We used to call it ‘con artistry’ or ‘propaganda.’ The spy age optimized it in the form of a ‘double agent’; with the computer age, ‘cracking’ got annexed into its mix. Generally, it was all ‘cloak-and-dagger’ realm: information and results obtained by less-than sincere means.
Underhanded as its history may be perceived, social engineering gained a mainstream charm at the turn of the century. Movies like the OCEANS remake and CATCH ME IF YOU CAN place the motivations to use its tactics in a more agreeable light; Hu$tle enjoyed eight seasons of success displaying its playfulness. Other series, like Pretender and – more directly – Lie to Me, converted the skill set from a ‘heel-only’ set of tricks to something that ‘yes, good guys can use, too.’
Social engineering techniques, in practice, exploit cognitive biases – things that people are socially conditioned to react to in a particular manner. One could say that, in a technical sense, the processes behind conning, manipulating, and cracking have been re-packaged as applicable science.
In a popular sense, entertainment has shown that it’s not just for back alleys or politics anymore. Characters on both sides of the moral coin have applied social engineering to advance their agendas, their efforts playing out as climactic moments on the big and small screens.
Check out 5 fictional people that characterize social engineering in an updated light. Note that part of the intrigue of social engineering is that as a collected science, it’s still relatively new: search for the terms identified in bold and see where they take you. Additional links at the end.
5. The Blacklist – Raymond Reddington, ‘Supercriminal’
From the moment he knelt at the entrance of FBI Headquarters, alarms going off, it was certain that Raymond Reddington has a play.
While the details of his endgame are still a mystery, the path Reddington has set is rife with socially-engineered ploys. Immediately, Red’s co-operation with the FBI has the stigma of being ‘Quid Pro Quo’: Red has a list of criminals he’s willing to hand to the Feds – criminals that hold true, frightening power in the underworld, so well-hidden that they’re not even on the authority’s radar.
In exchange, he asks to be accommodated with freedoms that allow for better mobility in his lifestyle as the ‘concierge of crime.’ Yes, his list is that good and the Feds reluctantly agree. But everyone involved is sure there’s more to his demands than just getting a free pass.
In the meantime, names on his list get crossed off with a bit of his help. Reddington shows the Feds just how to entrap each of the targets: what their trademarks are, how their weaknesses can be exploited. Reddington appears to have been building rapport with all of these criminals over the course of twenty years, leading to the day where he’d be in a position to bring them all to justice.
It’s unclear as to why, though it likely has to do with a dark experience in his past, re-defining him this way. Did we mention Reddington started on this road as a Marine being groomed for admiral?
In the midst of this, he’s been patient in persuading Lizzy – his main FBI contact – about the truth of her marriage, doing so in a very specific manner. He is noticeably protective of this woman (who’s young enough to be his daughter), allowing her time and opportunity to find the truth about her husband on her own.
With every move, it’s evident that Reddington is playing for a long-term, lasting goal. Social engineering tactics are a prime component in his arsenal.
4. NOW YOU SEE ME – The Four Horsemen, ‘Magicians’
Daniel Atlas, Henley Reeves, Merrit McKinney, and Jack Wilder: a modern interpretation of Robin Hood’s Merry Men.
As magicians, these guys are well past sensational misdirection: their skill level make most believe in ‘magic as magic’ again. It earns them potential recruitment by The Eye – a secret society of magic artists; they band together as The Four Horsemen, and live from Las Vegas, they rob a bank in Paris in real-time. It was an intended target with a purpose.
That was the first show. The next official show was in New Orleans; what they did in the FBI Interrogation rooms before that, though, was definitely spectacle worth beholding.
The world of performance magic is definitely a place where social engineering can find a home. McKinney is an NLP-wielding mentalist that not only implants suggestions, but can also uncover people’s secrets just by talking with them. Check out his intro scene where he interrupts a couple and reveals the husband has been cheating on the wife, then wipes the wife’s memory clean after the husband pays him off.
While a cinematic extreme, the theory behind it is that key words imbedded in your speech can trigger ‘tell’ reactions you can work off of to obtain the full truth. Jack Wilder does this in reverse: while being pursued by the Feds, he listens to Agent Rhodes’ voice long enough to mimic it on the radio, misdirecting the search. The mirroring throws off the pursuit, allowing the other Horsemen to escape.
The purpose of The Four Horsemen was to sensationally expose the unjust practices of specific firms and corporate groups. In the end, it looks like they did everything right. The Horsemen played the diversion theft game so well that they followed through with Atlas’ promise, remaining “one step – three steps – seven steps ahead of you, and just when you think you’re catching up, that’s when we’ll be right behind you. And at no time will you be anywhere other than exactly where we want you to be.” When operating, that’s exactly what a social engineer is aiming for.
3. Agents of S.H.I.E.L.D. – Skye, ‘Hacktivist’
We all know by now that Nick Fury elicited the Avengers to react as heroes towards Coulson’s death: he planted the bloodied cards because “they needed the push.” Being a super-spy, that’s to be expected.
In Agents of S.H.I.E.L.D., the Marvel Cinematic Universe has another example in the character Skye, whose interactions with social engineering are purposed with a sense of irony. Hacktivist-turned-SHIELD recruit, the character finds herself between two paradigms where social engineering runs rampant.
The first trait is made obvious: from the start, her ability to crack secured government databases is a given. As a member of Rising Tide, information she acquires exposes scandals and cover-ups, undermining the integrity of those behind it.
She’s asked to join Coulson’s team in a consulting capacity. She does so initially to secretly further the Rising Tide agenda. Then, as she comes to sincerely think of her teammates as family, she becomes eager to reciprocate their trust.
Of the best of these is in her pretext impersonating Melinda May. Starting with no money, and ex-communicated from her team by the powers that be, she 1. tracks her target, 2. acquires clothes for the part, 3. steals her target’s car, 4. drives it to his house, 5. calls the police to stand down the theft alert, 6. waits for him to come home, then 7. wields the authority of a high-ranking SHIELD agent to get the information needed to find a captured teammate.
The relevance of Social Engineering, with respect to Skye, is not just in the ‘gags’ but in the reasons why they’re applied: so far, they’ve been integral in defining her character’s potential. In moving from one side of the spectrum (hacktivist) to the other (government agent), she’s learning to define herself, using techniques in social engineering to help carve the way.
2. Eden of the East – Takizawa Akira, ‘NEET’
Takizawa Akira is a different kind of social engineer. And at a time where being a social engineer can be considered different enough, that’s saying something.
Takizawa is one of twelve Selecao – citizens of Japan from varied walks of life, selected at random to access 20 billion yen each and a personal assistant named Juiz, all from a custom cell phone. The catch is that they have to change Japan for the better before the 20 billion is spent, or face assassination if they don’t deliver.
While one of Takizawa’s biggest feats was framing the organization of 20,000 unwitting NEETs (young people Not in Education, Employment, or Training) to avert crisis on Careless Monday, perhaps the most outstanding feat of framing he conducted was on himself: at the start of the series, we meet him with a self-inflicted memory wipe. The reason behind is one of the things we follow, leading ultimately to the series’ climax.
Takizawa comes off as a naturally likable person, so building rapport is a natural thing for him. Despite that, he is willing to be seen as a terrorist, attracting attention to himself as a visible target. This, in place of the real threat that keeps itself unseen, is an application of manipulation techniques that holds a tactical twist.
Ultimately, the effort is what leads to an iconic image and the agenda that propels him through the films that followed the series. Self-inflicted social engineering, at once self-sacrificing and rewarding.
1. Sherlock – Sherlock Holmes, ‘Private Detective’
In Sherlock, they all start in the chair: that’s where Holmes and Watson listen, to see if they’ll take the case.
For Watson, it’s more or less a formal interview. For Holmes, it’s a few well-placed comments that make up a mild interrogation, along with an analysis of the micro expressions that surface. All to see if there is anything that could hint at being misleading, or – even better – being more intriguing than they let on.
For Sherlock, the application of social engineering is part of daily life. He reads its effects on others as if picked up by a sense outside our standard five. And the standard five he uses to the extreme, taking no data for granted: anything he’s experienced is stored in a Mind Palace, via Method of Ioci – perhaps one of the oldest known techniques that a social engineer can utilize.
Within the show, it’s the villains who are just as keen as Sherlock that are the most stimulating. Moriarty was just as adept in equal and opposing amounts; Irene Adler used it to intrude upon secrets via sexual urges. Magnussen proved, in a few key ways, to be a bastardized variation. Social Engineering isn’t just limited to the villains + Sherl – it’s employed prominently by some of the supporting characters: Mycroft, Mary… Overall, these characters establish a well-defined criteria that separates the smart people from the exceedingly smart people.
One could deduce that part of Sherlock’s appeal is that it creates a world where social engineering feels commonplace, and shows how interactions there might look like. A graduation from typical antagonistic fare that reveals, to quote Dr. Seuss, ‘Oh, The Places You’ll Go!’
As a larger debate has tried to convince us, science is indifferent to morality – it’s up to the individuals that apply it to be guided by moral sense. What do you think? If you’re familiar with any of the examples above, do they show how knowledge of Social Engineering can be more helpful or hurtful?
Paul Ekman – co-founder of micro expressions
social-engineer – top training company for social engineering and home website of Christopher Hadnagy
John Grinder – co-creator of Neuro-Linguistic Programming (NLP)
Richard Bandler – co-creator of Neuro-Linguistic Programming (NLP)
The entire run of PHRACK – containing articles by white-hat hacker and social engineer ‘Archangel’,