Information Warfare: Socially Engineered Super Weapons

Archives

February 13, 2009: The U.S. Department of Defense is trying new ways to motivate their millions of computer users to resist "social engineering" attacks, where, instead of sneaky computer code, a clever bit of malarkey separates the victims from the data they are supposed to be protecting. The deceptive pitch is usually delivered via an email or popup on your screen. Once you reply (by clicking on the popup message or opening a file attached to the email) a hacker program begins grabbing information off your PC, or even secretly taking control of it. This shows how vulnerable organizations are to losing valuable information via nothing more than an email message or a mouse click.

The new motivation takes the form of announcing that there will be a test attack in, say, the next two weeks. Anyone who takes the bait will be notified, and perhaps required to undergo additional training. This sort of security testing is in addition to the long used "Tiger Team" approach. Tiger Teams use experienced good guy ("white hat") hackers working for a security testing firm, and using the same tools as the bad guy ("black hat") hackers use,  to attack the target system and see just how vulnerable it is.

There are many other ways to gain access to corporate, or military networks, with similar social engineering techniques. For example, just leaving some thumb (flash memory) drives around for your target population to pick up, will see many of the marks plugging the drive into a USB port, where your special software will inflect that system with whatever sneaky software you wanted to get in there. All the mark will see are some innocent files. The Department of Defense has recently handled this threat by forbidding anyone from using a thumb drive on a military PC. The military networks are equipped with software that detects a thumb drive, refuses to connect with it, and alerts the security people. This protection is not perfect, but it's a big improvement.

But it gets worse. A pretty girl just coming up to a guy and asking for his password, works more frequently than you imagine. Mostly you have to worry about less personal, or in-your-face techniques. Carefully prepared emails (with virus attached) and addressed, by name, to the recipient, would have fooled many recipients, because they were personalized, and this helped prevent network defenses from detecting the true nature of these messages. These targeted emails from hackers were very successful. If the recipient tried to open the attached file, their computer who have hacking software secretly installed. This software would basically give the hacker control of that PC, making it possible to monitor what the user does on the computer, and have access to whatever is on that machine.

While many recipients sense that the "spear fishing" (or "phishing") attack is just that, some don't, and it only takes a few compromised PCs to give someone access to a lot of secret information. This would be the case even if it is home PCs that are being infected. American legislators have discovered office and personal PCs of themselves and their staffers infected.

But many other attacks are only discovered when they are over, or nearly so. The attackers are very well prepared, and usually first make probes and trial run attacks on target systems. When the attackers come in force, they don't want to be interrupted. And usually they aren't. Most government sponsored attackers use techniques similar to those employed by criminal gangs trying to get into banks, brokerages and big businesses in general. Thus it is believed that Chinese hackers try, as much as possible, to appear like just another gang of cyber criminals. But the Chinese have certain traits that appear more military than gangster.

 

 


Article Archive

Information Warfare: Current 2018 2017 2016 2015 2014 2013 2012 2011 2010 2009 2008 2007 2006 2005 2004 2003 2002 2001 2000 1999 


X

ad
0
20

Help Keep Us Soaring

We need your help! Our subscription base has slowly been dwindling. We need your help in reversing that trend. We would like to add 20 new subscribers this month.

Each month we count on your subscriptions or contributions. You can support us in the following ways:

  1. Make sure you spread the word about us. Two ways to do that are to like us on Facebook and follow us on Twitter.
  2. Subscribe to our daily newsletter. We’ll send the news to your email box, and you don’t have to come to the site unless you want to read columns or see photos.
  3. You can contribute to the health of StrategyPage. A contribution is not a donation that you can deduct at tax time, but a form of crowdfunding. We store none of your information when you contribute..
Subscribe   Contribute   Close