8/23/2018

1

Hacker Hijinks –Human Ways to Steal Your Business Data

Who We Are?

Ethical Hackers & Penetration Testers

Incident Response & Digital Forensics

Digital Intelligence Analysts

Businesses & People Get “Hacked” Everyday

56 Million Credit

Card Owners

32 Million Personal Identities/ Divorces? 80 Million Personal Identities & Healthcare Data

Too Many To Count 3 Billion Accounts

Hundreds of Millions

8/23/2018

2

Hack In From Wireless

Hack In From The Internet

Hack Over the Phone Lines

Hack Web Applications

Hack Cloud Based Applications

Hack Via Social Engineering

Methods of Hacking

Hack Via Available & Recycled Data

AboutThis Presentation

Steal an Identity

Mine Internet Intelligence

Hack a Bank Network

Break into the Building

Methods of Intelligence Gathering

ELECTRONIC INTELLIGENCE - ELINT

COMMUNICATIONS INTELLIGENCE - COMINT

SIGNAL INTELLIGENCE-SIGINT

HUMAN INTELLIGENCE - HUMINT

8/23/2018

3

Methods of Intelligence Gathering

OSINT

Anything Publically Available

OSINT is defined by both the U.S. Director of National Intelligence and the U.S. Department of Defense (DoD),as "produced from publicly available information that is collected, exploited, and disseminated in a timely manner to an appropriate audience for the purpose of addressing a specific intelligence requirement

Open Source Intelligence

OSINT

''Using this public source openly and without resorting to illegal means, it is possible to gather at least 80% of information about the enemy.''

Open Source Intelligence

OSINT

Al-Qaeda, Encyclopedia of Jihad

8/23/2018

4

OSINT & Inspire

“Open Source Jihad”

Terrorists Adopted the Methodology

PROCESS

OSINT

8/23/2018

5

OSINT Process

Attaching the Person to a Digital Entity

Email

Username

Phone Number

Anchor Points

OSINT Process

Email

Username

Phone Number

Internet

Attaching the Person to a Digital Entity

Attaching the Person to Digital Content or Analog Data

8/23/2018

6

Business Uses

OSINT

Human Resources

Hiring Decisions

YOU’REHIRED

NOT HIRED

Litagation

Legal Industry

Employee

Lawyers

EmployerYou’re Being Sued

8/23/2018

7

FOR THESE BUSINESS PURPOSES

THESE ARE NOT ALLOWED

Any Communication

Pretexting

Phishing

Collaboration

Reconnaisancefor

Defeating Security

OSINT

FOR TESTING SECURITY

Pretexting

Phishing

THESE ARE ALLOWED

Any Communication

Collaboration

Deception

8/23/2018

8

Sources of Intelligence

OSINT

Your Personal Data

Leverage All Personal Information

Social Networking / Media Sites

Blog Sites

8/23/2018

9

What Do You Look For?

Anything You Can Use…

Social Networking Sites Blog Sites

Web Sites Email Addresses

Login User Names Domain Ownership

Anything Publically Visible on the Internet

Phone Numbers Personal Relationships

TOOLS

OSINT

OSINT Tools & Resources

SNT Copyright 2004. Secure Network Technologies, Inc. All rights reserved.

8/23/2018

10

OSINT Tools & Resources

PEOPLE DATABASES

OSINT

OSINT PEOPLE DATABASES

Paris Hilton

Hi Everybody

PHONE NUMBERS

EMAIL ADDRESSES

RESIDENCES

8/23/2018

11

Database Results

RESIDENCES

PHONE NUMBERS

MOBILE PHONE NUMBERS

RELATIVES

EMAIL ACCOUNTS

MY DATA!PEOPLE DATABASES

IMAGERELATIONSHIP

TOOLS

OSINT

OSINT - Image Tools

8/23/2018

12

METADATATOOLS

OSINT

OSINT Tools-Meta Data

•••

100101000

Email Addresses

Usernames

Document Author

OSINT Tools-Meta Data

8/23/2018

13

Other Resources…

http://rr.reuser.biz/

Dark Web

Internet/Public WebUnderstanding The Layers

The Iceberg Model

DeepWeb

• Medical Records

• Academic Information• Scientific Report• Government Data• Legal Documents• Social Media• Not Crawled by Search

Engines

DarkWeb

• Private Communication

• Illegal Pornography• Contraband• Drug Trafficking• Lots of Bad Stuff

8/23/2018

14

Dark NetBlack SUV-Not Good

Internet

How Not To Get To The DarkWeb/DarkNet

How To Get to the DarkWeb

Burner Laptop Tor Client Software

Download From…

https://www.torproject.org/download/download-easy.html.en

Your Path to the DarkWeb

How To Get to the DarkWeb

Burner Laptop Tor Client Software

Install it on the Virtual Machine

https://www.torproject.org/download/download-easy.html.en

8/23/2018

15

Tails Screen Shot

Searching the DarkWeb

Searching the DarkWeb

Searching the DarkWeb

8/23/2018

16

Tails Screen Shot

Searching the DarkWeb

Hitman

Services

Fake ID’s

Firearms

Credit Cards

Dark Markets

PASSWORDDATABASES

OSINT

8/23/2018

17

Accounts in the Database

8/23/2018

18

Steal an Identity

Use a False Identity

8/23/2018

19

Target Your Victim NAME

Home Town

Plays Hockey

Music

Male

SNT Copyright 2004. Secure Network Technologies, Inc. All rights reserved.

Physical Address

OSINT Process

Persons name and another detail is needed.

Use Home Town

Phone Numbers

Email Address

Additional Data is Often Tied to the Residence

Physical Addresses

Relatives

Pictures

Maiden Name & Alias

WhatsTied to the Physical Address

Where WillYou Get That?

8/23/2018

20

Same Address Location

Compare Database Content for Validation

Same Phone Numbers

Same Email Accounts

Refine Your Search Using Available Databases

I Live There

Input Your Targets Digital Identifiers

Investigate Digital Relationships

8/23/2018

21

EXAMINE DIGITAL RELATIONSHIPS

EXAMINE ALUMNI PORTAL

USE FIND MY RECORD

INVESTIGATE THE REGISTRATION PROCESS

CONFIRMATION OF IDENTITY?

WE NEED HIS BIRTHDATE

8/23/2018

22

LOCATE HIS BIRTHDATE

STATS INCLUDE DOB

CONFIRMATION OF IDENTITY?

WE NOW HAVE HIS BIRTHDATE

FINISH THE REGISTRATION PROCESS

CREATE CREDENTIALS

SECURITY WORD?

AGREE TO T’s & C’s

8/23/2018

23

REVIEW AND MODIFY PERSONAL INFORMATION

COMPLETE HIS PROFILE

ADD CONTACT DATA

FAMILY FIELDS COMPLETED

REQUEST FOR MORE INFORMATION

Registrars Office

I NEED MY STUDENT

INFO

PLEASE FILL OUT THIS

FORM

REQUEST FOR MORE INFORMATION

TRANSCRIPT REQUEST

FORM

8/23/2018

24

RECEIVE TRANSCRIPT VIA FAX

THOSE ARE MY GRADES!

AND MY SOCIAL SECURITY NUMBER!

Hacker CollectsBanking Credentials

Apply for Credit at These Fine Retailers

…All on Scotts Identity

Hack the Network

8/23/2018

25

Investigate Digital Relationships

SCOTT WORKS AT BANK

FACEBOOK RELATIONSHIPS

LINKEDIN RELATIONSHIPS

Use Company Stalker in Maltego

Investigate Social Networking Sites

8/23/2018

26

Use Fake Social Networking Identities

Become “Friended” by Bank Employees

Harvest Data from a Victim

Company Email Addresses

Personal Email Addresses

Occupation

Home Address

Business Address

Phone Numbers

Note Activities or Special Groups

Pictures

8/23/2018

27

Scour LinkedIn for Email Victims

MANUAL EFFORT TIME CONSUMING

LinkedIn RESTRICTS VISBILITY

VICTIM MAY SEE ACTIVITY

Harvest Emails Using Automation

DOMAINS

SEARCH

ENGINES

8/23/2018

28

Register a Bank-Benefits.com

Purchase an SSL Certificate

Steal The Company Web Page

8/23/2018

29

The Completed Phishing Site

Send out the Email Phish

This email name was intentionally chosen to be slightly suspicious looking. bennies@bank-benefits.com

Acknowledgement Page

8/23/2018

30

The Completed Phishing Site

Results of the Phish

On A Sunday Night ~460 email addresses were sent out

By 11:30 on Monday Morning over 39% provided user names and passwords

By 12:00 on Monday we had to stop the exerciseAnd bring down the website

External Systems Compromised

VPNConnections

Online Bank Systems

Email Systems

Leverage Your Findings

8/23/2018

31

Defeat Physical Security

Use CaseFileTo Manage Analog Findings

Building Location

Property Details

Security Concerns

Leverage Management Company

8/23/2018

32

Building Map

Office Space Layout

Look for Phone Numbers Based on Company

& Domain Name

Use Maltego To Manage Digital Process

8/23/2018

33

Use WarVoxTo Dial Phone Systems

Identify an Employee from FB

Badge Printer

Print a Badge

8/23/2018

34

Print Credentials

Enter the Building

Enter the Building

8/23/2018

35

Bring in the Crew

We Spent One Week in the Building

Questions?

Thank You.