Ok, here is some more real truth about the subversive security threat that we face in the here and now. Written in 2002 this enlightening article by some of the folks at Dartmouth College is one of the first papers on security intelligence to reach a wide audience. In essence, this paper proposes a model of subversive behaviour which begins by manipulating a users perception and finishes by taking advantage of the users response in order to carry out an attack. Cybenko and colleagues seemingly promote 'Cognitive Hacking' as a new label for a more sophisticated type of information security classification. One that combines conventional forms of technological attack with social engineering and intelligence tradecraft practices to form a new kind of subversive warfare, entitled 'Cognitive Hacking'. Whilst the paper outlines admirably the concepts involved, it does however fail to offer a broad enough solution in the form of effective counter-measures.
The article starts...
On August 25 2000, Stockholders were stunned by news that Emulex, a server and storage provider, was revising its earnings from $0.25 per share gain to $0.15 loss and that it was lowering it's reported net earnings from the previous quarter as well. The press release, which business news services like Dow Jones, Bloomberg and CBS Marketwatch were distributing, went on to state that CEO Paul Folino had resigned and that the company was under SEC investigation. Within 16 minutes, Emulex shares had plummeted from their previous days close of approximately $104 per share to $43.
Only none of it was true.
The full article by the folks at Dartmouth College is available here http://www.ists.dartmouth.edu/library/chb0802.pdf