Who says there is no point in reading the classics?
North Korean hackers adapted the Trojan Horse to hack Chile's entire ATM network. An unsuspecting employee at a company that connects the ATM infrastructure for all of Chile's banks was tempted with a job offer on social media. This resulted in malware being installed that gave the hackers access to the ATM network, and a way into every bank in the country.
The Iliad describes how the Greeks were unable to break into the city of Troy because of its strong defenses. So instead they used subterfuge and placed a large, beautiful wooden horse (with Greek soldiers inside) outside the city gates. And sure enough the Trojans wheel the horse into their city where the Greeks soldiers let the rest of their army into the city. And that was the end of Troy.
Socially engineered attacks
Social engineering is all about the masquerade. Hackers pose as legitimate companies or individuals which, in the case of targeted attacks, the victim knows personally. These attacks are personalized and target specific victims, rather than being carried out en-masse in the hope that one in a thousand recipients takes the bait.
Keep it brief
Cybercriminals routinely trawl through social networks to identify high-potential targets before learning more about them through their public profiles. The more people post about themselves on social media, the more vulnerable they become. Hackers (phishers) develop extensive profiles of their target victims, just like salespeople will create detailed profiles of their best customers.
Hackers use this information to build trust with potential victims. After all, it’s far easier to dupe someone with an attack that demonstrates personal knowledge of the target. Hackers contact potential victims making it clear that they’re familiar with their background, job roles and interests. Armed with a raft of detailed information gathered from social media profiles, scammers are much better positioned to masquerade as trusted individuals, such as employers or colleagues.
Companies routinely use LinkedIn to find employees. Attackers use the guise of an honest operator to approach their victims with a job offer. Beware of the Trojan Horse!
(Material adapted with permission from blog by Safeguard Cyber)
City of Charlottesville case study (courtesy Safeguard Cyber)
Challenge: After the Unite the Right events (August 12, 2017), nation-states and hacker groups used the city of Charlottesville as part of a disinformation campaign to create more divisiveness in American society. This was done by by "friending" city employees on social media. This made it possible for the hacker groups to post to their own timelines, narratives, and social engineer these employees, impacting their own personal security.
This was a reputation crisis for the city because it impacted its tourism, real estate value, and ultimately the tax base. The city of Charlottesville determined that they needed to protect their reputation and the security of their civil servants. Charlottesville needed a means to find the malicious, fake, and impersonated accounts that were connecting to the city-owned accounts, and were posting on Charlottesville digital presences to create disinformation.
Solution: The City deployed the SafeGuard Cyber platform to change the risk profile of the city by finding fake accounts, disinformation, and bots, and then taking them down. By protecting the accounts of civil servants, we were able to protect the city's employees' social profiles from being taken over and/or used for further disinformation.
Keep a low social media profile. Watch out for any offers that seem too good to be true or overly familiar from a stranger - especially if they involve downloading an attachment.
DemLabs is organizing a (free) cyber-security roundtable on March 13th in DC to discuss social media based attacks and defense strategies against them. Details here.
Democracy Labs is a hub for ongoing technology and creative innovation that serves progressive groups at the national, state, and local levels. Donate here to support our work.