Undermining - Social Engineering using Open Source Intelligence Gathering

Leslie Ball, Gavin Ewan, Natalie Coull

2012

Abstract

Digital deposits are undergoing exponential growth. These may in turn be exploited to support cyber security initiatives through open source intelligence gathering. Open source intelligence itself is a double-edged sword as the data may be harnessed not only by intelligence services to counter cyber-crime and terrorist activity but also by the perpetrator of criminal activity who use them to socially engineer online activity and undermine their victims. Our preliminary case study shows how the security of any company can be surreptitiously compromised by covertly gathering the open source personal data of the company’s employees and exploiting these in a cyber attack. Our method uses tools that can search, drill down and visualise open source intelligence structurally. It then exploits these data to organise creative spear phishing attacks on the unsuspecting victims who unknowingly activate the malware necessary to compromise the company’s computer systems. The entire process is the covert and virtual equivalent of overtly stealing someone’s password ‘over the shoulder’. A more sophisticated development of this case study will provide a seamless sequence of interoperable computing processes from the initial gathering of employee names to the successful penetration of security measures.

References

  1. Abraham, S. and Chengalur-Smith, I., 2010. An Overview
  2. of Social Engineering Malware: Trends, Tactics, and Implications. Technology in Society, 32(3): 183-196.
  3. Borchgrave de, A., Sanderson, T. and MacGaffin J., 2006. Open Source Information: The Missing Dimension of Intelligence. Report of the CSIS Transnational Threats Project.
  4. CSO Magazine, 2012. The Ultimate Guide to Social Engineering. [Online] Accessed 12/06/2012 at http://assets. csoonline.com/documents/cache/pdfs/Social-Enginee ring-Ultimate-Guide.pdf
  5. Cybenko, G., Giani, A. and Thompson, P., 2002. Cognitive Hacking: A Battle for the Mind. IEEE Computer, 35(8), 50-56.
  6. Enrici, I., Ancilli, M. and Lioy, A., 2010. A Psychological Aproach to Information Technology Security. In 3rd Conference on Human System Interaction, 459-466.
  7. Giani and P. Thompson. Detecting Deception in the Context of Web 2.0. In Web 2.0 Security & Privacy, 2007.
  8. Gonzalez, J., Sarriegi, J. and Gurrutxaga, A., 2006. A Framework for Conceptualizing Social Engineering Attacks. CRITIS 2006, LNCS 4347, 79-90.
  9. Heikkinen, S., 2010. Social Engineering in the World of Emerging Communication Technologies. In Proceedings of Wireless World Research Forum meeting #17, Nov 2006.
  10. Huber, M., Kowalski, S., Nohlberg, M. and Tjoa, S., 2009. Towards Automating Social Engineering Using Social Networking Sites. In International Conference on Computational Science and Engineering, 3:117-124.
  11. Johansson, F., Brynielsson, J., Hörling, P., Malm, M., Mårtenson, C., Truvé, S. and Rosell, M., 2011. Detecting Emergent Conflicts Through Web Mining and Visualization. In European Intelligence and Security Informatics Conference 2011, 346-353.
  12. Maan, P. and Sharma, M., 2012. Social Engineering: A Partial Technical Attack. International Journal of Computer Science Issues, 9(2), 1694-0814.
  13. The New Age, 2011. Social Networking is the most Popular Online Activity. [Online] Accessed 12/6/2012 at http://www.thenewage.co.za/38836-1021-53-Social_ networking_is_the_most_popular_online_activity
  14. Norton., [no date]. Spear Phishing: Scam, not Sport. [Online] Accessed 12/06/2012 at http://uk.norton.com /spear-phishing-scam-not-sport/article
  15. Raskin, V., Taylor, J. and Hempelmann, C., 2010. Ontological Semantic Technology for Detecting Insider Threat and Social Engineering. NSPW'10, 21- 23 Sept. 2010, Concord, MA, 115-127.
  16. Stech, F., Heckman, K., Hilliard, P. and Ball, R., 2011. Scientometrics of Deception, Counter-deception, and Deception Detection in Cyber-space. PsychoNology Journal, 9(2), 79-122.
  17. Steele, R., 2007. Open Source Intelligence. In Johnson, L. (ed.) Strategic Intelligence: The Intelligence Cycle, Praeger. Westport CT, 96-122.
  18. Trend Micro, 2012. Social Engineering Remains Top Security Threat in 2012. [Online] Accessed 12/06/ 2012 at http://www.newswit.com/.it/2012-04-05/bf95 43225f9137e29c7a64af58a75c2b/
  19. Vybornova, O., Smirnov, I., Sochenkov, I., Kiselyov, A. and Tikhomirov, I., 2011. Social Tension Detection and Intention Recognition Using Natural Language Semantic Analysis. European Intelligence and Security informatics Conference 2011, 277-281.
  20. Williams, C., 2011. Google Cyber Attacks: What is Spear Phishing? [Online] Accessed 12/06/2012 at http:// www.telegraph.co.uk/technology/news/8552297/Goog le-cyber-attacks-what-is-spear-phishing.html
Download


Paper Citation


in Harvard Style

Ball L., Ewan G. and Coull N. (2012). Undermining - Social Engineering using Open Source Intelligence Gathering . In Proceedings of the International Conference on Knowledge Discovery and Information Retrieval - Volume 1: KDIR, (IC3K 2012) ISBN 978-989-8565-29-7, pages 275-280. DOI: 10.5220/0004168802750280


in Bibtex Style

@conference{kdir12,
author={Leslie Ball and Gavin Ewan and Natalie Coull},
title={Undermining - Social Engineering using Open Source Intelligence Gathering},
booktitle={Proceedings of the International Conference on Knowledge Discovery and Information Retrieval - Volume 1: KDIR, (IC3K 2012)},
year={2012},
pages={275-280},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004168802750280},
isbn={978-989-8565-29-7},
}


in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Knowledge Discovery and Information Retrieval - Volume 1: KDIR, (IC3K 2012)
TI - Undermining - Social Engineering using Open Source Intelligence Gathering
SN - 978-989-8565-29-7
AU - Ball L.
AU - Ewan G.
AU - Coull N.
PY - 2012
SP - 275
EP - 280
DO - 10.5220/0004168802750280