Word: stickley
(lookup in dictionary)
(lookup stats)
Dates: all
Sort By: most recent first
(reverse)
...designed to get them to cough up their account information (and then, too often, the contents of that account). Fake heists show that customers aren't the only weak link in the chain. "We have hacked into every single online banking application that we've tested, except one," says Stickley. So even if you follow all the rules--never respond to an e-mail purporting to be from a bank, shred every piece of paper containing personal information, only return a phone call to a financial institution using the number on the back of your card--you could still have...
Thankfully, they're not genuine bad guys. Their fake uniforms and IDs are supplied by TraceSecurity, a Louisiana-based outfit co-founded by Stickley that is hired by companies to test their security systems. And it's not much of a test. In four years, Stickley and his colleagues have never failed to crack those systems, mostly because people are too trusting, too unaware or simply too lazy to take the necessary steps that would deter thieves...
...Still, Stickley has successfully breached health-care organizations, lotteries, retail companies and government offices. TraceSecurity offers traditional risk, compliance and IT assessments, but the part that Stickley loves best is what he calls a "social-engineering engagement." That's a polite term for a break-in. TraceSecurity engineers infiltrate a target organization posing as pest controllers, fire officials, OSHA inspectors and even foreign diplomats; once in, they trick employees into allowing them access to sensitive data. A one-off engagement costs anywhere from $5,000 to $25,000. There are dozens of outfits around the country engaged in some form...
TIME accompanied TraceSecurity on a recent string of in-person "heists" on the West Coast. At one credit-union branch, Stickley flirted with female staff members in the break room while Alsbury, who played the straight man to Stickley's goofy charmer, had four minutes alone in a credit union's communications hub--plenty of time to install a wireless "sniffer" that could later broadcast information going in and out of the bank. He could also have shut down the security cameras, alarm and telephone systems. The pair got access to the back side of the ATM and a room...
...does a company that boasts the ability to crack any system convince clients that it's safe to hire that firm? Stickley says the company's 50 employees have extensive background checks, supplied to clients if requested. Typically, employees are drawn from lines of work such as corporate security and computer engineering. But hackers need not apply. "We don't hire anyone who we believe was a former hacker," Stickley says. "Someone who can program and do network administration, you can teach them to hack. It's just too dangerous to put a hacker in a bank." Says Ferguson...