Low Tech Hacking PDF
Document Details
Uploaded by PeacefulHeliotrope2422
2012
Jack Wiles, Dr. Terry Gudaitis, Jennifer Jabbusch, Russ Rogers, Sean Lowther, Neil Wyler
Tags
Summary
This book is about low-tech hacking techniques and how to prevent them. It covers social engineering methods, physical security vulnerabilities, and more. The book is aimed at security professionals and contains some real-world scenarios.
Full Transcript
Low Tech Hacking Street Smarts for Security Professionals Jack Wiles Dr. Terry Gudaitis Jennifer Jabbusch Russ Rogers...
Low Tech Hacking Street Smarts for Security Professionals Jack Wiles Dr. Terry Gudaitis Jennifer Jabbusch Russ Rogers Sean Lowther Neil Wyler, Technical Editor AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Syngress is an imprint of Elsevier Acquiring Editor: Chris Katsaropoulos Development Editor: Mstt Cater Project Manager: Paul Gottehrer Designer: Russell Purdy Syngress is an imprint of Elsevier 225 Wyman Street, Waltham, MA 02451, USA # 2012 Elsevier, Inc. All rights reserved. No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or any information storage and retrieval system, without permission in writing from the publisher. Details on how to seek permission, further information about the Publisher’s permissions policies and our arrangements with organizations such as the Copyright Clearance Center and the Copyright Licensing Agency, can be found at our website: www.elsevier.com/permissions. This book and the individual contributions contained in it are protected under copyright by the Publisher (other than as may be noted herein). Notices Knowledge and best practice in this field are constantly changing. As new research and experience broaden our understanding, changes in research methods or professional practices, may become necessary. Practitioners and researchers must always rely on their own experience and knowledge in evaluating and using any information or methods described herein. In using such information or methods they should be mindful of their own safety and the safety of others, including parties for whom they have a professional responsibility. To the fullest extent of the law, neither the Publisher nor the authors, contributors, or editors, assume any liability for any injury and/or damage to persons or property as a matter of products liability, negligence or otherwise, or from any use or operation of any methods, products, instructions, or ideas contained in the material herein. Library of Congress Cataloging-in-Publication Data Application submitted British Library Cataloguing-in-Publication Data A catalogue record for this book is available from the British Library. ISBN: 978-1-59749-665-0 For information on all Syngress publications visit our website at www.syngress.com Printed in the United States of America 12 13 14 15 16 10 9 8 7 6 5 4 3 2 1 For information on all Syngress publications visit our website at www.syngress.com Contents Acknowledgments.................................................................................................. ix Foreword................................................................................................................. xi About the Authors............................................................................................... xiii Introduction............................................................................................................ xv CHAPTER 1 Social engineering: The ultimate low tech hacking threat...... 1 How easy is it?............................................................................ 2 The mind of a social engineer..................................................... 3 The mind of a victim................................................................... 3 Tools of the social engineering trade.......................................... 4 One of my favorite tools of the trade......................................... 5 Social engineering would never work against our company...... 7 What was I able to social engineer out of Mary?....................... 8 The final sting—two weeks later—afternoon............................. 8 Why did this scam work?............................................................ 9 Let’s look at a few more social engineering tools................... 10 Keystroke logger—Is there one under your desk?............... 13 One of my lunchtime tools.................................................... 16 Let’s look at that telephone butt-in set on my tool belt........... 18 Meet Mr. Phil Drake.................................................................. 19 Meet Mr. Paul Henry................................................................. 22 Traditional AV, IDS, and IPS considerations....................... 25 Traditional firewall consideration......................................... 25 Flaw remediation................................................................... 26 Do you have a guest user of your credit card?......................... 26 A few possible countermeasures............................................... 27 Always be slightly suspicious............................................... 28 Start to study the art of social engineering........................... 28 Start a social engineering book library................................. 28 Summary.................................................................................... 29 CHAPTER 2 Low tech vulnerabilities: Physical security......................... 31 A mini risk assessment.............................................................. 32 What did I have at risk?........................................................ 32 What were some possible threats while out on the lake?.... 33 What were some of the possible vulnerabilities?................. 33 And finally, what about my countermeasures?..................... 34 iii iv Contents Outsider—Insider threats........................................................... 34 Some things to consider for the security of your buildings?... 35 Check all locks for proper operation.................................... 35 Use employee badges............................................................ 36 Shredder technology keeps changing as well....................... 36 Keep an eye on corporate or agency phone books............... 37 Unsecured areas are targets for tailgating............................. 38 Special training for off-shift staff......................................... 39 Bomb threats in Chicago........................................................... 40 Check those phone closets......................................................... 42 Remove a few door signs.......................................................... 42 Review video security logs....................................................... 43 Consider adding motion-sensing lights..................................... 43 Subterranean vulnerabilities...................................................... 44 Clean out your elephant burial ground..................................... 46 Spot check those drop ceilings.................................................. 47 Internal auditors are your friends.............................................. 47 BONUS: Home security tips..................................................... 48 Summary.................................................................................... 49 CHAPTER 3 More about locks and ways to low tech hack them.............. 51 A little more about locks and lock picking.............................. 52 What kinds of locks are the most popular?.......................... 54 Purchasing better quality locks will be cost effective.......... 57 Be aware of lock vulnerabilities........................................... 58 Forced entry—and other ways to cheat!................................... 60 A time-tested low tech method of forced entry.................... 61 Let’s break into a semi–high security room............................. 63 Retracting the bolt to open the door..................................... 64 Gaining access to the lock itself........................................... 66 Keys and key control................................................................. 70 Social engineering and key access........................................ 70 Who has the keys to your kingdom...................................... 70 Special key control awareness training................................. 71 Bait and switch war story that could happen to you................ 71 Padlock shims are not a new threat...................................... 73 Some places to go to learn and have some fun........................ 74 My 110-year-old puzzle........................................................ 75 More about keys and how to make one if you don’t have one........................................................................... 76 Five pounds of my favorite keys........................................... 77 Ways to make a key if you didn’t bring a key machine.......... 79 Contents v One final lock to talk about and then we’re done.................... 81 Rim cylinder locks vs. mortise cylinder locks...................... 83 Summary.................................................................................... 85 CHAPTER 4 Low tech wireless hacking................................................. 87 Wireless 101: The electromagnetic spectrum........................... 87 Why securing wireless is hard.............................................. 90 802.11 and Bluetooth low tech hacks....................................... 91 DoS and availability.................................................................. 91 Layer 1 DoS attacks.............................................................. 91 Layer 2 DoS attacks............................................................ 104 Backdoors and cracks.............................................................. 112 Crack attack......................................................................... 112 Tap, tap. Mirror, mirror... on the wallplate....................... 115 Guesssst who got in............................................................. 116 Peer-to-peer-to-hack............................................................ 117 Ad hoc, ad finem................................................................. 119 Going rogue............................................................................. 120 Marveling at the gambit of rogues...................................... 121 New SSID on the street....................................................... 122 It’s a bird... it’s a plane... it’s a ROGUE?....................... 124 Bridge bereavement............................................................. 125 Assault by defaults.................................................................. 126 Open sesame........................................................................ 127 Default WPA keys............................................................... 127 More Google hacking.......................................................... 129 Bypassing specific security tools............................................ 130 Going static.......................................................................... 131 Counterfeit MACs............................................................... 132 MAC switcharoo.................................................................. 133 Free Wi-Fi............................................... 134 Summary.................................................................................. 134 CHAPTER 5 Low tech targeting and surveillance: How much could they find out about you?................................................... 137 Initial identification................................................................. 139 Property records, employment, and neighborhood routes...... 142 Disclosure on social networks and social media.................... 144 Financials, investments, and purchase habits......................... 146 Frequented locations and travel patterns................................. 149 Third party disclosures............................................................ 152 Use of signatures..................................................................... 154 vi Contents Automated surveillance........................................................... 155 Target interaction..................................................................... 156 Scanners and miniatures.......................................................... 158 Summary and recommendations............................................. 159 Recommendations................................................................ 160 CHAPTER 6 Low tech hacking for the penetration tester...................... 163 The human condition............................................................... 164 Selective attention............................................................... 164 Magic is distraction............................................................. 165 Building trust and influencing behavior............................. 166 Technology matters................................................................. 166 USB thumb drives............................................................... 166 CDs and DVDs.................................................................... 168 Staging the effort..................................................................... 169 Target organization.............................................................. 169 Getting things in order............................................................. 170 Deciding on location........................................................... 171 Choosing the strategy.......................................................... 171 Choosing the technology..................................................... 172 A useful case study.................................................................. 174 Approaching hotel staff....................................................... 175 Approaching conference staff............................................. 176 Conclusion........................................................................... 176 Summary.................................................................................. 177 CHAPTER 7 Low tech hacking and the law: Where can you go for help? 179 Meet Mr. Tony Marino............................................................ 180 Low tech hacking interview with Tony Marino, U.S. Secret Service (retired)................................................ 180 Meet Special Agent (SA) Gregory K. Baker, FBI.................. 187 Low tech hacking interview with Special Agent (SA) Gregory K. Baker, FBI........................................................ 187 Summary.................................................................................. 191 CHAPTER 8 Information security awareness training: Your most valuable countermeasure to employee risk....................... 193 An introduction to information security awareness................ 194 The people and personalities of information security awareness............................................................................. 194 Contents vii Data theft and employee awareness.................................... 196 Designing an effective information security awareness program.................................................................................... 198 Repetition is the aide to memory........................................ 199 Touch points........................................................................ 199 To team or not to team, that is the question....................... 200 Creating a business plan for your Information Security Awareness Program............................................................. 201 The presentation.................................................................. 202 Components of an awareness program............................... 204 Next steps............................................................................. 205 The Classification of Data Matrix....................................... 205 Manager’s Quick Reference Guide..................................... 206 Finding materials for your program.................................... 207 The importance of a good editor......................................... 207 Implementing an information security awareness program... 207 Who writes the awareness standard?.................................. 209 Finding win-win solutions................................................... 210 Building a perpetual awareness program............................ 210 Who should take the training?............................................ 211 Getting the program off the ground.................................... 211 Making information security accessible............................. 212 A lesson learned.................................................................. 212 The dollars and cents of your program............................... 213 Above and beyond............................................................... 214 Making security part of the company mind-set...................... 216 The importance of communication with other lines-of-businesses............................................................... 216 Let’s talk more about alliances........................................... 217 Keeping your program viable.............................................. 220 Other resources.................................................................... 220 Measuring your program’s success......................................... 221 Identifying key components and cumulative results.......... 222 Summary.................................................................................. 223 Index............................................................................................................ 227 Acknowledgments It’s difficult to write an acknowledgments page for fear of forgetting to thank someone who has been so important in my life. Having spent many decades work- ing and learning in the fields of both physical and technical security, I have been honored to become friends with many of the top professionals in the world who live and work in both areas of expertise. I always like to start my acknowledgments by letting the world know that I can do nothing without the help of my Lord and Savior, Jesus Christ. I dedicate this book to Him, my wonderful wife Valerie and my son Tyler as he prepares to finish his college career and move on into the business world. My partner Don Withers is like a brother to me in every way. For 12 years now, we have been fortunate to pro- duce our Techno Security, Techno Forensics, and our new Mobile Forensics con- ferences, which have had attendees from over 48 countries. I want to especially thank all of the other authors and interviewed experts of this book. I know them all well and I know that you will enjoy getting to know them through their impres- sive chapters. These are some of the most respected and talented security minds in the world and I am honored to have them share this incredible experience with me. I’d also like to thank my good friend Matt Cater, Syngress/Elsevier Editorial Project Manager for his frequent editing help and for being so patient as we worked our way through getting my fourth Syngress/Elsevier book ready to be published. I would not have started on this 6 month-plus project without Matt as my Project Manager. My Contributing Authors: Dr. Terry Gudaitis Jennifer (Jabbusch) Minella Russ Rogers Sean Lowther My Expert Interviewees: Phil Drake Paul Henry Special Agent Gregory K. Baker, FBI, InfraGard Special Agent (Retired) Tony Marino, U.S. Secret Service, Electronic Crimes Task Force I’m going to do my best to include the names of as many of my close friends as I can in this book. I haven’t done that with past books, and I wish that I had. Please forgive me if I forget someone. If I do, I’ll try to find a way to make it up to you, I promise. My thanks go out to: Dr. Greg Miles, Rabbi Sam Nadler (one of the most incredible people that I have ever met), Miriam Nadler, Josef ben Yisrael , Forrest (Pete) Jones, Loretta Jones, Heather Jones, Hilary Jones, Joan Withers, Susan Ballou, Joy Foster, Dean Smith, ix x Acknowledgments Angela Ellis, Sarah Bell, Thelma Allen, Jack Lewis, John Large, Tony Marino, SSA Jim Ramacone, SSA Gregory Baker, Neal Dolan, Laura Hamilton, Chet Hosmer, Kelly Ivey Skinner, Amanda Gulini, Steve Pearson, Amanda Pearson, Tom Eskridge, Sharon Topper, Bob Friel, SAC David Thomas, SA Robbie O’Brien, Christina Fisher, Gary Gardner, SA Doris Gardner, John Sheehan, Jon Gregory, Dan Mares, Sarah Palmer, Norm Burtness, Mark Withers, Dennis Partyka, Jennifer Withers, Majid Hassan, Marjie Britz, Jim Windle, Paul Crowley, Gert Crowley, Derrick Donnelly, Dennis Dowdy, Tracy DeBenedictis, Crystal Edge, Keith Lockhart, Natasha Lockhart, Eric Loermans, Rick Mislan, Eric Thompson, Erika Lee, Erin Uda, Tim Leehealey, Joe Mykytyn, Inno Eroraha, Patrick Murphy, Sharon Coddington, Patty Grogis, Rebecca Waters, Bridget Baldwin, Shauna Gray Waters, Greg Dominguez, Jim Raubach, Laurie Ann O’Leary, Robert O’Leary, SA Robbie O’Brien, Amanda Simmons, SA Earl Burns, Wanda Busbee, Casey Rackley, Richard Rackley, Cathy Drake All my best, —Low Tech Jack Foreword Come on, what did we really think was going to happen? For well over a decade as network defenders we have relied upon the same failed defenses; Signature-based AV, IDP/IPS along with Port Centric Firewalls. We have placed all of our emphasis on “Holy Grail” security products at the network gate- way to the public Internet and we have completely disregarded our endpoints. Fur- ther, we have neglected two of the most fundamental requirements of network security that historically have always proven to reduce the threat envelope— server hardening and flaw remediation. Lastly, over time we have developed an acceptance of meeting technical security challenges with our written policies with- out any technical enforcement. Our adversaries have been paying careful attention, regularly adjusting their attack methodologies to easily take full advantage. Today we find ourselves in a position where our outdated defenses regularly fall prey to the simplest “Low Tech” hacking techniques. It seems that every headline-grabbing intrusion we hear of today first proclaims that it was the result of some new advanced hacking tech- nique but more often than not, it is later revealed that the root cause of the breach was embarrassingly simple: Google—spear phishing email provided initial entry RSA—spear phishing email provided initial entry Sony—social engineering facilitated initial website attacks HBGary—a 16 year old girl’s social engineering skills provided initial entry Stuxnet—malware laden USB sticks handed out for free at a conference provided the initial entry Epsilon—spear phishing emails provided initial entry After nearly every breach we hear the same old excuses: We were compliant with all regulatory requirements and therefore not responsible We are doing the very same things to protect our information that everyone else is doing and therefore not responsible Users did not follow written policy and therefore we are not responsible Another “trap” we seem to have fallen into: Today we regularly neglect doing our own due diligence and instead choose to pay advisory services to guide us in making the decision on which vendors security products/methodologies we should be using to secure our environments. While at the same time “they” are charging those vendors advisory fees to craft marketing messages that will allow the vendor to gain a greater market share from the advisory services clients. The guidance we seek is actually contained within the various Internet Crime Reports that are freely available on the Internet. They annually report on security incidents and just as xi xii Foreword importantly on what those organizations were using for defense at the time of the incident. Reading the reports from that perspective can be eye opening: If the vast majority of the reports, survey respondents were using Anti-Virus yet the majority still reported issues with malware. Perhaps it is time to reconsider dependence on traditional Anti-Virus products. If the vast majority of the reports, survey respondents were using Firewalls yet reported issues with network intrusions. Perhaps it is time to reconsider depen- dence on traditional Firewall products. If the vast majority of the reports, survey respondents were using strong pass- word policies yet reported issues with unauthorized access. Perhaps it is time to reconsider dependence on traditional authentication efforts. I would advise anyone reading this book to use it as a wakeup call to his or her management. These are not theoretical attack methodologies, they are practical attacks occurring regularly today that have been enabled due to a decade of neglect of our defenses. Every attack noted in this book can be effectively countered with the proper application of user-awareness training, policy, and technical safeguards. Paul A. Henry vNet Security LLC About the Authors Jack Wiles is a security professional with over 40 years of experience in security- related fields. This includes computer security, disaster recovery, and physical security. He is a professional speaker and has trained federal agents, corporate attorneys, and internal auditors on a number of computer crime-related topics. He is a pioneer in presenting on a number of subjects which are now being labeled “Homeland Security” topics. Well over 10,000 people have attended one or more of his presentations since 1988. Jack is also a co-founder and President of TheTrai- ningCo., and is in frequent contact with members of many state and local law enforcement agencies as well as Special Agents with the U.S. Secret Service, FBI, IRS-CID, U.S. Customs, Department of Justice, The Department of Defense, and numerous members of high-tech crime units. He was also appointed as the first President of the North Carolina InfraGard chapter which is now one of the largest chap- ters in the Country. He is also a founding member of the U.S. Secret Service South Carolina Electronic Crimes Task Force. Jack is also a Vietnam veteran who served with the 101st Airborne Division in Vietnam in 1967 to 1968 where he was awarded two Bronze Stars for his actions in combat. He recently retired from the U.S. Army Reserves as a lieutenant colonel and was assigned directly to the Pentagon for the final 7 years of his career. In his spare time, he is a HAM Radio operator, an NRA Certified Instructor, and enjoys monitoring radiation as his most unique hobby. Jack wrote Chapters 1, 2, 3 and 7. Terry Gudaitis, Ph.D., is the Cyber Intelligence Director at Cyveillance. Terry gained a foundation for her expertise as an operations officer and behavioral pro- filer at the CIA’s Counter Terrorist Center. At the CIA, she was responsible for developing terrorist profiles, assessments of informants, and managing targeting teams. In addition to her corporate-related work, Terry has served on the United States Secret Service Advisory Board for Insider Threats, regularly presents at national and international conferences, and has authored publications in numerous security-related journals and books. Terry wrote Chapter 5. Jennifer Jabbusch, CISSP, CISO, HP MASE, JNCIA-AC, is a network security engineer and consultant with Carolina Advanced Digital, Inc. Jennifer has more than 15 years of experience working in various areas of the technology industry. Most recently, she has focused in the specialized areas of infrastructure security, including Network Access Control, 802.1X, and Wireless Security technologies. Ms. Jabbusch has consulted for a variety of government agencies, educational institutions, and Fortune 100 and 500 corporations and has spoken at a variety of conferences including, DeepSec, SecTor, Techno Security, RSAÒ, InfoSec World, CSI, and many others. In addition to her regular duties, she participates in a variety of courseware and exam writings and reviews, including acting as subject matter xiii xiv About the Authors expert on the Access Control, Business Continuity, and Telecommunications domains, and lead subject matter expert in the Cryptography domain of the official (ISC)2Ò CISSPÒ courseware (v9). You can find more security topics and musings on her security blog at http:// SecurityUncorked.com. Jennifer wrote Chapter 4 and the Introduction. Russ Rogers, CISSP, CISM, IAM, IEM, Hon. Sc.D., is the author of the popu- lar Hacking a Terror Network: The Silent Threat of Covert Channels (Syngress, ISBN: 978-1-928994-98-5), co-author of multiple books, including the best-selling Stealing the Network: How to Own a Continent (Syngress, ISBN 978-1-931836- 05-0) and Network Security Evaluation Using the NSA IEM (Syngress, ISBN: 978-1-59749-035-1), and former editor-in-chief of The Security Journal. He is cur- rently a penetration tester for a federal agency and the co-founder and chief exec- utive officer of Peak Security, Inc., a veteran-owned small business based in Colorado Springs, CO. Russ has been involved in information technology since 1980 and has spent the past 20 years working as both an IT and InfoSec consultant. Russ has worked with the U.S. Air Force (USAF), National Security Agency (NSA), Defense Information Systems Agency (DISA), and other federal agencies. He is a globally renowned security expert, speaker and author who has presented at conferences around the world in Amsterdam, Tokyo, Singapore, São Paulo, Abu Dhabi, and cities all over the United States. Russ has an honorary doctorate of science in information technology from the University of Advancing Technology, a master’s degree in computer systems man- agement from the University of Maryland, a bachelor of science degree in com- puter information systems from the University of Maryland, and an associate’s degree in applied communications technology from the Community College of the Air Force. Russ is currently pursuing a bachelor of science degree in electrical engineering from the University of Colorado at Colorado Springs. He is a member of ISSA and (ISC)2Ò (CISSP). Russ also teaches at and fills the role of professor of network security for the University of Advancing Technology (www.uat.edu). Russ wrote Chapter 6. Sean Lowther is the President and Founder of Stealth Awareness, Inc. (www. stealthawareness.com). Sean is an independent consultant who brings years of experience designing and implementing information security awareness programs at the highest level. He founded Stealth Awareness, Inc. in 2007. Sean worked at Bank of America for over 7 years, managing the enterprise information security awareness program. The program received the highest rating from its regulators and was consistently rated “world class” by industry peer groups. Sean has worked with BITS, the Financial Services Roundtable Task Force on Privacy, prior to the enactment of the Gramm-Leach-Bliley Act. He produced the video “It’s Not If, But When” for the Financial Services Sector Coordinating Council in partnership with the U.S. Treasury Department with the goal to improve critical Infrastructure protection and Homeland Security. Sean wrote Chapter 8. Introduction INFORMATION IN THIS CHAPTER: Book Overview and Key Learning Points Book Audience How this Book is Organized BOOK OVERVIEW AND KEY LEARNING POINTS This book arms any reader with the knowledge of how security measures can often be bypassed in situations ranging from physical security to networked enterprise sys- tems—all with minimal technology savvy on the part of the offender. And, although seven of the eight chapters here detail security evasion methods, the true value of the book is realized in the countermeasures provided for each of the attack scenarios detailed. In a world of content that capitalizes on vulnerability, risk, and fear, this book cuts through the smoke and mirrors of complicated and improbable hi-tech hacks and gets to the heart of the most vulnerable and most-often exploited components of security—human nature, physical containment, and the Internet. The chapters of this book provide a unique dive into low tech hacking techniques and ways to protect yourself, your business, and your family from them. Although each chapter stands on its own, in combination, the authors have provided an invalu- able resource and a holistic approach to increasing security at your home and your office, for critical data, and against rogue Internet records. BOOK AUDIENCE The information in this book will prove to be a valuable resource for all types of readers, including individuals, heads of households, small business owners, and even CISOs and directors of international enterprises. There’s a little something for every- one in Low Tech Hacking, and even the most seasoned security professionals will find new nuggets of data and invaluable resources. Security professionals will gain insight into areas of physical security and social engineering not previously explored in other books. These readers will benefit from detailed examples of security bypass techniques in the opening chapters and pene- tration testing coverage, from the more technical wireless discussions, as well as the recommendations for security awareness training from a seasoned professional. The more paranoid infosec professionals will enjoy the tips for finding and removing xv xvi Introduction personal data online. All security-minded readers will appreciate the introduction Jack provides to two agents from the U.S. Secret Service and F.B.I., and the insight they offer in the interview sections. Individuals, business owners, and those responsible for managing security of themselves, their families, and their businesses will benefit from this insight into the world of low tech hacks, physical intrusion and social engineering, and the mea- sures that can be taken to prevent becoming a victim of such attacks. From under- standing which padlocks to use for your kids’ lockers, how to shop for secure home locks, to recognizing a false phone technician, the breadth and depth of attacks and countermeasures is enlightening for all audiences. HOW THIS BOOK IS ORGANIZED This book is comprised of eight chapters, each addressing a different facet of low tech hacking techniques and the countermeasures that accompany them. The chapters are written and assembled in a way that allows the reader to attain value from reading the book as a whole, or from reading individual chapters in any chosen order. There is a logical progression, starting with the opening chapter on Social Engineering: The Ultimate Low Tech Hacking Threat, followed by Low Tech Vulnerabilities: Physical Security, and More About Locks and Ways to Low Tech Hack Them in Chapters 2 and 3. Chapters 4 and beyond open into broader topics of low tech hacking, with subject areas that integrate well to give readers a multi- part approach to deal with low tech hacks and hackers. Chapter 1: Social engineering: The ultimate low tech hacking threat Jack Wiles presents various social engineering topics, from understanding the minds of hackers and victims to methods for protecting personal, household and business information from theft and destruction. Jack shares several examples of true stories to help the reader understand how social engineering attacks happen in homes and businesses, and how to prevent them. In this chapter, for the first time, Jack reveals the contents of his red team brief- case, never before shared with the public. In all the years of leading a red team to conduct physical penetration tests into corporations and federal facilities, Jack’s team went undetected, a perfect record. The first three chapters of this book offer great insight from Jack’s personal experience as to how they pulled it off. The first three chapters, as well as Chapter 7 are authored by Jack Wiles, re- nowned physical security specialist, professional speaker, inside penetration team leader, author and lead author of Low Tech Hacking. Introduction xvii Chapter 2: Low tech vulnerabilities: Physical security Jack delves into the realm of physical security and provides actionable recommen- dations for increasing security at home, office, and everywhere in between. In this chapter, you’ll find a breadth of advice including signage and lighting recommenda- tions, paper record and electronic drive destruction considerations, securing subter- ranean entries, identifying drop ceiling vulnerabilities, reviewing security tapes and logs, and even a discussion about being extra mindful of lunch-time discussions. Chapter 3: More about locks and ways to low tech hack them As an extension of physical security, locks and lock picking have become their own topic within security. Chapter 3 will prove to be a unique view into bypassing locks. Offering more fresh content in this chapter, Jack divulges, for the first time ever, a variety of ways to bypass or disable locks without picking them. Details on creating keys and key copies with, and without, a key machine are addressed, as well as in- sight into proper key control. Drawing from his years of experience as a bonded locksmith, Jack shares some startling truths about locks and lock mechanisms that everyone should be aware of. Chapter 4: Low tech wireless hacking Bringing a slightly more technical approach to low tech hacking, this chapter pre- sents the reader with a variety of attacks and countermeasures for wireless technol- ogies in the home and office. Here, Jennifer (Jabbusch) Minella offers more than 30 unique attacks, organized in five primary categories; denial of service and avail- ability, backdoors and cracks, rogue exploits, default vulnerabilities, and attacks on specific security tools. Wireless ploys bestowed range from disrupting muni- cipal Wi-Fi with an antenna attack to bypassing access control systems with simple spoofing attacks. Chapter 5: Low tech targeting and surveillance: How much could they find out about you? This chapter, authored by Terry Gudaitis, Ph.D., a former operations officer and be- havioral profiler at the CIA, is a frightening look at the world of targeting and sur- veillance from a true professional. The information provided, the true stories shared, and the references to resources readily available online are enough to send any se- curity professional or layman running for the no-tech hills. Have you ever wanted to find a deleted tweet, or gather information on an impending corporate merger? If so, this chapter is for you. Even the most tech-savvy readers will find some of Terry’s material here poignant. xviii Introduction Chapter 6: Low tech hacking for the penetration tester Russ Rogers takes several of the low tech hacking components from the other chap- ters in this book and combines them to orchestrate an assortment of blended-threat attacks. This chapter guides the reader through the nuances of human nature and how to use traits such as selective attention to aide in distraction techniques, and how low tech hackers capitalize on the six basic tendencies of human behavior. In his scenar- ios, Russ hashes through all the considerations of a planned attack; selecting a target, designating an attack location, factoring corporate culture of the target, and picking the right technology and tools to increase the attack effectiveness. The culmination of this chapter gives the reader an insider’s view of a real attack on a company, executed during a corporate event in Las Vegas. Chapter 7: Low tech hacking and the law: Where can you go for help? As we near the end of the book, Jack brings the readers a little closer to the world of security and incident response by introducing two agents, one from the United States Secret Service (USSS) and one from the Federal Bureau of Investigation (FBI). The interview-style format gives the reader a unique insight into the thoughts and person- alities of the people most able to help in the event of an incident that spans jurisdic- tions, states, or even countries. In this chapter Jack also incites the readers to investigate public-private collaborative organizations such as the USSS ECTF and the FBI InfraGard. Chapter 8: Information security awareness training: Your most valuable countermeasure to employee risk Sean Lowther describes ways to incorporate Security Awareness Training as one of your least expensive and most effective security countermeasures. Jack met Sean about 5 years ago at a security conference and immediately recognized Sean as a world-class leader in the development of security awareness programs for organiza- tions of all sizes. Sean is well known for designing a remarkably effective enterprise- wide awareness program at Bank of America. His program received the highest rat- ing from the bank’s regulators, and was consistently rated world class by industry peer groups. Sean firmly believes the success of a security plan is achieved by in- volving each and every employee. This chapter outlines the processes, procedures, and materials needed to build and measure a successful awareness program, as well as tips and tricks to keep employees engaged and make security part of the company mindset. Introduction xix CONCLUSION Authoring a book with contributions and content from five people is an interesting undertaking, to say the least. The end result is certainly worth the added effort, and the greatest benefit of involving professionals with such disparate backgrounds is the resulting depth and breadth of insight. This book truly has a little bit of something for everyone. Regardless of how much, or how little, experience each reader has in in- formation security, physical security and hacking techniques, resources like Low Tech Hacking serve to reinforce common practices and introduce new nuggets of ideas, tools, and concepts that help us all continue learning and growing. You can find out more about our authors and the book itself on http://www. LowTechHacking.com as well as by joining our LowTechHacking LinkedIn Group on www.LinkedIn.com. Stay safe out there! —Jennifer (Jabbusch) Minella, CISSP CISO, Infrastructure Security Specialist Carolina Advanced Digital, Inc.
