• No results found

Social Engineering for Penetration Testers

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Social Engineering for Penetration Testers"

Copied!
20
0
0

Loading.... (view fulltext now)

Download now ( 20 Page )

Full text

(1)

18 June 2006

Social Engineering for Penetration Testers

Social Engineering for Penetration Testers

Sharon Conheady [email protected] / [email protected] +44 (0)20 7951 8936 Sharon Conheady [email protected] / [email protected] +44 (0)20 7951 8936

(2)

What is Social Engineering?

What is Social Engineering?

efforts to influence popular attitudes and social behaviour on a large scale, whether by

governments or private groups

- Wikipedia definition

efforts to influence popular attitudes and social behaviour on a large scale, whether by

governments or private groups

(3)
(4)
(5)
(6)
(7)

What is Social Engineering?

What is Social Engineering?

techniques hackers use to deceive a trusted

computer user within a company into revealing sensitive information, or trick an unsuspecting mark into performing actions that create a

security hole for them to slip through - Kevin Mitnick

techniques hackers use to deceive a trusted

computer user within a company into revealing sensitive information, or trick an unsuspecting mark into performing actions that create a

security hole for them to slip through

(8)

Different types of attacks

Different types of attacks

- Mumble attack - Reverse engineering - 10 attack - Phone v’s Physical - Lots more - Mumble attack - Reverse engineering - 10 attack - Phone v’s Physical - Lots more

(9)

The social engineering problem

The social engineering problem

- Sumitomo Mitsui Bank

- Lexis-Nexis

- ChoicePoint

- Credit Union

- Sumitomo Mitsui Bank

- Lexis-Nexis

- ChoicePoint

(10)

Why perform a social engineering

test?

Why perform a social engineering

test?

• To test the effectiveness of physical security controls • To test the level of security awareness among staff • Good practice for staff

• To test the effectiveness of physical security controls • To test the level of security awareness among staff • Good practice for staff

(11)

The stages of the attack

The stages of the attack

1. Target identification 2. Reconnaissance

3. Creating your scenario 4. Going in for the attack 5. Getting out again

1. Target identification 2. Reconnaissance

3. Creating your scenario 4. Going in for the attack 5. Getting out again

(12)

Reconnaissance

Reconnaissance

• Passive information gathering

– Google

– Company website – Annual reports

– Job ads / Employee resumes – etc

• Physical reconnaissance

– Where are the security guards?

– Do smokers congregate in a certain area outside? – Where are the CCTV cameras?

– What time do employees go in / leave the office? – etc

• Passive information gathering

– Google

– Company website

– Annual reports

– Job ads / Employee resumes

– etc

• Physical reconnaissance

– Where are the security guards?

– Do smokers congregate in a certain area outside?

– Where are the CCTV cameras?

– What time do employees go in / leave the office?

(13)

Creating Scenarios

Creating Scenarios

• Think about how sophisticated your attack needs to be

• More security focused organisations, eg, banks, will require a more complex attack • Use props

• Keep it realistic

• Think about how sophisticated your attack needs to be

• More security focused organisations, eg, banks, will require a more complex attack • Use props

(14)

Going in for the attack

Going in for the attack

• Use your scenario to get in • Gain access to network

• Prove you were there

• Think about how to get out again

• Use your scenario to get in • Gain access to network

• Prove you were there

(15)

A few tips

A few tips

• Use a false name, but use your own first name. • Consider using a surname that sounds like

your own.

• Be a woman (preferably a foreign one) • Flirt / use flattery

• Offer an incentive • Get a job

• Use a false name, but use your own first name. • Consider using a surname that sounds like

your own.

• Be a woman (preferably a foreign one) • Flirt / use flattery

• Offer an incentive • Get a job

(16)

Secrets of Success

Secrets of Success

• Balance of Power

• Time Travel – or how to be an effective liar

• Balance of Power

(17)

What can go wrong?

What can go wrong?

• You are recognised

• Balance of power backfires

• Overcompensate by giving too much detail • Everything

BE PREPARED

• You are recognised

• Balance of power backfires

• Overcompensate by giving too much detail • Everything

(18)

How to prevent social

engineering attacks

How to prevent social

engineering attacks

• Education & Awareness • Social engineering testing • Security policy

• Vet all your staff

• Don’t trust anyone!

• Education & Awareness • Social engineering testing • Security policy

• Vet all your staff

(19)

Use of this Information

Use of this Information

This presentation pack necessarily represents only part of the information

which we considered in carrying out our work, being that which we considered to be most relevant to our understanding of your needs, in the light of this

presentation.

The information in this presentation pack will have been supplemented by

matters arising from any oral presentation by us, and should be considered in the light of this additional information.

If you require any further information or explanations of our underlying work, you should contact us.

The information in this presentation pack is confidential and contains

proprietary information of Ernst & Young. It should not be provided to anyone other than the intended recipients without our written consent.

Anyone who receives a copy of this presentation pack other than in the

context of our oral presentation of its contents should note the first two points above, and that we shall not have any responsibility to anyone other than our client in respect of the information contained in this document.

This presentation pack necessarily represents only part of the information

which we considered in carrying out our work, being that which we considered to be most relevant to our understanding of your needs, in the light of this

presentation.

The information in this presentation pack will have been supplemented by

matters arising from any oral presentation by us, and should be considered in the light of this additional information.

If you require any further information or explanations of our underlying work, you should contact us.

The information in this presentation pack is confidential and contains

proprietary information of Ernst & Young. It should not be provided to anyone other than the intended recipients without our written consent.

Anyone who receives a copy of this presentation pack other than in the

context of our oral presentation of its contents should note the first two points above, and that we shall not have any responsibility to anyone other than our client in respect of the information contained in this document.

(20)

Questions

Questions

For more information, please contact:

For more information, please contact: Sharon Conheady

Technology & Security Risk Services

Ernst & Young UK

London

UK

Tel #: +44 (0)20 7951 8936

[email protected]

Tony Ritlop

Technology & Security Risk Services

Ernst & Young Canada

Montreal

Quebec

Tel #: 514.879.2679

[email protected]

David Dunn

Technology & Security Risk Services

Ernst & Young Canada

Toronto

Ontario

Tel #: 416.943.2597

References

Download now ( PDF - 20 Page - 603.90 KB )

Related documents

Double deflation: theory and practice

The equality between the column totals of the supply and use matrices at PYP is ensured by making real value added the residual in the use table. It remains to prove that total

Anomaly Detection Aiming Pro-Active Management of Computer Network Based on Digital Signature of Network Segment *

This paper proposes a novel anomaly detection system based on the comparison of real traffic and DSNS (Digital Signature of Network Segment), generated by BLGBA model, within

Food for Thought: An exploration of the relationship of Academic Confidence to Academic Sustenance in Australian undergraduate students.

This discussion considers each of the elements as either an affirmative or adverse influence on an individual’s Overall Academic Confidence (OAC), suggesting a

The Relationship between Parental Mediation and Facebook Victimization and in-Person Victimization, Both Directly and Indirectly Being Mediated by The Intensity of Facebook Use by Middle School Students in An International School in Bangkok, Thailand

Also examined in the study was the overall difference in frequencies from victimization on Facebook and victimization which occurs from bullying in-person, amongst middle

Government debt levels and the systemic risks associated with post-crisis fiscal policies

With the argument that fiscal policy has brought about unnecessary spending, and that the associated excessive budget deficits bring about unsustainable public debt,

Chorionic thickness and PlGF concentrations as early predictors of small-for-gestational age birth weight in a low risk population

A statistically significant negative correlation was dem- onstrated in the study cohort between the maternal serum PIGF levels, foetal heart rate (FHR), birth weight and length,

The protective effect of ettlingera coccinea (TUHAU) against autoxidation-induced ox brain homogenate

Evaluation of Aqueous and Methanolic Extract of Leaves of Epipremnum Aureum for radical Scavenging Activity by Dpph Method, Total Phenolic Content, reducing Capacity Assay and

Package cues and their influence on the perception of Premium quality of Premium private label products

The premium private label products had most of the package elements the respondents found to signal good quality: the dark green color, the gold (or beige in the case of