COMP 607: WEEK 8: Unit 4 Part 2: Gathering Information on Computer Crime
This Global Research article describes the position CIA director John Brennan finds himself in when a hacker group enabled the publication of e-mails from his personal AOL mail account. The hacker group, who call themselves Crackas With Attitude or CWA, were able to gain access to his account through social engineering. According to Dolan (2004, p.2), social engineering involves the use of “tactics to leverage trust, helpfulness, easily attainable information, knowledge of internal processes, authority, technology and any combination thereof.” What exacerbated the damage to Mr. Brennan was the fact that WikiLeaks started to release documents that were found on the e-mail account on the 21st of October 2015 (Greenberg, 2015).
CWA first performed a reverse look up of Brennan’s phone number. Once it was identified that he was a Verizon customer, one of them pretended to be a Verizon employee, and called the company to obtain details of Brennan’s mobile phone account. Through this, they were able to obtain his AOL e-mail address and the last four digits of his bank card.
They then contacted AOL pretending to be Brennan, indicating he was locked out of his account. The response to the security question AOL posed was the last four digits of the bank card. Brennan was then informed about the compromise by CWA. CWA’s outlandish demands resulted in Brennan eventually closing down the account.
In the world of information system security, using social engineering to gain access to a system is a simple and highly effective technique. Anyone with some with some charisma and ability to string a story together can manipulate a target to reveal pieces, if not all, of the information required to access a secure area. According to the US Computer Emergency Readiness Team (US-CERT), phishing incidents such as the one that eventually victimized the CIA director, have become increasingly prevalent and highly lucrative for criminals (Milletary, 2011). Combined with an attack that is more technical in nature, such as one that uses malware to lock a victim out of their account or scam users through phony web-pages, social engineering attacks can be highly damaging and costly. It is noteworthy that this attack started with a human interaction with an employee of a service provider. It is clear that technical savvy does not protect one from an attack that utilizes an everyday activity such as social interaction.
One of the most frequently encountered safeguard against the vulnerability of social engineering is the use of two step verification. This makes it more difficult for someone who has gained access to a piece of authentication information to gain access to a system as a second piece of authentication is required. While it is not infallible, it adds another hurdle to the infiltrator, and may even possibly buy time to mitigate an attack if one is suspected.
References:
Dolan, A. (2004, Feb 10). Social engineering. Retrieved from SANS Institute InfoSec Reading Room: https://www.sans.org/reading-room/whitepapers/engineering/social-engineering-1365
Greenberg, A. (2015). WikiLeaks is publishing the CIA director’s hacked emails. Condé Nast. Retrieved from http://www.wired.com/2015/10/wikileaks-publishing-cia-director-john-brennan-hacked-emails/
Kampmark, B. (2015). Hacking the CIA Director: What John Brennan’s emails reveal. Global Research. Retrieved from http://www.globalresearch.ca/hacking-the-cia-director-what-john-brennans-emails-reveal/5484186
Milletary, J. (2011). Technical trends in phishing attacks. US-CERT. Retrieved from https://www.us-cert.gov/sites/default/files/publications/phishing_trends0511.pdf
Zetter, K. (2015). Teen who hacked CIA director’s email tells how he did it. Condé Nast. Retrieved from http://www.wired.com/2015/10/hacker-who-broke-into-cia-director-john-brennan-email-tells-how-he-did-it/
Bookmarks are a great way to share web pages you have found with others (including those on this site) and to comment on them and discuss them.
We welcome comments on public posts from members of the public. Please note, however, that all comments made on public posts must be moderated by their owners before they become visible on the site. The owner of the post (and no one else) has to do that.
If you want the full range of features and you have a login ID, log in using the links at the top of the page or at https://landing.athabascau.ca/login (logins are secure and encrypted)
Posts made here are the responsibility of their owners and may not reflect the views of Athabasca University.