It’s often been said that the weakest security link in a computer network is the user. In the story described by Bruce Schneier on Security, a basketball team on the west coast of the US decided to use a chat system the night before a big match to psyche out a major player from the opposing team, and effectively preventing him from performing at his best. Using chants and “YOU’VE BEEN HAACKED!” statements during the game, the player was utterly demoralised, and his concentration on the game was shattered.
This is Social Engineering – something Kevin Mitnick is famous for. But in this case, rather than using a real world trap to access a digital system, digital communications in a chat room were used to trap someone into compromising a real world function.
Ethically, of course, social engineering is completely taboo. But we’re seeing it used increasingly in business, politics and of course, in hacking. The trick is to know when it’s happening, and to take all measures to ensure networks – and even basketball teams – remain secure. That’s a tough ask, but with adequate training it can be done. In the meantime, I foresee a time when sporting teams are banned from chat rooms the night before games.