Low Tech Hacking

Street Smarts for Security Professionals


  • Jack Wiles, Jack Wiles is a security professional with over 40 years' experience in security-related fields. This includes computer security, disaster recovery, and physical security. He is a professional speaker, and has trained federal agents, corporate attorneys, and internal auditors on a number of computer crime-related topics. He is a pioneer in presenting on a number of subjects, which are now being labeled "Homeland Security" topics. Well over 10,000 people have attended one or more of his presentations since 1988. Jack is also a co-founder and President of TheTrainingCo., and is in frequent contact with members of many state and local law enforcement agencies as well as Special Agents with the U.S. Secret Service, FBI, IRS-CID, U.S. Customs, Department of Justice, The Department of Defense, and numerous members of High-Tech Crime units. He was also appointed as the first President of the North Carolina InfraGard chapter, which is now one of the largest chapters in the country. He is also a founding member of the U.S. Secret Service South Carolina Electronic Crimes Task Force. Jack is also a Vietnam veteran who served with the 101st Airborne Division in Vietnam in 1967-68, where he was awarded two Bronze stars for his actions in combat. He recently retired from the U.S. Army Reserves as a lieutenant colonel and was assigned directly to the Pentagon for the final seven years of his career.
  • Terry Gudaitis, Terry Gudaitis, Ph.D., is the CyberIntelligence Director at Cyveillance. Terry gained a foundation for her expertise as an operations officer and behavioral profiler at the CIA's Counter Terrorist Center. At CIA, she was responsible for developing terrorist profiles, assessments of informants, and managing targeting teams. In addition to her corporate-related work, Terry has served on the United States Secret Service Advisory Board for Insider Threat, regularly presents at national and international conferences, and has authored publications in numerous security-related journals and books.
  • Jennifer Jabbusch, Jennifer Jabbusch, CISSP, CISO, HP MASE, JNCIA-AC, is a network security engineer and consultant with Carolina Advanced Digital, Inc. Jennifer has more than 15 years' experience working in various areas of the technology industry. Most recently, she has focused in specialized areas of infrastructure security, including Network Access Control, 802.1X and Wireless Security technologies. Ms. Jabbusch has consulted for a variety of government agencies, educational institutions, and Fortune 100 and 500 corporations and has spoken at a variety of conferences including DeepSec, SecTor, TechnoSecurity, RSA®, InfoSec World, CSI, and many others. In addition to her regular duties, she participates in a variety of courseware and exam writings and reviews, including acting as subject matter expert in the Cryptography domain of the official (ISC)2® CISSP® courseware (v9). You can find more security topics and musings on her security blog at http://SecurityUncorked.com.
  • Russ Rogers, Russ Rogers (CISSP, CISM, IAM, IEM, Hon. Sc.D.), author of the popular "Hacking a Terror Network: The Silent Threat of Covert Channels" (Syngress, ISBN: 978-1-928994-98-5), co-author of multiple books, including the best-selling "Stealing the Network: How to Own a Continent" (Syngress, ISBN: 978-1-931836-05-0) and "Network Security Evaluation Using the NSA IEM" (Syngress, ISBN: 978-1-59749-035-1), and former editor-in-chief of The Security Journal, is currently a penetration tester for a federal agency and the co-founder and chief executive officer of Peak Security, Inc., a veteran-owned small business based in Colorado Springs, CO. Russ has been involved in information technology since 1980 and has spent the past 20 years working as both an IT and InfoSec consultant. Russ has worked with the U.S. Air Force (USAF), National Security Agency (NSA), Defense Information Systems Agency (DISA), and other federal agencies. He is a globally renowned security expert, speaker, and author who has presented at conferences around the world in Amsterdam, Tokyo, Singapore, São Paulo, Abu Dhabi, and cities all over the United States. Russ has an honorary doctorate of science in information technology from the University of Advancing Technology, a master's degree in computer systems management from the University of Maryland, a bachelor of science degree in computer information systems from the University of Maryland, and an associate's degree in applied communications technology from the Community College of the Air Force. He is a member of ISSA and (ISC)2® (CISSP). Russ also teaches at and fills the role of professor of network security for the University of Advancing Technology (www.uat.edu).
  • Sean Lowther, Sean Lowther is the President and Founder of Stealth Awareness, Inc. (www.stealthawareness.com). Sean is an independent consultant who brings years of experience designing and implementing information security awareness programs at the highest level. He founded Stealth Awareness, Inc. in 2007. Sean worked at Bank of America for over seven years, managing the enterprise information security awareness program. The program received the highest rating from its regulators and was consistently rated "world class" by industry peer groups. Sean has worked with BITS, the Financial Services Roundtable Task Force on Privacy, prior to the enactment of the Gramm-Leach-Bliley Act. He produced the video "It's Not If, But When" for the Financial Services Sector Coordinating Council in partnership with the U.S. Treasury Department with the goal to improve critical infrastructure protection and Homeland Security.

Criminals using hacking techniques can cost corporations, governments, and individuals millions of dollars each year. While the media focuses on the grand-scale attacks that have been planned for months and executed by teams and countries, there are thousands more that aren't broadcast. Low Tech Hacking focuses on the everyday hacks that, while simple in nature, actually add up to the most significant losses. Attackers are using common techniques like social engineering, wireless hacking, and targeting and surveillance to gain access to valuable data. This book contains detailed descriptions of potential threats and vulnerabilities, many of which the majority of the information systems world may be unaware. Author Jack Wiles spent many years as an inside penetration testing team leader, proving these threats and vulnerabilities exist and their countermeasures work. His contributing authors are among the best in the world in their respective areas of expertise.
View full description


Penetration Testers, Internal Auditors, Information Systems Auditors, CIOs, CISOs, Risk Managers, Fraud Investigators, System Administrators, Private Investigators, Ethical Hackers, Black Hat Hackers, Members of Local, State, and Federal Law Enforcement, Corporate Attorneys


Book information

  • Published: December 2011
  • Imprint: SYNGRESS
  • ISBN: 978-1-59749-665-0


"In Low Tech Hacking: Street Smarts for Security Professionals, the authors, all information security veterans, bring their collective experience to the printed word and show how low-tech hacks can be just as devastating as a large-scale directed attackā€¦Overall, [it] is a value reference for security professionals to use to ensure they are securing their networks adequately, to fend off the average attackerā€¦The authors have written a book that is light on theory, but heavy on actionable things the reader can quickly do to secure their network. And that is a very good thing."--Security Management, February 2013 and other publications

"In the age of extreme technology, the defenders have made Low Tech a low priority, concentrating more on the common high tech solutions intended to protect organizations. But attackers are resurrecting the art of Low Tech Hacking. The techniques discussed in this book are given new life because they allow attackers to strike at the weakest links: human and physical. This book is the right tool to bring the Low Tech back into focus."--Greg Miles, Ph.D., CISSP, CISA, Principal at Peak Security, Inc.

"Low Tech Hacking is perfect for waking people up to the dangers that lurk on the Internet and especially in their physical environment. All chapters are littered with helpful tips and warnings, which more often then not include the authors' ā€˜war storiesā€™ as illustrative examples. And even though the book has been written by five different authors, they all do a great job at keeping the explanations and examples clear and concise, and at making us think for ourselves and consider things we never marked before. In short, I would effectively recommend this book to everyone."--Net-Security.org

"While the media focuses on grand-scale hacking, companies are losing money every day from simpler hacking techniques. This book, by Jack Wiles, Terry Gudaitis, Jennifer Jabusch, Russ Rogers and Sean Lowther, details less sophisticated hacking techniques, such as social engineering, wireless hacking, and surveillance to gain valuable data, and offers countermeasures."--iWeek Magazine.com

"All in all, Low Tech Hacking is a great overview of unconventional offensive and defensive methods to secure an organization. It will not make testers experts on physical security or wireless attacks all of a sudden, but it is a lively and useful starting point for further reading and training and a handy reference during an audit, too."--Computers and Security 31 {2012} 738

Table of Contents

Foreword by Paul A. Henry
Chapter 1: Social Engineering-The Ultimate Low Tech Hacking Threat
Chapter 2: Low Tech Vulerabilities-Physical Security
Chapter 3: More About Locks and Ways to Low Tech Hack Them
Chapter 4: Low Tech Wireless Hacking
Chapter 5: Low Tech Targeting and Surveillance-How Much Could They Find Out About You?
Chapter 6: Low Tech Hacking for the Penetration Tester
Chapter 7: Low Tech Hacking and the Law-Where Can You Go For Help?
Chapter 8: Information Security Awareness Training: Your Most Valuable Countermeasure to Employee Risk