All tagged digital ops
One project I was involved in earlier on was the testing of the customer's digital quick reaction force (QRF). This group of security and IT professionals were supposed to be at the ready in cases where the organization's networks or systems were being compromised.
So we set to work. We needed to find a way into their networks. Usually the best way in would be a social engineering attack where we would send the target an email with a weaponized document or a link to a site with code that can exploit different vulnerabilities on their browsers, however this time we also wanted to see how good their security hardening practices were, how their perimeter was set and whether they were monitoring the different network devices at all.
After a short scan of their public facing IP range we found a server with a vulnerable version of IIS (the Microsoft web server software). A little digging around on different hacking forums gave us several exploits we could try.
First we ran an exploit we developed that would set some alarms. It wasn't going to give us access, but it would make IIS dump a lot of weird logs. We randomly inserted messages to be logged hinting to us attacking the server. We even added a contact email address and phone number. After 24 hours of attacking it, we had no one contacting us. We moved to phase 2.
Once in a while you have a project that you know will be a lot of fun. One of the biggest telecom providers dropped a project exactly like that a couple of years ago.
They wanted a full red team assessment, including external and internal digital assessments as well as a physical one. The scope: the entire company. This included the corporate HQ and its employees, the service stores across different cities, local offices, mall stores and the factory. This was a HUGE project. They time allotted? 6 months. Perfect.
On this particular project my team and I were tasked getting access to the VP of marketing's laptop. Part of the team began tailing the VP so we have an idea of what his daily routines were. The other part of the team began checking the company's network in order to try to penetrate it and find our way to the VP's laptop from there. As a last resort we would try a physical penetration of the building so we could get to the laptop.
After over a week we didn't have anything concrete on the digital pentest side, they were fairly secure. We could eventually find a vulnerability that may be exploited but we were under a very tight timeframe for the project. We were considering the physical pentest when J. called me from the field and told me that he discovered the VP has an unsecured Bluetooth connection on his laptop.
On a rather interesting project, I spent an hour trying to convince the assistant of a CEO (the AA) I was targeting to open a PDF that contained important information that I needed the CEO to consider. It was important to me that she open it while I was on the phone because I needed to verify that I had a connection to their network via the code I embedded in the weaponized PDF.
She wouldn’t have it. She kept on saying that she would open it later when she was free. Not good. Eventually she got tired of me (I was using every trick in the book to convince her!) and she said: “Fine! I’ll open it.”
There has been a lot of talk about drones lately. There is no doubt that they are a valuable asset in the current war and they will most likely have a central role on upcoming wars.
But there is another kind of drone. The digital counterpart.
Digital drones are sophisticated little programs that hackers and security penetration testers have been using for years to recon their targets, to collect information, to download and upload malicious or utility code, to control the remote system or to attack it. They can also deliver a payload, execute it and self destroy.
This is not new, we've been using these kind of programs to attack/recon since the 90s, however due to the increase support for more intelligent interfaces on operating systems, the drones too have gotten more intelligent and capable through the years.