer system is that it can only follow instructions. The fault of the human is that it can only make judgement calls. When we think about this in relation to information security, it presents an interesting opportunity to destructively combine the two and use it for evil.

We often assume that out of all the elements within our organisations and systems, people are most likely to expose us to risk. People create technical systems and people man these systems. The problem? We almost always focus on human and technical threats as separate risks and don’t consider the harm that can be done when combined.

Together, we will explore how social engineering can be used in conjunction with technical attacks to create sophisticated and destructive attack chains, share some real world scenarios and talk about what we’re doing wrong to protect against these threats. We will show you how a seemingly innocent phone call can lead to complete internal network compromise, how a purposely bad phishing email can be utilised to your benefit, and how people are generally bad at trust and computers.

Tracks

Covering innovative topics

Monday, 7 March

Tuesday, 8 March

Wednesday, 9 March

Conference for Professional Software Developers