For this attack, the security experts equipped the mouse with an additional micro-controller with USB support (Teensy Board) to simulate a keyboard, and added a USB flash drive to the setup.
When connected to the PC, the Teensy Board's Atmel controller sent keyboard inputs to the computer and ran software that was stored on the USB flash drive. This allowed Netragard to install the Meterpreter remote control software, which is part of the Metasploit framework.
The crux of the attack was to find a suitable company employee who would, upon receiving the computer mouse, connect it to a company PC without becoming suspicious.
The security experts selected one of the employees and sent the mouse in its original packaging – camouflaged as a promotional gadget.
[In a related study] the US Department of Homeland Security found that 60 per cent of users will naively connect a USB flash drive to their PC to see what is stored on it.
When connected to the PC, the Teensy Board's Atmel controller sent keyboard inputs to the computer and ran software that was stored on the USB flash drive. This allowed Netragard to install the Meterpreter remote control software, which is part of the Metasploit framework.
The crux of the attack was to find a suitable company employee who would, upon receiving the computer mouse, connect it to a company PC without becoming suspicious.
The security experts selected one of the employees and sent the mouse in its original packaging – camouflaged as a promotional gadget.
[In a related study] the US Department of Homeland Security found that 60 per cent of users will naively connect a USB flash drive to their PC to see what is stored on it.
This reminds me of stories about medieval poisoning plots involving members of the treacherous Borgia family. They didn't use the bite of a poisoned mouse, though.
Thinking aloud...
A typical hacking attack involves 0) getting a person in a position to enter a malicious command; 1) entering the command; 2) downloading malicious software; 3) installing the software; 4) performing a malicious operation; 5) cleanup and/or escape undetected.
It would be interesting to map major key security penetration cases to this sequence of steps, from ancient Trojan Horse to Enigma to Stuxnet.
tags: invention, innovation, security, information, system, control, five element analysis
No comments:
Post a Comment