Social engineering
Upcoming SlideShare
Loading in...5

Social engineering



Social Engineering - Human aspects of grey and black competitive intelligence. What is social engineering? How it is used in the context of competitive intelligence and industrial espionage? How to ...

Social Engineering - Human aspects of grey and black competitive intelligence. What is social engineering? How it is used in the context of competitive intelligence and industrial espionage? How to recognize HUMINT / social engineering attacks? Which governments are known to use it?



Total Views
Views on SlideShare
Embed Views



19 Embeds 2,990 2894 28 20 16 8 7 3 2 2 1 1 HTTP 1 HTTP 1 HTTP 1 HTTP 1 HTTP 1 HTTP 1 1 1



Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

Social engineering Social engineering Presentation Transcript

  • Social EngineeringHuman aspects of competitive intelligence Marin Ivezic Cyber Agency
  • SOME KNOWN CASES Johnson & Johnson vs. Bristol-Myers Johnson Controls vs. Honeywell Boeing vs. Airbus2 Cyber Agency |
  • SOME KNOWN CASES It’s not just smart business! 1. Competitive Intelligence using Social Engineering 2. Competitive Intelligence Countermeasures SUBJECTS OF TODAY’S DISCUSSION…3 Cyber Agency | View slide
  • DEFINITION OF SOCIAL ENGINEERING “Successful or unsuccessful attempts to influence a person(s) into either revealing information or acting in a manner that would result in; unauthorized access, unauthorized use, or unauthorized disclosure, to an information system, network or data.” (Rogers & Berti, 2001)4 Cyber Agency | View slide
  • EXTENDED DEFINITION OF SOCIAL ENGINEERING Any kind of psychological manipulation used to obtain private or sensitive information or to force target to perform some action in target’s disadvantage. (Ivezich, 1998)5 Cyber Agency |
  • DEFINITION OF COMPETITIVE INTELLIGENCE Context for Social Engineering “Competitive intelligence (CI) is the process of monitoring the competitive environment. CI enables senior managers in companies of all sizes to make informed decisions about everything from marketing, R&D, and investing tactics to long- term business strategies. Effective CI is a continuous process involving the legal and ethical collection of information, analysis that doesnt avoid unwelcome conclusions, and controlled dissemination of actionable intelligence to decision makers.” Source: Society of Competitive Intelligence Professionals “Competitive intelligence is a systematic program for gathering and analyzing information about your competitors’ activities and general business trends to further your own company’s goal.” Source: Larry Kahaner, “Competitive Intelligence”6 Cyber Agency |
  • DEFINITION OF COMPETITIVE INTELLIGENCE Context for Social Engineering White - company publications, public records, commercial reporting sources Gray - Not readily available, but can be obtained without civil/criminal liability Black - Obtained through unethical or illegal means. Can result in civil and/or criminal sanctions. Black = Espionage7 Cyber Agency |
  • DEFINITION OF ESPIONAGE Context for Social Engineering Espionage: Information collection operations performed in unethical and/or unlawful manner Economic Espionage: Government intelligence operation aimed at acquiring the economic secrets of foreign country, including information about trade policies and the trade secrets for its companies. Industrial Espionage: Intelligence operations conducted by one corporation against another for the purpose of acquiring a competitive advantage in domestic and global markets.8 Cyber Agency |
  • WHO’S DOING COMPETITIVE INTELLIGENCE? 90% of Fortune 500 firms Consulting 16 Firms with high R&D Chem / Pharma 13 expenditures Communications 11 Firms that own many patents Information 7 2-3% of German firms Computers 5 U.S. & U.K. firms mostly Banking / Financial 5Defense / Aerospace 4 Industrial 4 Motorola, Bell Atlantic, Xerox, Eastman Kodak, Skandia, Ford, SDG, Merck, Amoco, Pac Utilities 4 ific Enterprises, Sequent, American Healthcare 4 Express, Boehringer Ingelheim, Procter & 0 Gamble, Dow 5 10 Chemical, MetLife, IBM, Johnson & Johnson… 15 209 Cyber Agency |
  • COUNTRIES INFAMOUS FOR ECONOMIC ESPIONAGE • Russia UK • Germany • France • USA • Israel • China • Japan South Korea, India, Pakistan, Argentina and others…10 Cyber Agency |
  • WHY NOW? • The pace of business has and will increase. • Most businesses are now in information overload. • Increased global competition. • Economic competition has become war. • Political changes ripple more quickly than in the past. • Technology changes are more rapid. • Availability of ex cold-war spies. Modern Business Eras Knowledge Machinery Capital / Labor Information (Intelligence) (1940s) (1950-60s) (1980-90s) 2000s Competitive Mechanical Intelligence Technology Investment Computers Systems Modern Business Drivers11 Cyber Agency |
  • SECURITY THREATS Foreign Gov. 20% Foreign Corp. 30% Competitors 50% Independent Hackers 70% Disgruntled Employees 90% Insider Competitor Activist Foreign Agent Terrorist Most Likely Least Likely (annoyance) (strategic impact)12 Cyber Agency |
  • SECURITY THREATS Adversary Motivation National Intelligence Information for Political, Military, Economic Advantage Information Warfare Military Advantage, Chaos, Target Damage Terrorists Visibility, Publicity, Chaos, Political Change Industrial Espionage Competitive Advantage, Revenge Organized Crime Monetary Gain, Revenge Insider Revenge, Financial Gain, Institutional Change Hacker Thrill, Challenge, Prestige Who thinks we are important? Or interesting? Competitors, Suppliers, Customers, Investors, Critics, Regulators, Hackers13 Cyber Agency |
  • HOW IS IT DONE? Myths Reality • Industrial spies are well trained James Bonds that can get anything • “Spies” are putzes that do nothing they want brilliant • Hackers are geniuses that can look • They take advantage of what they at a computer and take it over have access to • It takes super advanced methods • They abuse human nature and a billion dollars in new • They luck into it, because there are research to figure out how to stop no or minimal countermeasures them14 Cyber Agency |
  • WHY IS SE SO EFFECTIVE? • The Security Field has focused primarily on technical security and protection of physical assets • Security is only as strong as the weakest link - People are the weakest link • Why spend time attacking the technology when a person will give you access or information • Extremely hard to detect as there is no ID’S for “lack of common sense” or more appropriately ignorance Technical Physical People15 Cyber Agency |
  • WHY IS SE SO EFFECTIVE? Two Primary Factors: Business Environment and Human Nature Business Environment Human Nature  Service Oriented  Helpful  Time Crunch  Trusting  Distributed  Naive  Outsourcing  Virtual Offices16 Cyber Agency |
  • ANATOMY OF AN SE ATTACK Very similar to how intelligence agencies infiltrate their targets. Usually a vey methodical approach. 3-phased approach: Intelligence gathering • Primarily Open Source Information such as: Dumpster Step 1 diving, Web pages, Ex- employees, Contractors, Vendors, Partners Target selection • Looking for weaknesses in the organization’s personnel: Help Step 2 desk, Tech support, Reception, Admin. support, Etc. The attack • Commonly known as the con • Three broad categories of attack: Ego attacks, Sympathy Step 3 attacks, Intimidation attacks. • Other elicitation techniques …17 Cyber Agency |
  • COMMON SE ATTACKS 1. Ego attacks  Attacker appeals to the vanity, or ego of the victim  Usually targets someone they sense is frustrated with their current job position  The victim wants to prove how smart or knowledgeable they are and provides sensitive information or even access to the systems or data  Attacker may pretend to be law enforcement, the victim feels honored to be helping  Victim usually never realizes18 Cyber Agency |
  • COMMON SE ATTACKS 2. Sympathy attacks  Attack pretends to be a fellow employee (new hire), contractor, employee or a vendor, etc.  There is some urgency to complete some task or obtain some information  Needs assistance or they will be in trouble or lose their job etc.  Plays on the empathy & sympathy of the victim  Attackers “shop around” until they find someone who will help  Very successful attack19 Cyber Agency |
  • COMMON SE ATTACKS 3. Intimidation attacks  Attacker pretends to be someone influential, authority figure, and in some cases law enforcement  Attempts to use their authority to coerce the victim into cooperation  If there is resistance they use intimidation, and threats (e.g., job sanctions, criminal charges etc.)  If they pretend to be Law Enforcement they will claim the investigation is hush hush and not to be discussed etc.20 Cyber Agency |
  • OTHER ELICITATION TECHNIQUES • Elicitation • Interview process which avoids direct questions and employ a conversational style to reduce concerns and suspicions… • Collecting information without asking questions.21 Cyber Agency |
  • ELICITATION - CONVERSATIONAL HOURGLASS • People remember questions more clearly and longer • People remember the beginning and end of a conversation • Concentration is on the “muddle in the middle” What you already know • personal/professional background Style • techniques that have worked well before • areas of expertise or knowledge • Innocuous and non-threatening • Testing of generalizations and presumptions about human factors in elicitation Macro topics • Reading signals from source • Pleasant and non-confrontational Micro topics Elements • Pre-selected introductory questions about general topics Macro topics • Stacking of elicitation techniques • Attention to details of information being provided • Additional “cool down’ questions about other general topic22 Cyber Agency |
  • WHY DOES IT HAPPEN? A natural tendency • to need recognition (as an expert) • toward self-effacement • to correct, advise, challenge others • to prove others wrong • to discuss things that are not their concern • to gossip • not to be able to keep secrets • to underestimate the value of information • toward indiscretion when not in control of one’s emotions • to show off (professionally) • to complain23 Nolan 2000Agency | Cyber
  • TYPICAL ELICITATION TOOLS 1. Provocative statements evoking: – quid pro quo – naïveté – disbelief – criticism 2. quid pro quo 3. Simple flattery 4. Exploiting the instinct to complain 5. Word repetition vs. “emphatic loading” 6. Quotation of reported facts(?) 7. Naïveté 8. Oblique reference 9. Criticism 10. Bracketing 11. Feigned or real disbelief 12. Purposely erroneous statement24 Nolan 2000Agency | Cyber
  • DEFENSE FRAMEWORK Attacks Physical Situational Awareness Personnel Procedures Protect Design Features Detect/Respond Critical Project Survive25 Nolan 2000Agency | Cyber
  • DEFENSE FRAMEWORK Effective Policies • Enforcement of effective policies Managed Processes • Staff knowledge and skill development Security is not about products - it is the effective management of People processes between Policy, Technology and Support Structure Process Technology Organization Secure Systems Effective support structure Technology implementation for end-to-end security26 Nolan 2000Agency | Cyber
  • THERE ARE MANY WAYS TO “BUG” A ROOM27 Nolan 2000Agency | Cyber Find professionals!
  • COUNTERINTELLIGENCE Measures to prevent a competitor from gaining data or knowledge that could give them competitive advantage over your company. • What assets, resources & information should be protected? (e.g., new technologies, new products/services) • How can you safeguard what might be penetrated?28 Nolan 2000Agency | Cyber
  • PROTECTION - DON’T OVERDO IT29 Nolan 2000Agency | Cyber
  • PROTECTION – COST vs. BENEFITS What is the cost vs. benefit? Are you creating another vulnerability? How long is the countermeasure needed? Cost of Security Cost of Loses30 Nolan 2000Agency | Cyber
  • PROTECTION – COST vs. BENEFITS Acceptable Risk Region Total Systematic Risk Risk Investment Sound Implementation Mitigation Security Engineering and Security Enforcement for specific Intelligence Function Policy Auditing threats USER Non-Systematic HACKER COMPETITION Threats FOREIGN THREATS Threat Level31 Nolan 2000Agency | Cyber
  • OPERATIONS VULNERABILITIES Procedures in Practice • Sales & Marketing • Public Relations • Help Wanted Ads • Internet Usage • Credit Cards and other travel records • Telephone records and conversations • Casual conversations • Supplier records • Personal aggrandizement • Taking work home • Poor incident-reporting procedures • Human weaknesses32 Nolan 2000Agency | Cyber
  • OPERATIONS COUNTERMEASURES 1. Awareness Training 2. Classifying Information 3. Security Alert System 4. Reward Programs 5. Callbacks before Disclosing Sensitive Info – Verifying the Need for Information Access – Verifying Identities and Purposes 6. Removing Personal Identifiers from Access Badges 7. Nondisclosure/Non-compete Employee Agreements and business partners 8. Prepublication Reviews for Employees 9. Review of Corporate Releases 10. Strict Guidelines for Marketers and Salespeople33 Nolan 2000Agency | Cyber
  • It takes only one… Are You The Weakest Link? Questions? Experiences?
  • MAJOR FOREIGN AGENCIES France: Generale de la Securite Exterieure (DGSE). Service 7 seems to have responsibility for this function.  Typical activities include: Bugging hotels, airlines, conferences, etc; Black bag operation in French hotels to photograph and download information from laptops; Bribes and prostitutes; Business infiltration; Eavesdropping of telephone and electronic communications.  The French are very open about their operations and seem to take a great deal of national pride in this area. Germany: Bundesnachrichtendienst (BND). Division II seems to have prime responsibility for technical information.  Typical activities include: Telephone monitoring; Establishing "agents of influence“; Business infiltration; Active hacking function; Seduction, Blackmail, Bribery.
  • MAJOR FOREIGN AGENCIES Russia: External Intelligence Service of Russia (EISAR) formerly the First Directorate of the KGB.  Section T specifically targets foreign Technology.  Typical operations include: A well-established network of moles and operatives; Indications are that every major US company has at last one mole; Primary targets are approached indirectly through suppliers, etc; Bugging, monitor truck/railroad lines; Spy satellites, sensors on Aeroflot airplanes, etc; Joint ventures. Israel: Scientific Affairs Liaison Bureau (LAKAM). Typical operations include: Business Infiltration; Ethnic Targeting; Believed to have moles in major technology industries; Bugging hotel rooms, monitor telephone lines, etc; Extensive support for hacker activity.  Israel, man for man, is reputed to have the best intelligence capability in the world.
  • MAJOR FOREIGN AGENCIES China: Guojia Anguan Bu, or Ministry of State Security (MSS). Qing Bao offices are scattered throughout China with responsibility for assuring that economic intelligence flows to the factories.  Typical operations include: Ethnic targeting; Business fronts in third countries to purchase sensitive business technology; Open sources (China has the largest foreign presence in US); Import and Export companies; University students; University graduates become moles in high technology companies; Bait and switch, make a scene, etc; Wiretaps, satellites, spy ships, etc.
  • WHO ARE WE? Penetration Testing and Counter Espionage Consulting 100% focused on Particular expertise We also cover: information in counter HUMINT Penetration testing protection, counter Cyber security intelligence, counter Provides espionage Physical security training, consulting, Technical security metoring, testing No conflict of interest and regulasr assessments 38
  • Thank you foryour attention!Any Questions?