{"id":3200,"date":"2024-04-22T09:00:00","date_gmt":"2024-04-22T14:00:00","guid":{"rendered":"https:\/\/www.darkreading.com\/vulnerabilities-threats\/where-hackers-find-your-weak-spots"},"modified":"2024-04-22T09:00:00","modified_gmt":"2024-04-22T14:00:00","slug":"where-hackers-find-your-weak-spots","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/04\/22\/where-hackers-find-your-weak-spots\/","title":{"rendered":"Where Hackers Find Your Weak Spots"},"content":{"rendered":"
<\/a><\/div>\n
<\/div>\n

COMMENTARY<\/span><\/span><\/p>\n

Social engineering is one of the <\/span>most prevalent attack vectors<\/a><\/span> used by cyber scammers to infiltrate organizations. These manipulative attacks typically are executed in <\/span>four phases<\/a><\/span>: <\/span><\/p>\n

\n
    \n
  1. \n
    <\/span><\/p>\n
    \n

    Information gathering (attacker gathers information about the target)<\/span><\/p>\n<\/div>\n<\/div>\n<\/li>\n

  2. \n
    <\/span><\/p>\n
    \n

    Relationship development (attacker engages the target and earns their trust)<\/span><\/p>\n<\/div>\n<\/div>\n<\/li>\n

  3. \n
    <\/span><\/p>\n
    \n

    Exploitation (attacker persuades the target to carry out an action)<\/span><\/p>\n<\/div>\n<\/div>\n<\/li>\n

  4. \n
    <\/span><\/p>\n
    \n

    Execution (the information collected through exploitation is operationalized to execute the attack)<\/span><\/p>\n<\/div>\n<\/div>\n<\/li>\n<\/ol>\n<\/div>\n

    The first phase obviously is the most important \u2014 without the right information, it can be difficult to execute a targeted social engineering attack. <\/span><\/p>\n

    Five Sources of Intelligence<\/h2>\n

    So how do attackers gather data about their targets? There are five sources of intelligence cybercriminals can use to gather and analyze information about their targets. They are:<\/span><\/p>\n

    1. OSINT (open source intelligence)<\/span><\/span><\/p>\n

    OSINT<\/a><\/span> is a technique hackers use to collect and assess publicly available information about organizations and their people. Threat actors can use <\/span>OSINT tools<\/a><\/span> to learn about their target’s IT and security infrastructure; exploitable assets such as open ports and email addresses; IP addresses; vulnerabilities in websites, servers, and IoT (Internet of Things) devices; leaked or stolen credentials; and more. Attackers weaponize this information to launch social engineering attacks.<\/span><\/p>\n

    2. SOCMINT (social media intelligence)<\/span><\/span><\/p>\n

    Although SOCMINT is a subset of OSINT, it deserves a mention. Most people voluntarily expose personal and professional details about their lives on popular social media platforms: their headshot, their interests and hobbies, their family, friends and connections, where they live and work, their current job position, and lots of other details. Using SOCINT tools such as Social Analyzer, Whatsmyname, and NameCheckup.com, attackers can filter social media activity and information about an individual and design targeted social engineering scams. <\/span><\/p>\n

    3. ADINT (advertising intelligence)<\/span><\/span><\/p>\n

    Say you download a free chess app on your phone. There’s a small area on the app that serves location-based ads from sponsors and event organizers, updating users on local players, events, and chess meetups. Whenever this ad gets displayed, the app shares certain details about the user with the advertising exchange service, which includes things like IP addresses, the type of operating system in use (iOS or Android), the name of the mobile phone carrier, the user’s screen resolution, GPS coordinates, etc. Typically, ad exchanges store and process this information for serving up relevant ads based on user interest, activity, and location. Ad exchanges also sell this valuable data. What if a threat actor or a rogue government buys this information? That’s exactly what <\/span>intelligence agencies<\/a><\/span> and adversaries have been doing to track activity and hack their targets. <\/span><\/p>\n

    4. DARKINT (Dark Web intelligence)<\/span><\/span><\/p>\n

    The <\/span>Dark Web<\/a><\/span> is a billion-dollar illicit marketplace transacting corporate espionage services, DIY ransomware kits, drugs and weapons, human trafficking, et al. Billions of <\/span>stolen records<\/a><\/span> (personally identifiable information, healthcare records, banking and transaction data, corporate data, compromised credentials) are available for purchase on the Dark Web. Threat actors can purchase off-the-shelf data and mobilize it for their social engineering schemes. They can also choose to outsource professionals who will socially engineer people on their behalf or discover hidden vulnerabilities in target organizations. In addition, there are hidden online forums and instant messaging platforms (such as Telegram) where people can access information about potential targets. <\/span><\/p>\n

    5. AI-INT (AI intelligence)<\/span><\/span><\/p>\n

    Some analysts are calling AI the <\/span>sixth intelligence discipline<\/a><\/span>, on top of the <\/span>five core disciplines<\/a><\/span>. With recent advancements in generative AI technology like Google Gemini and ChatGPT, it’s not hard to imagine cybercriminals deploying AI tools to mine, assimilate, process, and filter information about their targets. Threat researchers are already reporting the presence of malicious AI-based tools that are popping up in Dark Web forums such as <\/span>FraudGPT and WormGPT<\/a><\/span>. Such tools can significantly reduce the research time for social engineers and provide actionable information they can use to execute social engineering schemes. <\/span><\/p>\n

    What Can Businesses Do to Mitigate Social Engineering Attacks?<\/h2>\n

    The root cause of all social engineering attacks is information and the careless handling of it. If businesses and employees can reduce their information exposure, they will lower social engineering attacks by a significant degree. Here’s how:<\/span><\/p>\n

    \n