Undermining - Social Engineering using Open Source Intelligence Gathering

Leslie Ball; Gavin Ewan; Natalie Coull

doi:10.5220/0004168802750280

Undermining - Social Engineering using Open Source Intelligence Gathering

Leslie Ball, Gavin Ewan, Natalie Coull

2012

Abstract

Digital deposits are undergoing exponential growth. These may in turn be exploited to support cyber security initiatives through open source intelligence gathering. Open source intelligence itself is a double-edged sword as the data may be harnessed not only by intelligence services to counter cyber-crime and terrorist activity but also by the perpetrator of criminal activity who use them to socially engineer online activity and undermine their victims. Our preliminary case study shows how the security of any company can be surreptitiously compromised by covertly gathering the open source personal data of the company’s employees and exploiting these in a cyber attack. Our method uses tools that can search, drill down and visualise open source intelligence structurally. It then exploits these data to organise creative spear phishing attacks on the unsuspecting victims who unknowingly activate the malware necessary to compromise the company’s computer systems. The entire process is the covert and virtual equivalent of overtly stealing someone’s password ‘over the shoulder’. A more sophisticated development of this case study will provide a seamless sequence of interoperable computing processes from the initial gathering of employee names to the successful penetration of security measures.

Download

Paper Citation

in Harvard Style

Ball L., Ewan G. and Coull N. (2012). Undermining - Social Engineering using Open Source Intelligence Gathering . In Proceedings of the International Conference on Knowledge Discovery and Information Retrieval - Volume 1: KDIR, (IC3K 2012) ISBN 978-989-8565-29-7, pages 275-280. DOI: 10.5220/0004168802750280

in Bibtex Style

@conference{kdir12,
author={Leslie Ball and Gavin Ewan and Natalie Coull},
title={Undermining - Social Engineering using Open Source Intelligence Gathering},
booktitle={Proceedings of the International Conference on Knowledge Discovery and Information Retrieval - Volume 1: KDIR, (IC3K 2012)},
year={2012},
pages={275-280},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004168802750280},
isbn={978-989-8565-29-7},
}

in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Knowledge Discovery and Information Retrieval - Volume 1: KDIR, (IC3K 2012)
TI - Undermining - Social Engineering using Open Source Intelligence Gathering
SN - 978-989-8565-29-7
AU - Ball L.
AU - Ewan G.
AU - Coull N.
PY - 2012
SP - 275
EP - 280
DO - 10.5220/0004168802750280