By Jesper M. Johansson.
Link -The technique of island hopping—penetrating a network through a weak link and then hopping around systems within that network—has been around for years. But it continues to take on new dimensions. In today's security-conscious IT environments, people are often the weakest link, and malicious users are
finding ways to use this to their advantage (think phishing and other forms of social engineering). This combination of carbon and silicon can prove fatal to your network.
One of my favorite implementations of leveraging the human element was perpetrated by Steve Stasiukonis of Secure Network Technologies during a penetration test for a customer. He seeded the customer's parking lot with USB flash drives, each of which had a Trojan horse installed on it. When the employees arrived for work in the morning, they were quite excited to find the free gadgets laying around the parking lot. Employees eagerly collected the USB drives and plugged them into the first computers they came across: their own workstations.
How Flash Drives and Social Engineering can Compromise Networks
Security Watch - Island Hopping: The Infectious Allure of Vendor Swag.
- 12 Sep 2009 #1My System Specs
Security Watch - Island Hopping: The Infectious Allure of Vendor Swag.
Reply With Quote Security Watch - Island Hopping: The Infectious Allure of Vendor Swag. problems?
| Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Security Watch. Scareware on Newsweek. | JMH | System Security | 0 | 07 Sep 2009 |
| DHCP Vendor Classes | Adrian Marsh (NNTP) | Server General | 7 | 10 Aug 2009 |
| Re: RemovingDeleting a Vendor's account | Richard G. Harper | Vista account administration | 1 | 16 Mar 2009 |
| Free Mail-In CD? How do I get it? The Vendor Said I Would | MelMar | Vista General | 4 | 19 Feb 2007 |
