PEOPLE

HACKING

AN OVERVIEW OF SOCIAL ENGINEERING

PRESENTED BY MASSIVE LABS’ MATT MOSLEY

WHY IS THIS

IMPORTANT?

According to a March 2000 article in the Washington

Post. Mitnick went on to say that,

“You could spend a fortune purchasing

technology and services…and your

network…could still remain vulnerable

to old-fashioned manipulation.”

“The weakest link in the security

chain is the human element.” -Kevin Mitnick

PEOPLE WANT TO

HELP

“...people inherently want to be helpful

and therefore are easily duped.”

“They assume a level of trust in order to avoid

conflict.”

“It’s all about, gaining access to information that

people think is innocuous when it isn’t.”

From Kevin Mitnick’s book The Art of Deception:

WHAT IS PEOPLE

HACKING!?

Social Engineering

Mind Control

Cheap Tricks

Stage Hypnotists

Magicians

Scam Artists

Con Artists

BRAINS ARE JUST

LIKE COMPUTERS

• You can read and write to them

• You can give them instructions

• The brain has limits on memory

• Make them do what you “program”

them to do

BUT…there is no

anti-virus protection

SMOOTH CRIMINAL

VICTOR LUSTIG

WHY IT WORKED OUT

SO WELL

JDEE TO HER

FRIENDS

QUICK RUNDOWN OF

SINAPTS

SiNAPTS or “Synapse” is service that is unique to

Tevora with a funny acronym. Social Networking Advanced Persistent Threat Survey

Information included in these reports are gathered from

publicly available repositories.

Advanced Persistent Threat (APT) usually refers to an

attacker with both the capability and the intent to

persistently and effectively target a specific entity.

SINAPTS IN ACTION

http://www.facebook.com/profile.php?id=##############9

SINAPTS IN ACTION

Within an hour… Within minutes…

Brother

Father

http://www.facebook.com/profile.php?id=10################509

http://www.pownetwork.org/bios/######.htm

http://www.usmilitariaforum.com/forums/lofiversion/##############.html

INFORMATION GATHERED

Graduated from Georgia State University

Went to General H.H. Arnold High School

Wife’s maiden name Palmer

Favorite pet’s name Whiskers

Mother’s maiden name Wallace

He married his wife Annette on April 23, 1991 in Los

Angeles

He was born October 26, 1950

Middle name Frank

Father’s full name Herbert James Thorne

Lives in Calabasas, CA

Brother was George Thorne MIA 12/13/1968

WHY IS THIS IMPORTANT?

• What high school did you go to? Gen. H. H. Arnold

• What is your high school mascot? Warriors

• What is your wife’s maiden name? Palmer

• What is your anniversary date? April 23, 1991

• What is your father’s middle name? James

• What is your mother’s maiden name? Wallace

• What is your sign? Libra

• What is the name of your favorite pet? Whiskers

• When is your birthday? October 26, 1950

RESULT

Next steps: • Request password for another account linked to this one.

• Look for previous emails containing passwords

• Escalate my privileges on up the chain and eventually gain access to ACME’s network through SiNAPTS

I’M IN…

HEY! I’M A CFO

I’M INSIDE, NOW

WHAT?

4 THINGS TO THINK

ABOUT

1) Same tricks, new technology

2) More sophisticated

techniques and attacks

3) Social Networking

4) Social Engineering

Automated

BRAINS HAVE

BACKDOORS?

• Proxemics

• Kinesics

• Neuro Linguistic

Programming

• Social

Psychology

PROXEMICS

The study of the cultural,

behavioral, and sociological

aspects of spatial distances

between individuals

KINESICS

Reading body language

Facial Expressions

Observing involuntary facial movements

These can be mix and matched to form various physical manifestations of known emotions

• Posture

• Mannerisms

• Vocal Pitch

• Foot Position

• Shifting Weight

• Eye Movements

• Skin Temp.

• Clenching Fists

• Eyebrow Position

NEURO LINGUISTIC

PROGRAMING

Often used in hypnosis and stage hypnosis

Takes advantage of typical programmed responses

Can be used to temporarily influence people

Can be used to overwrite thoughts/feelings

Is prominent in commercials, marketing etc…

PUT IT ALL TOGETHER

TO HACK A HUMAN

Gather Intelligence nmap –sV –T4 –O –F –v HUMAN

Becoming Likeable and Friendly adduser yourUID theirGID

Ask/Tell Them To Do Something use exploit/windows/smb/ms08_067_netapi

Assuming Everything Worked $>whoami root

PSYCHOLOGICAL

BACKDOOR #1

PSYCHOLOGICAL

BACKDOOR #2

WHAT WORKED FOR

FRANK

• Conveyed

Authority

• Did his

research

• Acted and

looked the part

IT HAPPENS ALL THE TIME

PSYCHOLOGICAL

BACKDOOR #3

PSYCHOLOGICAL BACKDOOR #3

HOW TO HELP PREVENT

SOCIAL ENGINEERING

• Internal Audits

• Staff Training

• SiNAPTS

• Policies

• External Audits

• Be Aware

• Roleplaying

SOME TAKEAWAYS

• A system is only as secure as the

people who run them

• People genuinely want to help

• People want to be liked

• The old tricks still work, but can be

enhanced

• Works in any social situation

• Scratching the surface

RECOMMENDED

READING

The Art of Deception: Controlling the Human Element of Security

The Art of Intrusion: The Real Stories Behind the Exploits of

Hackers, Intruders and Deceivers

Social Engineering: The Art of Human Hacking

Liars and Outliers

http://en.wikipedia.org/wiki/Proxemics

http://en.wikipedia.org/wiki/Cold_Reading

http://en.wikipedia.org/wiki/Metacommunicative_Competence

http://www.paulekman.com

Q&A

Matt Mosley Sr. Information Security Consultant

Office: 949.340.6932 | Mobile: 661.317.9765

Email: mmosley@tevora.com

Web: www.tevora.com | www.massivelabs.com

https://www.linkedin.com/in/mattmosley1/

THANK YOU!