Social Engineering is defined as an act of psychological manipulation of a human being. Generally, it is using “soft skills” to get others to do or give you what you want. This can vary from confidential personal information, such as passwords or banking information, to something as mundane (yet savoury) as a girl’s cellphone number.
Recently, it has caught on as a skill now recognized as useful yet nefarious, particularly in the realm of information & digital security. A whole realm of hackers have begun developing this skill and using it, along with their technical expertise, to access others’ information or systems. As opposed to simply attacking systems directly with software, social engineering allows these people to achieve their goals through the use of leading questions and other techniques such as phishing or baiting.
Although I don’t condone the action of hackers and their iniquitous ways that have led to events such as The Fappening or the 2011 PlayStation Network Outage, I do find value in some of the techniques that can be used beneficially for people in their daily lives to simply achieve a happier state of mind, and even make them better, more capable leaders.
What Does Social Engineering Entail?
Although various different techniques exist, I’ll only cover a few that can be worked on through daily interactions with others. These are the ones I believe can be useful to any person in a plethora of social situations. Please note that some of these techniques can be considered malicious and don’t always involve honesty. Again, depending on how you use them, you may actually be doing something for the greater good. Reasoning is in the eye of the user.
Misrepresentation in the sense of social engineering is the use of a false or misleading account to further one’s own objective. This technique essentially involves producing a certain reason for your opinion or need, yet having a hidden agenda to work towards.
My major example of this involves a time I recently required certain items from the quartermaster (QM) on base for an overseas operation. The QM is notorious for having lengthy wait times, being understaffed, and generally providing poor service. Knowing just before the Christmas holidays that the place would be swamped upon re-opening in January, I hatched a little plan.
I called them just before the last day of work in December and asked to book an appointment for the first day back. Obviously they were unable to fit me in due to the high demand, yet I still asked for the person’s name over the phone and thanked them for helping me. In the new year, I reported to the QM and found there to be an approximately three-hour wait time. I promptly reported to the side desk reserved for appointments and told them I had an appointment.
Upon verifying the schedule, they did not find my name. I then told them that “Corporal so and so” had spoken to me on the phone and told me to come in and simply pick up my kit issue, since it was only a few items anyways. I politely smiled and told them I was in no rush, despite this being the complete opposite of the truth. Within five minutes, the young corporal had all my items signed out and ready to be issued to me.
Essentially, through the use of politeness and by misrepresenting my intentions, and through the use of prior knowledge about someone who worked there, I was able to avoid the 3-hour wait and get back to work with my troops, wasting no precious time.
Tailgaiting is simply the pursuit of legitimate access and the use of diversion to provide the illusion that you also have such access. An example of this is my friend who has been smoking since he was fourteen. Although I disagree with his personal choice, I have always been curious to how he was able to purchase cigarettes despite being underage.
He told me his technique simply involved striking up conversations with others buying cigarettes at the same time that they bought them, then partaking in conversations with the manager to divert them from his age. If prompted for his ID, he would simply respond he had forgotten it in the car and would leave, or, on some occasions, the person he had just been talking to would vouch for his age.
Clearly this demonstrates that through conversation, one can engage strangers and make them comfortable enough to forego regulations. By essentially distracting them through the use of humour and stories, my friend showed that you can essentially gain what you desire without the required pre-requisites.
Spear phishing is an extension of regular phishing, which essentially uses highly customized approaches towards individuals based on their traits and qualities in order to obtain the desired goal or effect. The most common example of this is misrepresenting ones own credentials, religion, or beliefs to align with someone else’s and make you more desirable in their eyes. When you do “pre-game” research on women before approaching them, if you use the information you’ve obtained through research, you are essentially spear phishing.
This can stretch to much larger situations, including the one above where I used a person’s name that worked for the QM to essentially tailgate my way into the establishment and then misrepresent my intentions.
How This Applies To Leadership
Eisenhower is quoted as having said: “Leadership is the art of getting someone else to do something you want done because he wants to do it“. Essentially, by motivating someone to become engaged in your cause, you are using social engineering. The techniques mentioned above may not be the most moral pieces of advice, but they are definitely tools that should be added to your arsenal as the fact remains that, in today’s society, things aren’t getting any easier and people aren’t getting any more rational.
I encourage you to branch out from here and practice these techniques on your own time, be it in game or even at work. Social engineering can be used in any interaction with other people, be it at work, at social events, or even at home!
Use misrepresentation to motivate your subordinates through unappealing work by falsely committing to it yourself (AKA smiling during tough times). Use tailgating to approach that girl at the community centre and make her think you’ve met before. Jake Gyllenghaal gives us a perfect example in Love and Other Drugs.
At the end of the day, social engineering is what you make of it. And, while I don’t condone the use of its techniques to harm others beyond repair, I do think that knowledge of it is in our best interest as leader moving forward in an amoral society of privileged, irrational people.