HOME

TheInfoList



Click Here for Items Related To - Psychological subversion
OR:
Psychological subversion on:   [Wikipedia]   [Google]   [Amazon]

Psychological subversion (PsychSub) is the name given by Susan Headley to a method of verbally manipulating people for information. It is similar in practice to so-called social engineering and
pretexting Pretexting is a type of social engineering attack that involves a situation, or pretext, created by an attacker in order to lure a victim into a vulnerable situation and to trick them into giving private information, specifically information that t ...
, but has a more
military A military, also known collectively as armed forces, is a heavily armed, highly organized force primarily intended for warfare. It is typically authorized and maintained by a sovereign state, with its members identifiable by their distin ...
focus to it. It was developed by Headley as an extension of knowledge she gained during
hacking Hacking may refer to: Places * Hacking, an area within Hietzing, Vienna, Austria People * Douglas Hewitt Hacking, 1st Baron Hacking (1884–1950), British Conservative politician * Ian Hacking (born 1936), Canadian philosopher of science * Dav ...
sessions with notorious early
computer network A computer network is a set of computers sharing resources located on or provided by network nodes. The computers use common communication protocols over digital interconnections to communicate with each other. These interconnections are m ...
hackers like
Kevin Mitnick Kevin David Mitnick (born August 6, 1963) is an American computer security consultant, author, and convicted hacker. He is best known for his high-profile 1995 arrest and five years in prison for various computer and communications-related cri ...
and Lewis de Payne.


Usage example

Headley often gave the following exampleDEF CON III Archives
/ref> of the use of psychological subversion: Suppose the
hacker A hacker is a person skilled in information technology who uses their technical knowledge to achieve a goal or overcome an obstacle, within a computerized system by non-standard means. Though the term ''hacker'' has become associated in popu ...
needed access to a certain classified military computer called, say, IBAS. He would obtain the name of the base commander or other high-ranking official, gain access to the
DNS The Domain Name System (DNS) is a hierarchical and distributed naming system for computers, services, and other resources in the Internet or other Internet Protocol (IP) networks. It associates various information with domain names assigned ...
network, (which is the separate military telephone network) and dial up the computer center he needed to reach, which was often in a secured facility. The person who answered the phone would usually be a low-ranking enlisted person, and the hacker would say something like, "This is
Lieutenant A lieutenant ( , ; abbreviated Lt., Lt, LT, Lieut and similar) is a commissioned officer rank in the armed forces of many nations. The meaning of lieutenant differs in different militaries (see comparative military ranks), but it is often su ...
Johanson, and
General A general officer is an officer of high rank in the armies, and in some nations' air forces, space forces, and marines or naval infantry. In some usages the term "general officer" refers to a rank above colonel."general, adj. and n.". O ...
Robertson cannot access his IBAS account, and he'd like to know WHY?" This is all said in a very threatening tone of voice, clearly implying that if the general can't get into his account right away, there will be severe negative repercussions, most likely targeting the hapless person who answered the phone. The hacker has the subject off guard and very defensive, wanting nothing more than to appease the irritated general as quickly as possible. The hacker then goes silent, giving the victim ample time to stammer into the phone and build up his fear level, while listening for clues from the victim as to how best to proceed. Eventually, the hacker suggests that the tech create a temporary account for the general, or change the general's password to that of the hacker's choice. The hacker would then have gained access to a classified military computer. It is important to note that this technique would not work any more, in no small part thanks to Headley's teaching of the military agencies about such methods during the 1980s.{{citation needed, date=November 2017


Scientific methodology

While pretexting methods and so-called social engineering are based on on-the-fly adaptations during a phone call made to the victim with very little pre-planning or forethought, the practice of PsychSub is based on the principles of NLP and practical
psychology Psychology is the scientific study of mind and behavior. Psychology includes the study of conscious and unconscious phenomena, including feelings and thoughts. It is an academic discipline of immense scope, crossing the boundaries betwe ...
. The goal of the hacker or attacker who is using PsychSub is generally more complex and involves preparation, analysis of the situation, and careful thought about what exact words to use and the tone of voice in which to use them.


Classified thesis

Headley's thesis entitled "The Psychological Subversion of Trusted Systems" was classified by the DOD in 1984 and so far has not seen the light of day. As a result, further information about PsychSub is generally unavailable outside of Headley's own seminars on the subject during the 1980s at
CIA The Central Intelligence Agency (CIA ), known informally as the Agency and historically as the Company, is a civilian foreign intelligence service of the federal government of the United States, officially tasked with gathering, processing, ...
technology and spycraft-type seminars such as Surveillance Expo.


References

(1
Headley's talk at a hacker convention in Las Vegas
Deception Psychological abuse Social engineering (computer security)