That’s recent news from IDG News Service, which states that some
penetration testers faked their social identity over a network to break-in
through government agency; the one having strong cyber security defenses.
So, some security experts tried to penetrate with the
defenses of a U.S. government agency. Faking as an attractive young woman, the
security experts tend to show the levels of effective social engineering
attacks now-a-days.
Said attack was a part of some penetration test performed in
2012. The results to this penetration test were released by the cyber-defense
specialist, Aamir Lakhani. Aamir Lakhani represented the test results at the
RSA Europe security conference held in Amsterdam.
The team handling this penetration test claimed Emily
Williams (the faked identity) was a 28-year-old; MIT graduate with 10 years
experience. The social profiles over Facebook and Linkedin were maintained to
set her identity with as much real information as possible. To make it more
realistic, an image of a real woman was used over these social profiles.
The test went successful when this fake identity over social
profiles started receiving skill endorsements on Linkedin and friend lists on
Facebook. However, Lakhani and his team wanted to see how far the social media
deception could be taken.
Well, as time went on men working for the targeted agency
offered to help Emily Williams, get started faster in her alleged new job
within the organization by going around the usual channels to provide her with
a work laptop and network access. The level of access she got in this way was
higher than what she would have normally received through the proper channels
if she had really been a new hire, Lakhani said.
No comments:
Post a Comment