Page 1 of 3 123 LastLast
Results 1 to 10 of 21

Thread: This is simply brilliant

  1. #1
    Computer Forensics
    Join Date
    Jul 2001
    Posts
    672

    This is simply brilliant

    Oh the humanity..
    A SECURITY outfit found the easiest way to crack into a company's systems was to leave a few Trojan laced USB drives scattered around the front door.

    More at source:
    http://www.theinquirer.net/?article=32311
    Antionline in a nutshell
    \"You\'re putting the fate of the world in the hands of a bunch of idiots I wouldn\'t trust with a potato gun\"

    Trust your Technolust

  2. #2
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Very funny...

    Very sad...
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  3. #3
    Junior Member
    Join Date
    Aug 2004
    Posts
    28
    haha indeed brilliant
    except, the employees did know there was an attacked planned.
    So if i was an employee of that company and i would find an usb stick
    and so did 14 others, i would get suspicious
    But that's me i guess ...
    ... paranoid

  4. #4
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Lol back in my electronic prankster days I used to do this with Floppy disks. Not anything new but certainly fun to watch when the employees already knew.

  5. #5
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Hmmmm,

    The company obviously has an inadequate security policy, or certainly one that is not enforced properly.

    I know quite a few places where taking an external device on site and attaching it to the organisation's kit would get you fired.

    Let's face it, if you have a lousy policy and lousy enforcement you are vulnerable, period.

    Not so much a case of "if" but "when"?


  6. #6
    Frustrated Mad Scientist
    Join Date
    Dec 2004
    Posts
    1,152
    I had a good think about this one.

    We've not considered USB drives to be a significant risk over and above anything else. Especially for information theft data can be emailed out, printed out, written to CD etc etc.

    For malware we didn't consider USB drives to be a greater risk than staff bringing in CDs or floppies.

    As for sticking them into the PC, I've got to admit that until that story I would have stuck the drive in to find out the owner. CD autoboot is blocked by default and I would have assumed that USB autoboot was also blocked. But it isn't.

    I've got some of our guys looking into blocking of the autoboot function hopefully something that can be done without purchasing software.

    We might need to modify policy to more explicitly oppose plugging in untrusted devices.

  7. #7
    PHP/PostgreSQL guy
    Join Date
    Dec 2001
    Posts
    1,164
    The specially written trojan that collected passwords, logins and machine-specific information from the user’s computer, and then emailed the company with the findings. Stasiukonis said that the attack was so simple and beat the hell out of hanging out with the smokers, sweet-talking receptionists, or commandeer a meeting room and jack into the network.
    Haha, that's great...maybe Kevin Mitnick could learn a bit about this level of social engineering?

    On a serious note, something like that isn't surprising at all (how sad is that?). In this day and age of ease-of-use, people sacrifice security for convenience. If people had to pass a computer IQ test before owning a laptop or PC, not only would we have smarter users but we'd also have no job, haha... It's like pro-creating...just because two people can doesn't mean it's the best idea.

    At work we've removed the floppy and usb devices by disabling them in the bios which is also password-protected. Prevents a lot of nasties coming into the workplace but also keeps data at the workplace to a better degree. Now if we could only block hotmail, yahoo mail, and any other free webmail service, it'd be a lot more locked down but that's almost prohibitive.
    We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.

  8. #8
    Senior Member
    Join Date
    Oct 2004
    Posts
    183
    Originally posted here by Aspman
    I've got some of our guys looking into blocking of the autoboot function hopefully something that can be done without purchasing software.
    I think that there's a registry tweak to block it.

  9. #9
    Senior Member
    Join Date
    Feb 2002
    Posts
    855
    haha indeed brilliant
    except, the employees did know there was an attacked planned.
    So if i was an employee of that company and i would find an usb stick
    and so did 14 others, i would get suspicious
    But that's me i guess ...
    ... paranoid
    I don't know if this is the case, but perhaps when the employees were warned about an attack, they were envisioning some cracker at a keyboard trying to break in. In any event, it seems this company needs to do some serious threat awareness training (besides, of course, disabling access for this kind of device).
    For the wages of sin is death, but the free gift of God is eternal life in Christ Jesus our Lord.
    (Romans 6:23, WEB)

  10. #10
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    I think that there's a registry tweak to block it.

    TheHorse13 posted the registry edit here

    http://www.antionline.com/showthread...&highlight=usb

    I believe vista has a way to disable it built in....

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •