Cisco Blogs

Social Engineering – the Exploit that Predates Computers

June 17, 2011 - 3 Comments

At Cisco we understand that the field of IT has grown considerably over the past few years, reaching the point where even professionals in the industry can have a hard time keeping up with everything that is happening in all areas. With groups like Anonymous and LulzSec taking down some pretty big names, it is clear that there is need for greater awareness of security and some of the issues that make security an interesting but ongoing challenge.

We have recruited Scott Olechowski and Patrick Peterson (read about Peterson’s epic battle against spam in Forbes) to make a series of videos, each of which will present a single issue in a bite-sized nugget that will hopefully be both informative and interesting. We have written and filmed these videos such that a fairly wide audience, from IT generalists to clueful laypersons, would likely understand and get something from them. We realize that communicating with users about security, or just about any IT-related issue, for that matter, can be challenging at best. We hope that these videos will be shared with users and help communicate the importance of security.

Kevin Mitnick's Business Card

Kevin Mitnick’s Business Card

The first video in the series takes its title from a phrase coined by famed hacker Kevin Mitnick (@kevinmitnick, a man who has what must be the coolest business card in the world), “Social Engineering.”

Social Engineering is the practice of using guile, deception and misdirection to cause a victim to take action to help facilitate or enable an exploit, and is thus the only hacking technique that predates information technology. It is also one of the biggest threats we face in the industry today. Indeed, the 2010 Cisco Annual Security Report covered social engineering and the role it played in Zeus, Koobface and the Cutwail botnet.

Here’s the video, the first in the SecureX Files series. We hope you enjoy it and share it with others, but don’t forget to come back soon, as we will be releasing additional videos over the next several weeks. Stay tuned!

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.


  1. Would a corporation be able to provide links to this video for use in our security awareness communications?

    • Greetings Khurt, please feel free to link to this video for your security awareness efforts. Oh, by the way, be sure to come back, we have other videos in this series on the way!

  2. Great article. In my experience as a developer, web security is a bigger deal than people are treating it, especially when it comes to their own websites. Most figure they won’t have security issues because they are too small, and assume that once they are big they will have the funds to improve their security. However security should be addressed before beginning any development cycle, not after the fact, or you risk everything.

    In reference to social engineering the following link is a cool tool for influential social engineering.