Skilled adversaries have many tricks up their sleeves to grab credentials, including mimicking trusted access points.
In this video, Eric Escobar, Principal Consultant in the Secureworks Adversary Group, shares how, within a day, he was able to access an organization’s entire network, compromise their domain admin accounts and facilities by gaining credentials using an ‘Evil Twin’.
Listen to the full webcast to learn more about the most common attack vectors and how to defend against them.
I was on a particular pen test where we drove up before meeting the client and I was sitting in the parking lot of this really large manufacturing facility, I was able to crack their guest wireless password from the parking lot. I was able to create some wireless interference, and then the interference made it so that users' WiFi on their phone didn't work, the guest wireless didn't work, and I tricked them into connecting to me. And that's what disclosed their passphrase and so I was on their guest wireless network, along with all of their other employees at that time. And I was basically able to use that level of access to further compromise other users on the network. I was able to manipulate their traffic, I was taking other people's usernames and passwords, logging in as them, and seeing what they had access to. And then ultimately from there in about a day's time, I was able to walk through their entire network, compromise their domain admin accounts, and then also compromise all of their manufacturing facilities on three other continents.
I could have done a number of things, so you read about ransomware in the news. I could have ransomwared every device and locked out every device and anything in their manufacturing facility I could have turned off or kicked off the network or in some way, shape, or form, made it so that all of their business came down to a screeching halt and hold them for ransom. I could have sat and collected all of their proprietary company information from who their clients are, their customers, their price points, I could have stolen all that and they would have never known. The level of nefariousness goes from just somebody who's looking to make a quick buck to taking over a large Fortune 500 company. That's what it comes down to. The client absolutely loved the work. When he saw the results, he was able to take that information and say, "Hey this is the ammunition "that I need to go to the board of directors, "to go to my C-level suite," and basically take what we did and let him use that to enact change throughout his organization.