APT live – An in-depth example of an professional inside-out attack
In this live hacking session, we will show you an inside-out attack, a common APT method. We plan a stepwise presentation of the live hacking session, and every step being separately explained, performed and interactively discussed with the audience. The attack uses a combination of two hacking methods. First, an innocent looking spear-phishing email, with to the victim seems like a genuine and harmless email. Sometimes attackers create webmail or social media accounts using names of colleagues, or they spoof the sender address of the email completely. Cyber-attackers use this social engineering method because it is low-cost, easy to launch and very effective. Second, a software vulnerability which is used to take control of the victim’s machine. Some investment is necessary to obtain information on the latest vulnerabilities (i.e. as close to zero-day as possible). In our inside-out attack we initiate a network connection from the trusted (corporate) to the untrusted (Internet) network. The attack requires an “insider” to execute code to bypass security restrictions. We will show you that an attacker with certain technical skills who wants to have access to internal data could currently not be stopped nor could he be detected. It has to be said that such attacks are not expected to origin from Script Kiddies or hobby hackers. Only hackers with a specific motivation and financial background are likely to conduct such structured APT attacks.
About the speakers
Oliver Münchow
Read more …
Manuel Krucker
Read more …