Sometimes, it’s useful to imagine what you would do if you were to hack a company. Who would you hack, why would you hack, and how would you hack. What would you do if you were going to hack? It’s a useful exercise because it forces you to put yourself in an attackers shoes and look at how secure you are from an outside perspective. It’s easy to think in terms of being an insider – people do that all the time because they see a vulnerability inside their own company and then try to provide it’s a vulnerability. Or maybe they just want to practice some technique they saw someplace. But attacking from the outside is a whole other story.
So let’s try this little exercise. I’ll go first.
It’s always good to think strategically. What is your end goal that you want to achieve (that’s always the case with any exercise and hacking isn’t any different)? For this exercise, I’m going to think in terms of what I’m seeing a lot of nowadays, and that’s hacking for profit.
Who am I going to hack? Well, first off, when I look at my hacking skills, I’m not that good so I’m going to go after a target that I think would be a little easier. If I was well practiced, I’d feel confident enough to go after a bigger target but, in this case, a smaller target makes sense.
I’ve always been of the believe that the REAL money is on Wall Street. More specifically, white collar crime where you can make money by having early knowledge that something was going to happen in terms of a takeover or a merger/acquisition and then make the appropriate bet on the stock market based on the proverbial “insider knowledge”. So, based on that, I’m going to look at a smaller company that has been showing a track record of buying and selling companies. So let’s make my imaginary target a smaller Merger and Acquisition company that focuses on mergers and acquisitions.
Okay, I’ve determined my target. What specifically am I going to look for? Am I going after a server? Am I going after an Application? It’s important to remember that my imaginary target probably isn’t using any special application but, rather, sending emails back and forth between the executives about what they are doing and when they are planning on doing it. Maybe they’ve gotten so strategic that they have a Project Manager and that person is reporting back to the executives using Powerpoint slide decks. Okay, I now know specifically what I’m going to focus on.
I’m going after email! Not the Email Server, the emails on the executive’s computers.
That information will provide me insider information on what is going on. Plus, because I’m going after the executives themselves, I’m going to focus on their laptops. These are people that will work all hours and not necessarily from work. Sometimes they’ll work on an airplane. Sometimes from a hotel. And sometimes from home.
Okay, very specifically, I’m going to focus on the CEO of my imaginary target, his/her laptop, and when he/she IS AT HOME!
Okay, now it’s easy. I don’t have to worry about firewalls or fancy IPS devices. I don’t have to worry about internal infrastructure because I’m pretty sure that their home networks will be much easier to break into. Do they have a home office? Of course they do. So maybe I can spy on them and see their password as they enter it into their computer. So I’ll use some form of social hacking to get into their home office – maybe I’m with a Computer company, maybe I’m with a local painting company and I’m going to give a free quote. Whatever – while I’m in the home, I’ll figure out about his home WiFi and how it’s configured. I might even be able to do that from the street and not need to get into the home.
…. this is fun …
Okay, as a teaser, I’m going to finish this blog tomorrow. But, to finish, I have their password to their laptop now. So what do I do?
Think about it …
Hope this helps …