The other day, a hacker compromised someone’s email account. It was almost certainly a phishing attack, he probably just sent them over an email claiming to be from the victim’s organisation and then just, well, asked for their credentials. From there, the attacker wandered over to the web portal of the victim’s organisation and attempted to logon, which unfortunately for him didn’t work. No worries, they simply called up the helpdesk who kindly gave him access. So now he’s logged in to the victim’s portal and he heads over to a virtualised environment which he authenticates to using the victim’s credentials from the first step. Now he has access to the victim’s documents and can begin traversing the network under the identity of his target. He grabs tens of thousands of records about the organisation’s employees… and dumps them publicly.
The organisation was the US Department of Justice and the dumped data was 20,000 FBI and 9,000 DHS records, according to Motherboard. Oh – the attacker was also a 16-year-old kid. Allegedly, it was the same kid who socially engineered his way into the director of the CIA’s account last year. Evidently, manipulating humans via these engineering attacks is a rather effective way of breaching systems!
Only a week ago, I launched my latest Pluralsight course, Ethical Hacking: Social Engineering. This was the fifth in the epic Ethical Hacking series I’ve been working on with a co-author and in my humble opinion, perhaps the best course I’ve created to date (I love that it’s so broadly relevant regardless of the viewer’s technical competency). Just as I was wrapping up the editing of the course during my European travels last month, I had the opportunity to record another Play by Play course – that is a video of myself and someone else as opposed to just a screen cast – so I grabbed my good mate and fellow Pluralsight author, Lars Klint. Just to give you a quick sense of what goes into one of these Play by Play courses, Lars snapped this pic of us setting up:
A Play by Play was a really good opportunity to talk about social engineering because it allowed us to demonstrate the nuances of human interaction which is pretty pivotal to this class of attack. The video format allowed me to show devices I was carrying with me, demonstrate how an attacker would execute computer based social engineering (there’s a great demo of BeEF in there), and also show human based attacks which relied on us both being present in the same place.
One of the techniques we show and discuss in the course is “tailgating” or in other words, a social engineer simply following someone else through an otherwise secure door in order to gain access to a premise. Quite coincidentally, I saw a great example of how circumventing physical security measures can be done as I arrived onsite to run a workshop shortly after this. I was waiting at the reception of a financial institution which had turnstiles in the foyer and employees would file through one by one, swiping their access card as they go… except for one lady. She turned up on crutches and was summarily issued around the side of the turnstiles by a friendly security guard without any swipe of her pass. This is precisely the sort of behaviour we demonstrate in the course, albeit with me carrying a box and seeking assistance through the door and it can be that easy.
I really enjoy doing these Play by Plays because they’re very candid discussions and super easy to watch. There’s hardly any editing compared to a normal Pluralsight course delivered as a screencast and the dynamics between the individuals make it a very different viewing experience. This is now the third Play by Play I’ve done and believe it or not, it’s now my twentieth Pluralsight course and I’m enormously happy that it’s now live.
Go and check it out at Play by Play: Social Engineering with Troy Hunt and Lars Klint.