Social engineering and weaponised USB sticks help the “world’s most famous hacker” to take control of target PCs
CeBIT attendees on Thursday fell victims to a series of well-executed hacks. Thankfully, they weren’t malicious in origin; instead, they were live demonstrations by notorious ex-hacker Kevin Mitnick.
Though Mitnick’s hacking skills once earned him a spot on the FBI’s Most Wanted list, he is now a world-renowned security consultant. He and his team of specialists use various methods of intrusion to infiltrate clients – including major Fortune 500 companies – and boast a 100% success rate.
Mitnick demonstrated a range of impressive hacks live on the CeBIT stage, all completed within minutes. He gained full control of targeted machines through use of weaponised USB drives, Wi-Fi access points, PDF files and more, as well as cloning wireless keycards that many companies use for building access.
What’s notable about Mitnick’s methods, however, is he claims that during his criminal career, he never used software programs or exploits to gain system access. Instead, he relied on a technique known as social engineering.
Rather than computer flaws, this system relies on taking advantage of the weakest aspect of a network: the squishy, gullible humans that operate it. By targeting lower-lever, less tech-savvy employees, an attacker can gain access much more easily than by relying on technical vulnerabilities.
During Mitnick’s hacking career, he primarily gained network access by going through the rubbish of companies, discovering that a substantial amount of information – including usernames and passwords – were simply thrown out intact. This allowed him to reportedly hack into over 40 companies before he was caught.
Mitnick says that this laxity is still present in the modern business environment. He said that in the process of his consulting, he and his team find that “people throw away a lot of valuable information in the trash, even today”, including “credentials [and] source code”.
This tactic of exploiting employees’ unfamiliarity with tech is a key component of software-based attacks, too. All of the attacks Mitnick demonstrated onstage required some degree of activation by the user, which means that the hacker must trick targets into accepting malware by disguising it as legitimate software.
This is often done by dressing up malicious code to look like trusted brands, such as Adobe Flash updates. However, it can also be done through JavaScript applets. Mitnick showcased an example with the publisher listed as Verified Secure Applet – however, this is simply a dummy company Mitnick set up, and is a common trick that hackers use to fool targets.
He also highlighted the fact that no antivirus software was been proven effective against high-level threats, with MacAffee in particular being unable to detect many of his live attacks. As he said when questioned on the NSA’s potential vulnerabilities, “I don’t think anything’s hacker-proof”.
Kevin Mitnick, super-hacker
Mitnick’s credentials as a security expert are hard to disagree with. He’s billed as ‘the world’s most famous hacker’, and at the peak of his illegal activities, he was regarded by the FBI as the planet’s foremost cybercriminal.
Beginning at the tender age of 17, Mitnick’s career started through telephone pranks, using a system known as phone phreaking. This early form of proto-hacking also led Apple co-founders Steve Jobs and Steve Wozniak to start their company, selling ‘blue box’ devices to ‘phreakers’ on their Berkeley campus.
Phreaking involved manipulating the public telephone network through various means, often to avoid long-distance charges, but there were numerous other applications. For example, Mitnick boasted that he used the system to tap into the NSA’s phone lines when he was 17, saying (with a small measure of pride) that he “wiretapped the wiretappers”.
Mitnick has always asserted that his hacks were a result of his love for technology, and exploring new ways to use it. One particular instance he shared was when he wanted to examine the firmware source code for a new flagship Motorola device, predominantly out of interest.
A prime example of social engineering in action, he simply called Motorola, and after a few redirections, was put through to someone with access to the source code. By impersonating a high-ranking project manager, he was able to convince an employee to send him the source code, all without any access to a computer.
When questioned as to the threat level faced by today’s networks, he said that “now, you have a lot more hacking tools available, a lot more sources in the community”. However, he also stated that “it’s kind of a balance”, with a growing trend of privacy-consciousness in users, as well as an increasing variety of security tools.
As Mitnick noted in his interview, “back when I was in high school, hacking was cool, and you were encouraged to do it”. However, he stated that though he did it for the “intellectual curiosity, the pursuit of knowledge and the seduction of adventure”, a large proportion of hacking is now done on a malicious or for-profit basis.