Tag Archives: Hacking

I’m a hacker, and here’s how your social media posts help me break into your company

By Stephanie Carruthers – Think twice before you snap and share that office selfie, #firstday badge pic, or group photo at work.

Hackers are trolling social media for photos, videos, and other clues that can help them better target your company in an attack. I know this because I’m one of them.

Fortunately, in my case, the “victim” of these attacks is paying me to hack them. My name is Snow, and I’m part of an elite team of hackers within IBM known as X-Force Red. Companies hire us to find gaps in their security–before the real bad guys do. For me, that means scouring the internet for information, tricking employees into revealing things over the phone, and even using disguises to break my way into your office.

Social media posts are a goldmine for details that aid in our “attacks.” What you find in the background of photos is particularly revealing–from security badges to laptop screens, or even Post-its with passwords.

No one wants to be the source of an unintended social media security fail. So let me explain how seemingly innocuous posts can help me–or a malicious hacker–target your company.

The first thing you may be surprised to know is that 75% of the time, the information I’m finding is coming from interns or new hires. Younger generations entering the workforce today have grown up on social media, and internships or new jobs are exciting updates to share. Add in the fact that companies often delay security training for new hires until weeks or months after they’ve started, and you’ve got a recipe for disaster.

Knowing this weak point, along with some handy hashtags, allows me to find tons of information I need within just a few hours. Take a look for yourself on your favorite social apps for posts tagged with #firstday, #newjob, or #intern + [#companyname].

So, what exactly am I looking for in these posts?

There are four specific kinds of risky social media posts that a hacker can use to their advantage. more>

The hacker hacked

BOOK REVIEW

Hackers: Heroes of the Computer Revolution, Author: Steven Levy.
Weapons of the Weak: Everyday forms of Peasant Resistance, Author: James Scott.
The Heretic’s Guide to Global Finance, Author: Brett Scott.
Explore Everything: Placehacking the City, Author: Bradley Garrett.
Snow Crash. Author: Neal Stephenson.

By Brett Scott – This dynamic is not unique to the internet. It plays out in many other spheres of life.

Hacker-like subcultures do not necessarily see themselves in political terms. Nevertheless, they share a common tendency towards a rebellious creativity aimed at increasing the agency of underdogs.

Unlike the straightforward activist who defines himself in direct opposition to existing systems, hackers work obliquely. The hacker is ambiguous, specialising in deviance from established boundaries, including ideological battle lines. It’s a trickster spirit, subversive and hard to pin down. And, arguably, rather than aiming towards some specific reformist end, the hacker spirit is a ‘way of being,’ an attitude towards the world. more> http://tinyurl.com/plw6zxb

Related>

Hacking and the Future of Warfare

By Adrienne LaFrance – It is clear that large-scale data theft is a major problem facing the United States. It has happened before and it will happen again.

Officials have warned that in addition to ignoring technical vulnerabilities, the United States hasn’t been forceful enough about deterring hackers.

“These conditions cannot be allowed to fester,” the authors of the report (pdf) wrote.

Such deterrence systems could mean targeting hackers with some of their own weapons: government-sanctioned malware or ransomware, software that locks down a computer without a user’s consent—a tactic that the U.S. government has already explored.

The concern is that the government will be able to justify its own covert hacking infrastructure by focusing on the threat of data theft from foreign governments—only to then use malware implants as mass surveillance tools against U.S. citizens. more> http://tinyurl.com/pju26xc