About two weeks ago, I was looking for book I have called “Mike Caro’s Book of Poker Tells” for a post I wrote about in regards to poker as a great game to learn social engineering. I looked through several boxes that I have that are just books, but I came up empty handed, however I hit psychology pay dirt as I found some psych text and note books from my first undergrad degree. One in particular is “Theories of Human Communication 5th Edition” by Stephen W. Littlejohn, which I will be referring to in this entry. Also a possible source of reference, “The Art of Deception: Controlling the Human Element of Security” by Kevin Mitnik and William L. Simon.
Groupthink is a theory proposed by Irving Janis. While group decision making is considered a quicker and more efficient way to solve a problem or perform a task, Janis also has pointed out its pitfalls. While he recognizes groups with strong bonds perform better and new members conform to the rules quicker, there is a downside as well. (ibid p. 286) He has identified six negative outcomes.
In order for company X to get their spy into company A, I think someone from the attacking company would have to grease the wheels of an unhappy employee at the target business, preferably a person in the position of being involved with the hiring of new employees. So, maybe an exec at company X pumps an unhappy HR worker for information and in return the HR employee gets a little cash under the table, dinners to great restaurants, etc.
Two months into the spy’s job, an IT department meeting is called to discuss how to design and implement a new product for their marketing efforts; an application that can revolutionize how they collect and use customer data in order to increase sales drastically. Access to the database that this app would create could be considered invaluable to their competitors.