Inside the mind of a social engineer
Meet Richard De Vere, Ultima's Head of Social Engineering and Founder of The AntiSocial Engineer
"Social engineering is based on a simple concept – our natural inclination to trust other people. Criminals exploit this tendency in number of ways: they constantly evolve their techniques as people get wise to their tactics, or change their behaviours (like working from home) or adopt new technologies (think Teams and WhatsApp)."
How does it work in practice?
Who better to highlight the worrying ease with which social engineering attacks can be perpetrated other than someone who’s done more than a few of them himself?
Ultima’s Head of Social Engineering and Founder of The AntiSocial Engineer, Richard De Vere has exposed security weaknesses in businesses by imitating the behaviour of criminals.
Spending many years looking at these practices, Richard has been able to identify vulnerabilities in every day human behaviour and psychology, and then apply the learnings to help businesses harden their defences.
Example 1: The covert entry
Richard used a huge bunch of flowers to get past the receptionist of a large office complex and gain unaccompanied access to the boardroom, where he was able to plant a listening device.
From this, Richard gained unadulterated access to everything that went on in the conference room – all for the price of a bunch of flowers.
Example 2: The major data breach
Richard was the first to identify the vulnerability that ultimately led to hundreds of thousands of customers’ being stolen from TalkTalk’s systems in 2015.
Richard alerted the company to the issue shortly before news of the breach hit the headlines.
The following predictions are based on Richard’s inside knowledge and many years of experience in social engineering and its prevention.