social engineering€¦ · social engineering - recon digital •search engines •email harvesting...
TRANSCRIPT
![Page 1: Social Engineering€¦ · Social Engineering - Recon Digital •Search Engines •Email Harvesting •DNS Records •Social Medial •Metadata •Public Records Physical •Physical](https://reader035.vdocuments.mx/reader035/viewer/2022071102/5fdba023c36b0c2af5295c8f/html5/thumbnails/1.jpg)
Social Engineering Techniques, Methods, Tools & Mitigation
Panagiotis Gkatziroulis, Security Consultant
![Page 2: Social Engineering€¦ · Social Engineering - Recon Digital •Search Engines •Email Harvesting •DNS Records •Social Medial •Metadata •Public Records Physical •Physical](https://reader035.vdocuments.mx/reader035/viewer/2022071102/5fdba023c36b0c2af5295c8f/html5/thumbnails/2.jpg)
Agenda
• Social Engineering Methodology
• Attacks & Techniques
• Demos
• Tools of the trade
• Prevention Methods and Advice
![Page 3: Social Engineering€¦ · Social Engineering - Recon Digital •Search Engines •Email Harvesting •DNS Records •Social Medial •Metadata •Public Records Physical •Physical](https://reader035.vdocuments.mx/reader035/viewer/2022071102/5fdba023c36b0c2af5295c8f/html5/thumbnails/3.jpg)
What is Social Engineering?
![Page 4: Social Engineering€¦ · Social Engineering - Recon Digital •Search Engines •Email Harvesting •DNS Records •Social Medial •Metadata •Public Records Physical •Physical](https://reader035.vdocuments.mx/reader035/viewer/2022071102/5fdba023c36b0c2af5295c8f/html5/thumbnails/4.jpg)
Invest in Products…
![Page 5: Social Engineering€¦ · Social Engineering - Recon Digital •Search Engines •Email Harvesting •DNS Records •Social Medial •Metadata •Public Records Physical •Physical](https://reader035.vdocuments.mx/reader035/viewer/2022071102/5fdba023c36b0c2af5295c8f/html5/thumbnails/5.jpg)
Is Our Security Focus Wrong?
![Page 6: Social Engineering€¦ · Social Engineering - Recon Digital •Search Engines •Email Harvesting •DNS Records •Social Medial •Metadata •Public Records Physical •Physical](https://reader035.vdocuments.mx/reader035/viewer/2022071102/5fdba023c36b0c2af5295c8f/html5/thumbnails/6.jpg)
Why Security Fail???
![Page 7: Social Engineering€¦ · Social Engineering - Recon Digital •Search Engines •Email Harvesting •DNS Records •Social Medial •Metadata •Public Records Physical •Physical](https://reader035.vdocuments.mx/reader035/viewer/2022071102/5fdba023c36b0c2af5295c8f/html5/thumbnails/7.jpg)
Who Are The Threat Actors?
• Aggrieved ex-employees
• Internal Employees
• Activists
• Corporate Espionage
• Blackhat Hackers
![Page 8: Social Engineering€¦ · Social Engineering - Recon Digital •Search Engines •Email Harvesting •DNS Records •Social Medial •Metadata •Public Records Physical •Physical](https://reader035.vdocuments.mx/reader035/viewer/2022071102/5fdba023c36b0c2af5295c8f/html5/thumbnails/8.jpg)
Who Are The Targets?
![Page 9: Social Engineering€¦ · Social Engineering - Recon Digital •Search Engines •Email Harvesting •DNS Records •Social Medial •Metadata •Public Records Physical •Physical](https://reader035.vdocuments.mx/reader035/viewer/2022071102/5fdba023c36b0c2af5295c8f/html5/thumbnails/9.jpg)
It Only Needs One…
![Page 10: Social Engineering€¦ · Social Engineering - Recon Digital •Search Engines •Email Harvesting •DNS Records •Social Medial •Metadata •Public Records Physical •Physical](https://reader035.vdocuments.mx/reader035/viewer/2022071102/5fdba023c36b0c2af5295c8f/html5/thumbnails/10.jpg)
Social Engineering Methodology
![Page 11: Social Engineering€¦ · Social Engineering - Recon Digital •Search Engines •Email Harvesting •DNS Records •Social Medial •Metadata •Public Records Physical •Physical](https://reader035.vdocuments.mx/reader035/viewer/2022071102/5fdba023c36b0c2af5295c8f/html5/thumbnails/11.jpg)
Social Engineering - Recon
Digital
• Search Engines
• Email Harvesting
• DNS Records
• Social Medial
• Metadata
• Public Records
Physical
• Physical Walk
• Dumpster Diving
• Tailgate Employees to Lunch Breaks
![Page 12: Social Engineering€¦ · Social Engineering - Recon Digital •Search Engines •Email Harvesting •DNS Records •Social Medial •Metadata •Public Records Physical •Physical](https://reader035.vdocuments.mx/reader035/viewer/2022071102/5fdba023c36b0c2af5295c8f/html5/thumbnails/12.jpg)
Social Engineering - Breach
•Obtain Domain Credentials via Phishing
Attacks
•Obtain Network Level Access via Spear
Phishing Attacks
•Bypass Physical Security Defences and
Obtain Corporate Documents
![Page 13: Social Engineering€¦ · Social Engineering - Recon Digital •Search Engines •Email Harvesting •DNS Records •Social Medial •Metadata •Public Records Physical •Physical](https://reader035.vdocuments.mx/reader035/viewer/2022071102/5fdba023c36b0c2af5295c8f/html5/thumbnails/13.jpg)
Attack Vectors
• Physical
• Phishing
• Telephone
• Shoulder Surfing
• Tailgating
![Page 14: Social Engineering€¦ · Social Engineering - Recon Digital •Search Engines •Email Harvesting •DNS Records •Social Medial •Metadata •Public Records Physical •Physical](https://reader035.vdocuments.mx/reader035/viewer/2022071102/5fdba023c36b0c2af5295c8f/html5/thumbnails/14.jpg)
Social Engineering Tactics
• Impersonation (Spoofed Emails, Telephone
Attacks, Scenario-based attacks)
• Urgency
• Obligation
• Authority
• Flattering
• Fear
![Page 15: Social Engineering€¦ · Social Engineering - Recon Digital •Search Engines •Email Harvesting •DNS Records •Social Medial •Metadata •Public Records Physical •Physical](https://reader035.vdocuments.mx/reader035/viewer/2022071102/5fdba023c36b0c2af5295c8f/html5/thumbnails/15.jpg)
Do you recognize the signs?
![Page 16: Social Engineering€¦ · Social Engineering - Recon Digital •Search Engines •Email Harvesting •DNS Records •Social Medial •Metadata •Public Records Physical •Physical](https://reader035.vdocuments.mx/reader035/viewer/2022071102/5fdba023c36b0c2af5295c8f/html5/thumbnails/16.jpg)
Do you recognize the signs?
![Page 17: Social Engineering€¦ · Social Engineering - Recon Digital •Search Engines •Email Harvesting •DNS Records •Social Medial •Metadata •Public Records Physical •Physical](https://reader035.vdocuments.mx/reader035/viewer/2022071102/5fdba023c36b0c2af5295c8f/html5/thumbnails/17.jpg)
Do you recognize the signs?
![Page 18: Social Engineering€¦ · Social Engineering - Recon Digital •Search Engines •Email Harvesting •DNS Records •Social Medial •Metadata •Public Records Physical •Physical](https://reader035.vdocuments.mx/reader035/viewer/2022071102/5fdba023c36b0c2af5295c8f/html5/thumbnails/18.jpg)
NCC Test Case
![Page 19: Social Engineering€¦ · Social Engineering - Recon Digital •Search Engines •Email Harvesting •DNS Records •Social Medial •Metadata •Public Records Physical •Physical](https://reader035.vdocuments.mx/reader035/viewer/2022071102/5fdba023c36b0c2af5295c8f/html5/thumbnails/19.jpg)
Why This Attack Was Successful?
1. Trusted Source // IT Helpdesk
2. Promotes Fear // Accounts will be disabled
Lesson Learned?
Always Validate the Origin of the
Information!!!
![Page 20: Social Engineering€¦ · Social Engineering - Recon Digital •Search Engines •Email Harvesting •DNS Records •Social Medial •Metadata •Public Records Physical •Physical](https://reader035.vdocuments.mx/reader035/viewer/2022071102/5fdba023c36b0c2af5295c8f/html5/thumbnails/20.jpg)
Tools of The Trade
• SET
• TheHarvester
• Recon-NG
• Phishing Frenzy
• PwnPlug Devices
![Page 21: Social Engineering€¦ · Social Engineering - Recon Digital •Search Engines •Email Harvesting •DNS Records •Social Medial •Metadata •Public Records Physical •Physical](https://reader035.vdocuments.mx/reader035/viewer/2022071102/5fdba023c36b0c2af5295c8f/html5/thumbnails/21.jpg)
Physical to Cyber is Just One
Port Away….
![Page 22: Social Engineering€¦ · Social Engineering - Recon Digital •Search Engines •Email Harvesting •DNS Records •Social Medial •Metadata •Public Records Physical •Physical](https://reader035.vdocuments.mx/reader035/viewer/2022071102/5fdba023c36b0c2af5295c8f/html5/thumbnails/22.jpg)
Do You See These Stuff Often Internally?
![Page 23: Social Engineering€¦ · Social Engineering - Recon Digital •Search Engines •Email Harvesting •DNS Records •Social Medial •Metadata •Public Records Physical •Physical](https://reader035.vdocuments.mx/reader035/viewer/2022071102/5fdba023c36b0c2af5295c8f/html5/thumbnails/23.jpg)
Mitigations
• Limit Online Exposure
• Email and Web Gateway Solutions (URL Sandboxing etc.)
• Anti-tailgating Barriers
• Social Engineering Assessments
• Increase User Awareness via Trainings
• Policies (Escort visitors etc.)
![Page 24: Social Engineering€¦ · Social Engineering - Recon Digital •Search Engines •Email Harvesting •DNS Records •Social Medial •Metadata •Public Records Physical •Physical](https://reader035.vdocuments.mx/reader035/viewer/2022071102/5fdba023c36b0c2af5295c8f/html5/thumbnails/24.jpg)
Conclusion
• False Sense of Security (PCI DSS, Products
etc.)
• Management People are Reactive NOT
Proactive
• Strong Physical && Weak Human == Pwned
• Employees Must Feel Safe to Click Any Link
Inside Their Company Environment!!!
![Page 25: Social Engineering€¦ · Social Engineering - Recon Digital •Search Engines •Email Harvesting •DNS Records •Social Medial •Metadata •Public Records Physical •Physical](https://reader035.vdocuments.mx/reader035/viewer/2022071102/5fdba023c36b0c2af5295c8f/html5/thumbnails/25.jpg)
Any Questions???
![Page 27: Social Engineering€¦ · Social Engineering - Recon Digital •Search Engines •Email Harvesting •DNS Records •Social Medial •Metadata •Public Records Physical •Physical](https://reader035.vdocuments.mx/reader035/viewer/2022071102/5fdba023c36b0c2af5295c8f/html5/thumbnails/27.jpg)
UK Offices
Manchester - Head Office
Cheltenham
Edinburgh
Leatherhead
London
Thame
North American Offices
San Francisco
Atlanta
New York
Seattle
Australian Offices
Sydney
European Offices
Amsterdam - Netherlands
Munich – Germany
Zurich - Switzerland