We have problems with our physical security, operational security through to management.
Both social engineering and technical attacks played a big part in what I was able to do. It was a hybrid. I used social engineering when it was appropriate, and exploited technical vulnerabilities when it was appropriate.
As a young boy, I was taught in high school that hacking was cool.
I saw myself as an electronic joy rider.
You can't go to Windows Update and get a patch for stupidity.
All they need to do is to set up some website somewhere selling some bogus product at twenty percent of the normal market prices and people are going to be tricked into providing their credit card numbers.