Social Engineering Tools
Answer: Gaining Access
DNS Poisoning: Domain name service, or DNS, is how the internet resolves numbers (IP addresses) to names we can remember (website names). DNS is a critical service, and every time your computer tries to go to a website its never been before, it asks a DNS server how to get there. If a hacker poisons the DNS, it means they are usurping the position of a real DNS server and are sending victims to a website the hacker wants the victim to go to, not the real website the victim requested.
Unfortunately, hackers don’t leave poison warnings labels after they conduct DNS poisoning attacks.
ARP Poisoning: Address resolution protocol (ARP) is a set of rules that help computers communicate over networks. ARP poisoning is when a hacker exploits ARP to have communications redirected through the hacker’s device, enabling the hacker to see and read all your communications. The victim, however, would have no way of knowing their communications were being watched.
Man-in-the-Middle: When two devices communicate over a network, they have to establish a connection with each other. In a man-in-the-middle attack, an attacker pretends to be one of the original devices communicating. From there, the attacker can intercept the data being transferred and can also potentially use the connection to transmit malicious data or files.
You never know who might be listening in!
Piggy-Backing: Piggy-backing, or tailgating, is when an unauthorized person follows an authorized person into a restricted or private area. Piggy-backing is one of the most common social engineering techniques and can easily be done by simply stating “Please hold the door.” People will often let strangers in simply because of common courtesy. While it often isn’t serious, this can lead to real security breaches and can allow intruders into otherwise off-limits areas. Mantraps are a great tool to prevent piggy-backing.
Default Credentials: Often when a device is first plugged in and powered on, it will have a default username and password. All too frequently, users will be too lazy to change these default passwords, or changing the default password might not even occur to them. Lists of default usernames and passwords are readily available for many devices, making default credentials a severe security risk for any organization or individual. It’s like leaving your keys in your car and never locking the doors.
Social Engineering: Social engineering is when a bad actor uses social techniques to evade or bypass security functions. There are many examples of this: shoulder surfing, phishing, baiting, and tailgating. You’d be surprised how often unauthorized individuals can gain access to secure areas by asking someone to “Hold the door!” for them. Common courtesy can be leveraged by bad actors to gain unauthorized access.
Password Cracking: Short passwords are often easily guessed by a computer tool. Under ideal circumstances, passwords that are less than nine characters can be cracked by a computer in only seconds. This process is known as Brute Forcing, and the longer the password is, the harder it is to brute force. Passwords that use contain words from the dictionary are also easy to crack: brute force tools use Rainbow Tables to insert whole words into the brute force process.
Metasploit: One of the most powerful hacking tools available is the Metasploit framework. The Metasploit framework is an open-source hacking application which can be used for either great good, or great evil. Metasploit can take advantage of hundreds of exploits across many different operating systems to hack into systems. Defenders can use Metasploit as a way to test their own systems for weaknesses, and then patch those weaknesses. Hackers, however, can used Metasploit as a weapon to hack into systems and exploit those weaknesses.
Watering Hole: A watering hole attack is a special type of attack that involves hacking a commonly used site. For example, if the attacker’s target company had a group of employees that regularly went to thisisawaterhole.com, the attackers could hack the website, then use it deploy malware onto visitor’s systems. A poisoned well infects the whole village.
Phishing Emails: This technique is when an attacker devises a clever email to fool a user into divulging their private information. The more cleverly the email is disguised, the more likely the target is to fall for it. Phishing is one of the number one ways that hackers deliver malware and steal information. For that reason, companies spend lots of time and money training their employees to spot phishing emails. Email phishing is simple, yet effective.
Vishing: Similar to phishing, vishing is when an attacker pretends to be someone they’re not over the phone. The goal is the same: trick the target into giving away their private information.