DeepSec 2024 Training: “Look What You Made Me Do”: The Psychology behind Social Engineering & Human Intelligence Operations – Christina Lekati

Sanna/ August 26, 2024/ Conference/ 0 comments

Social Engineering and Human Intelligence (HUMINT) operations both rely heavily on effectively navigating a person’s mind in order to steer their behavior. As simple as this sounds, “quick and dirty” influence tactics will not take an operator very far. Behavior engineering is a complex, multilayered process that requires a good understanding of human psychology and self-awareness.

In this intensive masterclass, participants will get access to the underlying psychology responsible for the way people think, decide, and act. They will also learn to influence and reshape all three layers. What are people’s automatic triggers? How can you engineer predictable action-reaction responses that produce a desirable outcome? How do you cultivate a target into taking specific actions or divulging information? But also, what are the ethical boundaries and moral implications of this process?

The class will revolve around two main pillars:

Understanding humans.

Some areas we will cover include:

  • Human needs (universal, individual)
  • Decision making
  • Perception engineering and re-framing
  • The person and the situation
  • Profiling (online & in-person)

Engaging effectively with human targets

  • Developing the right mindset
  • Reading body language
  • Using body language to connect, establish trust or communicate authority
  • Planning the approach
  • Building rapport & engineering trust
  • Enhanced influence tactics
  • Elicitation
  • …and more!

This class is a rare opportunity to gather insights that are almost never been taught in open classes. We will work these concepts around the scenarios of social engineering, covert HUMINT, and virtual HUMINT.

We asked Christina a few more questions about her training.

Please tell us the top 5 facts about your training.

  1. This is a rare opportunity to learn about the behavior engineering and human psychology that is almost never being taught in open classes.
  2. The skills and knowledge gained in this class are timeless. What you learn, you can use for the rest of your life.
  3. You will learn to incorporate sound psychological principles in human-centric security operations and to better control the outcome of your interactions.
  4. You will employ what you learn in any setting and situation.
  5. The material taught provides a solid competitive advantage for human-related security operations.

How did you come up with it? Was there something like an initial spark that set your mind on creating this talk?

I teach a lot of classes about social engineering and intelligence gathering to both private and government employees. Most of those classes include a blend of technical and psychological aspects. Time and again, I notice a necessity to focus more on the psychological aspects of social engineering and human intelligence operations. One reason is that the participants themselves ask for it. The second reason is that we repeatedly notice that these professionals are rarely getting the practical training on psychology that they need to maximize the effectiveness of their interactions with people, even in situations where this knowledge is critical.

“What helps me be confident in my strategy when I approach someone?” “How do you establish trust with a stranger?” “How do you ‘read’ a person to know what they think?” “Can you actually learn how to be good in those interactions (social engineering & HUMINT)?” These are all frequently asked questions that require much more than a quick answer.

This is one of those times where we see the need, listen to our students, and try to support them with the practical knowledge they need.

It is time to de-code the human, and the psychology involved in effective social engineering and human intelligence operations.

Why do you think this is an important topic?

When your security operations involve people, being perceptive and able to understand individuals, their motives, and their behavior becomes paramount. Human skills are the decisive factors in the success of these operations. Social engineering and human intelligence operations are human-centric. An interaction that requires engineering a person’s behavior and getting them to cooperate goes beyond quick-and-dirty influence and persuasion strategies. It is a complex, multi-layered process that is rarely being taught.

This class will be highly beneficial to professionals engaged in social engineering and human intelligence as it will help them understand humans deeply, anticipate certain situations, develop their own confidence, but also gives them a significant advantage when engaging with them.

Is there something you want everybody to know – some good advice for our readers, maybe?

Ego and judgment are two of the horsemen of death in any human-centric operation. The way you carry yourself, your body language, tone of voice, but also your very own unique personality all play a role. If you come to this class, be prepared to come with an open mind, leave stereotypes behind, and be ready to reflect on how you conduct yourself, too.

Leave the rest to me. I promise to make it fun!

A prediction for the future – what do you think will be the next innovations or future downfalls for your field of expertise / the topic of your talk in particular?

While technology keeps evolving, human psychology has remained the same. In a somewhat reasonable-but-paradoxical way, technology takes up so much of our time and focus that many forget to invest in learning and employing psychological principles in their operations. Observing, understanding and steering human behavior is often the be-all and end-all factor in these operations, and can be (surprise!) a predictable one.

The good news here is that whatever you learn in this class will be an investment that will reliably keep paying off for years to come. I can confidently say that the skills taught in this class withstand the test of time.

Christina Lekati is a psychologist and a social engineer. With her background and degree in psychology, she learned the mechanisms of behavior, motivation, and decision-making, as well as manipulation and deceit. She became particularly interested in human dynamics, passionate about social engineering and in extent, open-source intelligence. Christina is currently working with Cyber Risk GmbH as a senior social engineering trainer and consultant. She is also conducting targeted Open Source Intelligence (OSINT) vulnerability assessments to help organizations or high-value individuals identify and manage risks related to human or physical vulnerabilities. Christina is the main developer of the social engineering programs provided by Cyber Risk GmbH. These programs are intertwining the lessons learned from real-life cases and previous experiences in the fields of cybersecurity, open-source intelligence, psychology, and counterintelligence. She was an active Executive Board Member at the OSINT Curious project, contributing to the international scene of Open-Source Intelligence (OSINT) with the latest news, updates, and techniques for collection and analysis.became interestedmajor developermajor developer

Share this Post

Leave a Comment

Your email address will not be published. Required fields are marked *

*
*

This site uses Akismet to reduce spam. Learn how your comment data is processed.