http://www.darkreading.com/blog.asp?blog_sectionid=403&doc_id=142271 By RSnake January 3, 2008 Years ago, the concept of a blended attack was all the rage in infosec magazines. I remember lots of CISOs running around and spreading that buzzword, while talking to every industry analyst who would listen about how blended attacks were almost unstoppable. The concept of combining unrelated penetration techniques was foreign and exotic. Today it's often employed by the more sophisticated attackers. The new CourtTV show called Tiger Team does a wonderful job of highlighting the blended attack. Rather than talking about it in an academic environment, they actually show the audience the damage a technically savvy group of security experts can do. One particular scene demonstrated how the perfect combination of IT security, physical security, and electronic countermeasures can pull off the perfect jewelry heist. The first step the Tiger Team took was to procure information from a drive on the computer of a receptionist at the jewelry store, which they did by social-engineering her into inserting an infected USB dongle into her computer under the premise of asking her to print something. Later, they cloned an HID badge from the manager of the store, and then used it to break into the office after hours, crawling along the floor beneath the motion sensors -- only to have the alarms go off, anyway. At that point, the show appeared to be over, with the team failing to complete mission without getting caught. But not so: They made a mad dash to the back room and entered the combination for the alarm code which they procured from the desktop machine. They quickly snipped the RJ11 phone connection and used a signal jammer so the wireless modem couldnt dial out, so that they got complete access to the office. After some panicky moments of nearly getting caught, they proceeded to use some common tactics for breaking into the safe in the owners office. They made it out safely, leaving a Polaroid of themselves wearing the most valuable items in the store. They had successfully simulated an actual robbery. While there are only a handful of people who could pull off a heist like this from the outside, its far more likely that components of this attack could have been pulled off much easier by someone on the inside. So apparently blended attacks are back -- even if they really only make for good reality TV. So yes, its on my DVR, where it will stay. Cool show! - RSnake is a red-blooded lumberjack whose rants can also be found at Ha.ckers and F*the.net. Special to Dark Reading __________________________________________________________________ Visit InfoSec News http://www.infosecnews.org/
This archive was generated by hypermail 2.1.3 : Thu Jan 03 2008 - 22:36:22 PST