I have a question to ask you all. If I wanted to study things to get to the point where internally/externally I could coordinate a hack of this magnitude, what things do I need to study? What are the technical things needed to pull something like this off? What are the social corporate things I needed to know to pull this off? I know that we don't have specifics, but I'm asking as a pure academic exercise how much I'd need to know to pull this off, and how to get away with it too.
Unfortunately majority of big breaches like this are a result of social hacking rather than some computer science magic. However to answer your question of how much you'd actually need to know? Decent networking and system understanding as well as how to apply this knowledge in reverse engineering. Finally you need loads of luck. Most of penetration testing is just throwing existing things at the system and generally looking around for flaws and if you're lucky you might just stumble on something valuable.
Well that's what I'm asking about. What social hacking principles possibly were used here? What is the understanding that the attacker has about the people inside the company and how security is at companies like this to pull off a breach like this?
