It’s dangerous to go alone… take this

The world can be a dangerous place full of risks and threats. If you imagine a location that you would consider to be high risk, you are likely thinking of a place where great physical danger is a real possibility.

Next, if I asked what things you would like to bring with you to such a place in order to improve your odds of survival, you would probably think of things like:

• Body armor

• Guns

• Armored vehicles

And if you happen to have excess money or are considered to be a VIP, you will likely also bring with you bodyguards. The entire point of a bodyguard is to bring a highly trained person who has the sole task of ensuring your safety in hostile environments, but what if physical danger isn’t the thing that you are concerned with?

What if the danger you are facing is that of espionage, the real risk of someone from a foreign government, competing company or just a theif who would like to extract specific information from you.

These types of things happen every day, and despite rigorous training on how to combat elicitation attempts, skilled elicitors very often succeed.

While there are many techniques for combating elicitation, in this post I will only be focusing on one, so as to not make this into a novel.

What Is Elicitation and Why Does It Work?

Elicitation is a series of techniques and methods to extract specific information from a target without them realizing it has happen. The usualy way that elicitation works involves building rapport, conversing normally, pivoting to a desired topic naturally, engaging in subtle techniques then pivoting back to a mundane topic.

This conversational dance can occur over the course of hours or just a few minutes depending on various factors. But if you imagine conversing with someone over the course of an evening, a few glasses of wine, many laughs and never did they ask you about anything off limits, then there clearly was no harm … right?

Skilled elicitors exploit human nature by steering conversations, making people feel comfortable, and relying on psychological triggers like curiosity or the need to correct mistakes. People tend to remember several important parts of a converstaion:

• Beginning

• End

• Emotional topics

• Sensitive questions

As an elicitor, you want to extract the information, without actually asking the question, instead, you set up the conversation so the target volunteers it naturally. This approach to talking ot people can be very awkward for someone new to the game, but consider the following.

What’s the best and most reliable way to get accurate information on an internet forum like reddit? It’s not by simply asking a question, instead, you ask something, then use a second account to post an incorrect answer.

Very soon, people will jump in to provide the correct information, eager to correct the mistake. Now think about why this happens.

This taps into a basic human instinct—the desire to feel knowledgeable and therefore valuable. Elicitors use these same tactics in face-to-face interactions, subtly manipulating people into revealing things they didn’t intend to share.

I have written extensively about elicitation and social engineering on this blog, and I highly encourage those interested to browse the other posts if they are curious for more.

Countering Elicitation: Enter the Buddy System

Counter elicitation is the practice of detecting these attempts to extract information and stopping them in their tracks. While there are many strategies to combat elicitation, one of the most effective is also the simplest: the buddy system.

A good elicitor will try to build rapport and get the target a bit emotional—then using methods such as making a presumptive or incorrect statement getting the target to volunteer specific information without ever having been asked it.

For instance, if someone says something slightly off about a topic you know well, you may feel the urge to correct them immediately. If you’re extroverted, which most people are, and already a bit trusting of your elicitor, this instinct is even stronger. Before you know it, you’ve handed over the precise information they were fishing for, all without realizing it.

Whats further is that you don’t have to give up all the goods at once. If you are someone with a great deal of knowledge or valuable information the extraction can take place over an entire evenings conversation, or spread out over days, weeks or even months. All the while, slowly building rapport and extracting the information little by little, all without you realizing whats happening.

This is where the buddy system becomes invaluable. Your “social engineering bodyguard” can act as an extra layer of defense. While you’re engaging in conversation, your buddy can remain an observer, calmly monitoring whether the conversation veers into dangerous territory.

The simple presence of another person listening closely, espcially one who is skilled in elicitation themselves, makes it much harder for an elicitor who has manipulated you or steered the discussion into sensitive areas to be successful. Your buddy can step in if needed, interrupt or change the subject, and even pick up on manipulation tactics that you might miss in the heat of the moment.

The Chinese for example are master elicitors and very often when they invite US scientist or engineers to give speeches or go to conferences in China those same scientists will return and exclaim that they never discussed anything off limits.

But when debriefed about what was said, an elicitor will quickly notice all kinds of techniques that were used and only then do they realize that they did in fact give up sensitive information. Having a buddy present could have stopped the attempt in its tracks and prevented the loss of critical information.

Why the Buddy System Works

The buddy system is effective because it does two things:

1. Disrupts the Manipulation – When there’s a second person present, especially one who isn’t emotionally invested in the conversation, it becomes much harder for the elicitor to control the flow of information. They can’t rely on emotional triggers or rapport-building as easily, since there’s someone else who will notice the manipulation. By standing off in the conversation and actively listening, your buddy will notice any tricks or techniques being used against you and if the conversation approachs a danger zone.

2. Offers an Outsider's Perspective – While you may be caught up in the conversation, your buddy remains objective, watching for any red flags or subtle attempts at elicitation. They are more likely to notice when things are getting personal, the topics veer into sensitive areas or when the elicitor is fishing for information.

Having a social engineering bodyguard can mean the difference between keeping critical information safe and inadvertently giving it away.

While not everyone will be able to have a paid and trained elicitor watching over them at all times, it should be considered standard operating procedure if you are entering into what you consider to be a high risk environment of espionage.

Conclusion

Elicitation is a sophisticated technique that takes advantage of human nature to extract sensitive information. But counter elicitation, specifically using the buddy system, is an effective way to combat these attempts.

In the same way that you would never send a VIP into a hostile enviornment without a bodyguard, nor should you send them alone into an enviornment where they are likely to get elicited.

A vigilant buddy can help ensure that no one gets too close to your secrets, offering a shield against even the most subtle attempts.

Remember, it’s dangerous to go alone—so take a buddy!

Training Resources:

For individuals looking for a hands on training that includes all of the above topics, Covert Access Team (covertaccessteam.com) provides training courses focused on physical penetration testing, lockpicking, bypassing techniques, social engineering and other essential skills.

• Covert Access Training - 5 day hands on course designed to train individuals and groups to become Covert Entry Specialists

• Physical Audit Training - 2 day course on how to setup and run a physical security audit

• Elicitation Toolbox Course - 2 day course of that primarily focuses on elicitation and social engineering as critical aspects of Black Teaming

• Counter Elicitation - 2 day course on how to recognize and prevent elicitation attempts, and safegaurd your secrets.

• Cyber Bootcamp for Black Teams - 2 day course designed explicitly for physical penetration testers who need vital cyber skills to add to their toolbox.

• Private Instruction - Focused learning & training based on your needs .

Comments

[Hidden Security | Rick]

Reminds me of cold reading, which might also be a good tool for Elicitation and learning how to detect it.