All tagged information security

Detecting potential threats like a sniper

Red Teams
Fieldcraft

​This is an idea I've been playing with for a while. It's still under development, but the basic technique is similar to the one snipers use to search and detect targets.

One of the skills we learned at the scout/sniper school was the detection of targets. We would lay on our bellies and try to find hidden objects that the instructors placed in the field via the use of scopes. We also needed to detect an instructor acting like a sniper.  

All the objects (or potential threats) were hidden in a large piece of land, some close and some far. It would have been almost impossible to randomly start scanning for the targets in such a large area, so a simple technique was used: begin scanning with the naked eye for objects near and from left to right, then move a bit farther from right to left, etc. Once you get to a point where the naked eye is not good anymore, use a scope.  

Essentially you create a grid on the area where you move from close to far and from left to right and scan each sector for a potential threat, then you log everything you see.


Digital Drones

Red Teams
Digital, Fieldcraft

​There has been a lot of talk about drones lately. There is no doubt that they are a valuable asset in the current war and they will most likely have a central role on upcoming wars.

But there is another kind of drone. The digital counterpart.

Digital drones are sophisticated little programs that hackers and security penetration testers have been using for years to recon their targets, to collect information, to download and upload malicious or utility code, to control the remote system or to attack it. They can also deliver a payload, execute it and self destroy.  

This is not new, we've been using these kind of programs to attack/recon since the 90s, however due to the increase support for more intelligent interfaces on operating systems, the drones too have gotten more intelligent and capable through the years.

Chasing the ghost in the machine

Red Teams
Digital, Red Teams
On one project I was brought in to try to find out how internal, proprietary and confidential information was being leaked out of the company. This was a case of corporate espionage.

The security people inside the company were completely clueless. They monitored the network and firewall to try to find where the leak was coming from. They tried for several month and by the time I was hired they didn’t even know whether it was someone that have penetrated them from the internet or an internal job.