Kevin Mitnick, the famed American hacker who has parlayed his notoriety into a successful career as a security professional, said human frailty is still the weakest link in the security chain.
Mitnick made the assertion during ?The Hacker?s Code? security conference sponsored by ePLDT at The Fort Shangri-La in Taguig City last April 11. This was his first visit to the Philippines.
According to Mitnick, hacking into a system is always a possibility because there is always a human element involved. ?Even in this era of AI (artificial intelligence), I don?t think systems will be free of human intervention. There will always be people involved,? Mitnick, who spent five years in prison in the US for hacking-related offenses.
For this reason, Mitnick said cyber-criminals will still prefer or use social engineering to trick security folks and break into a system. To illustrate his point, the renowned hacker demonstrated during the conference a method to crack a two-factor authentication system using social engineering tactics.
To avoid falling into similar traps, Mitnick said it is important for enterprises or even small businesses to conduct social engineering training for its employees. He also stressed the need for regular security penetration testing and monitoring as being part of a truly successful cybersecurity model.
The security event, which was co-presented with IT security provider Check Point Software Technologies, was attended by over 500 customers and partners from the Contact Center Association of the Phils (CCAP), Phil. Retailers Association (PRA), Semiconductor and Electronics Industries of the Phils (SEIPI), as well as guests from the banking and finance industry, manufacturing, healthcare, BPO and government sectors.
?Being one of the emerging economies of the region, the Philippines is also considered one of the biggest targets for cyberterrorists, cybercriminals, and nation-state sponsored hackers. In response, we at PLDT Enterprise and ePLDT have pioneered efforts in the education and empowerment of businesses. Cyber security should no longer be viewed as ?optional?, especially in today?s constantly changing landscape,? stated SVP and head of PLDT and Smart Enterprise Groups Jovy Hernandez.
For her part, ePLDT Group?s SVP and chief operating officer Nerisse Ramos said key decision-makers in every organization should be more proactive in implementing a cyber security strategy.
?The threats we all face are evolving and becoming more advanced at an alarmingly rapid rate. It is critical that we are ready and we accept that no company or individual is 100% safe from any breach. Thus, as business leaders and protectors of your organizations, you can no longer afford to be ill-prepared in today?s world. Preparedness means being ready before, during and after an attack,? she said.