Introduction and sensitive information collection
Thinking of Dao ’s famous quote, talent is the biggest loophole. Today I finally learned the legendary social worker. In the movies I watched before, there are actually many methods based on real methods, such as incomplete recovery and cracking of garbage disposal;
I have seen many cases of social workers in peacetime, and there are also more famous incidents in the net protection operation. I feel that the occupations related to social workers seem to be relatively few. Most of them are used in commercial spies (teams) or as a way to break through when they ca n’t be broken. We do n’t know, and we dare not ask.
I also learned a little bit about phishing email production today. Let ’s sum up tomorrow and make a small preview. Recently, the more famous He Zhengyu received a spear-mail extortion attack. It ’s fun.
Introduction and sensitive information collection
What is social engineering?
Information security is divided into "hard security" and "soft security". The so-called "hard security" mainly includes specific IT security technologies (such as firewalls, intrusion detection, vulnerability scanning, denial of service attacks, buffer overflow attacks, etc.); while "soft security" mainly involves management, psychology, culture, interpersonal Communication and other aspects have nothing to do with specific IT technology. The so-called social engineering today is actually the category of "soft security".
In layman's terms, social engineering is: an attacker uses the weakness (often the psychological level) of the "person" to obtain
information and influence others, so as to achieve their ulterior motives.
Why understand social engineering
Not popular enough
First of all, social engineering is a remote corner often overlooked in information security. Even many practitioners in the IT security field often lack common knowledge about social engineering. For example, many people know what firewalls and antivirus software are, but they have never heard of social engineering.
Not paying enough attention
Most security vendors have focused their attention on "hard security" (for example, firewall vendors and anti-virus vendors are so numerous). Few security vendors have paid attention to social engineering. On the contrary, most existing information security attacks use "soft security" as a breakthrough for attackers, and only a small part is carried out purely through "hard security". (This is another vivid example of the principle of 28) Why do attackers like to make breakthroughs from the "soft security" level? Because the weakness of human nature is difficult to be improved in a short time (especially for large companies and institutions with many people). Therefore, "soft security" will leave many
vulnerabilities that can be exploited. As long as the attacker is good at exploiting these vulnerabilities, he can easily invade.
The usefulness of social engineering
Common sense of social engineering is very useful, and its use is not limited to the information industry
collect message
In fact, there has been information collection aimed at infiltrating websites and other targets before, but this is different from the social worker's information collection.
Introduction to Information Collection
Information collection is to obtain some insensitive information of institutions, organizations and companies (hereinafter referred to as "institutions") through various means. Why specifically emphasize "insensitive"? If the information is not sensitive, there will be no particularly strict access restrictions, and the attacker will be easy to handle. Moreover, in the process of obtaining such information, it is not easy to attract the attention of others, reducing the risk of the attacker.
The role of information collection
Most social engineering attackers will start with information gathering. But information collection is often not the ultimate goal of the attacker, but only the preparatory work for the attacker to enter the next stage. After most attackers get this information, most of them will use it to forge their own identity, so as to carry out subsequent identity counterfeiting and how to forge identity and pretend.
Typical types of sensitive information
机构内部某些操作流程的步骤
某些关键人物的资料
机构内部的组织结构关系
机构内部常用的一些术语和行话
How to collect sensitive information
Through the website and search engine
, the internal operation process of many organizations is directly placed on the official website and can be easily obtained. There is still a lot of sensitive information that the attacker can find a lot through Google
Through the address book of the original company of the departing employee; if it is better, you can also get the organization chart through garbage analysis.
Many institutions directly throw some ordinary printed materials into the trash bin without going through the shredder. Therefore, attackers can find a lot of useful information from office trash.
To give a simple example: whenever a company has new employees, personnel or administrative personnel will print a list to the new employees. The list may have the following content: IP addresses of common internal company servers (such as print servers, file servers), names of new employees ’external mailboxes and default passwords Internal company systems (such as ERP systems, MIS)
The user name and default password of
some systems, etc. are simple instructions for using some internal systems. If a new employee does not immediately modify the default password (a considerable proportion of new employees will not immediately modify all default passwords on the day of entry), and directly list Throw it in the trash.
Inquiry by phone
Directly call the front desk or customer service department, through some skills, you can set a lot of valuable information. Identity forgery and influence
summary:
Some people say that social workers are scams. I think there is actually a difference. I think social workers are like well-planned murders by professional killers. Fraud is like bandit hacking. Which one is more difficult to prevent between the two? Presumably everyone should understand it. !
