Hackers' Low-Tech Tool: A Phone Call : Planet Money Hackers call up corporations and try to get them to reveal sensitive information. Hello, Wal-Mart?

Hackers' Low-Tech Tool: A Phone Call

Hackers' Low-Tech Tool: A Phone Call

  • Download
  • <iframe src="https://www.npr.org/player/embed/139680012/139680142" width="100%" height="290" frameborder="0" scrolling="no" title="NPR embedded audio player">
  • Transcript

The conference for the best hackers in the free world is held every year in Las Vegas. It's called DefCon. The entrance fee is $150, cash only. (And it's a bad idea to use the ATM at a hacker conference.)

There are lots of hacking competitions at DefCon, most of which are complicated and technical. But one contest is very simple.

Hackers call up a corporation and try to persuade the person who answers the phone to give them sensitive information. The technique is called social engineering, and it's been a key element of some recent high-profile hacks.

At the competition, contestants sit in a glass phone booth and call unsuspecting corporations. Their conversations are played on a P.A. system for dozens of spectators.

A guy named Mark is up next. He calls Wal-Mart and says he's in the company's I.T. department.

Each contestant has 25 minutes in the glass booth. There's a checklist of information they're supposed to get: What time the company's packages are delivered, what kind of anti-virus software they use, whether the company uses the most up-to-date operating system.

Mark is only 18 years old. It's his first time competing here. But he actually gets a few key pieces of information. (Wal-Mart declined to comment for this story.)

The audience at the contest — as at many DefCon competitions — isn't just hackers. Also in attendance: Security companies that corporations hire to defend themselves.

And a couple seconds after Mark leaves the booth, he gets a job offer from a security company.