One of the basic tools of any good hacker has always been the ability to utilize the concept of social engineering as made famous by people like Kevin Mitnick and the Badir Brothers. The idea being -– according to Wikipedia — that “All social engineering techniques are based on specific attributes of human decision-making known as cognitive biases. These biases, sometimes called "bugs in the human hardware," are exploited in various combinations to create criminal attack techniques.”

While this type of ploy has been used to gain access to computer systems for various reasons, it also raises an interesting idea of it being used to get people to willingly do things on the Web that they might not think of doing on their own. Some might suggest that this is just another form of the mob mentality that we see in things like flash mobs, but I wonder if this isn’t just another form of social hacking.

Long before things like social networks and social media were the hot buzzwords used to spark VC feeding frenzies, things like Web forums and newsgroups were the main social communication tool. People would go from Web forum to Web forum to spread news about people or products, good or bad. The overall effect of this type of promotion was usually limited, but it was still possible to get people riled up over something on a much larger scale.

Then along came blogs and the ability to instantly publish or comment about a person or a product. It provided a much easier way to galvanize people into acting, even if only verbally. To this mix now come things like Twitter, FriendFeed, Facebook, or any number of instant social tools that can broadcast your message instantly around the world to a potentially unlimited number of people. The effect being that within minutes you can galvanize an immense number of people into a single action.

One of the best of the classic online flash mobs can be seen anytime anyone says something negative about Apple products. The moment someone posts something like this, whether on a Web forum or a blog, you can be sure that in very short order the site will be inundated with Apple's faithful arguing against whatever has been said. This varies from intelligent discussion to hateful things being said about the person who wrote the post.

Bring this forward to today and we see, as Svetlana Gladkova at Profy.com points out in a post, just how easy it could be to cause a major news group to pull down a service because of a social hack.

I believe CNN editors expected to receive opinions from the site’s main target audience (which definitely is not in Russia) but what it received instead were mainly votes from Russia with the first answer getting 92% of votes (or over 329 thousand of people). How did this happen? Very simple actually. The information about the CNN poll quickly made it to the Russian blogosphere (it is impossible to determine where it all started because of the huge number of posts on the topic) and bloggers started encouraging their readers to go to CNN and vote for the first option. The news was quickly disseminated over an enormous number of the Russian blogs and the results were predictable: 92% supported the official point of view of the Russian government.

The reality is that even with the simple social media tools that we have today it would be incredibly easy to use them to organize people unknowingly to attack the Web presence of a person or brand. Just as we can see daily on services like Twitter, where people are being directed to charities or new products, this group mentality could potentially be used as in the CNN story to cause damage. Why use things like botnets when you can just as easily obtain the same results by using social media - and it’s legal to boot.

We see evidence of the mob mentality on an almost daily basis within social services like FriendFeed, albeit they are of a small and benign nature. Is it really that large of a step before incidents like the one that happened with CNN become part of the norm? Are we really beyond being used in such a way without even realizing that we have been a part of a social hack attack?

Would you even realize it if you had been socially hacked?