Hacking: The Next Generation > Inside-Out Attacks: The Attacker Is the Insider

Table of Contents

Download Safari Books Online apps: Apple iOS | Android

Entire Site

Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Search

Preface

Ch. 1. Intelligence Gathering: Peering Through the Windows to Your Organization

Ch. 2. Inside-Out Attacks: The Attacker Is the Insider

Man on the Inside

Cross-Site Scripting (XSS)

Cross-Site Request Forgery (CSRF)

Content Ownership

Advanced Content Ownership Using GIFARs

Stealing Files from the Filesystem

Summary

Ch. 3. The Way It Works: There Is No Patch

Ch. 4. Blended Threats: When Applications Exploit Each Other

Ch. 5. Cloud Insecurity: Sharing the Cloud with Your Enemy

Ch. 6. Abusing Mobile Devices: Targeting Your Mobile Workforce

Ch. 7. Infiltrating the Phishing Underground: Learning from Online Criminals?

Ch. 8. Influencing Your Victims: Do What We Tell You, Please

Ch. 9. Hacking Executives: Can Your CEO Spot a Targeted Attack?

Ch. 10. Case Studies: Different Perspectives

Appx. A. Chapter 2 Source Code Samples

Appx. B. Cache_Snoop.pl

Colophon

Index

Chapter 2. Inside-Out Attacks: The Attacker Is the Insider

Not only does the popular perimeter-based approach to security provide little risk reduction today, it is in fact contributing to the increased attack surface criminals are using to launch potentially devastating attacks. In general, the perimeter-based approach assumes two types of agents: insiders and outsiders. The outsiders are considered to be untrusted while the insiders are assumed to be extremely trustworthy. This type of approach promotes the development of architectures where networks are segregated into clearly delineated “trusted” zones and “untrusted” zones. The obvious flaw with the perimeter approach is that all the insiders—that is, the employees of a business—are assumed to be fully trustworthy. This chapter will go beyond the obvious and expose how the emerging breed of attackers are able to leverage application and browser flaws to launch “inside-out” attacks, allowing them to assume the role of the trusted insider.

The impact of the attacks illustrated in this chapter can be extremely devastating to businesses that approach security with a perimeter mindset where the insiders are generally trusted with information that is confidential and critical to the organization. Each of these employees in turn becomes a guard to the business’s secrets; it is their vigilance and efforts that will ultimately mean the difference between avoiding an incident and allowing an attacker to steal the organization’s secrets. When any one of the employees makes a poor security decision, such as browsing to a malicious website (even with a fully patched browser), a malicious outsider has an opportunity to latch onto the innocent request and make her way into the organization’s internal network with the insider’s privileges. Similarly, when an outsider convinces, forces, or tricks an employee to click a link, divulge a vital piece of data, or change some seemingly mundane setting, the outsider becomes the insider. When an employee’s browser, email client, or operating system is under an attacker’s control, the outsider becomes the insider.

You are currently reading a PREVIEW of this book.

Get instant access to over
$1 million worth of books and videos.

Start a Free Trial

Download Safari Books Online apps: Apple iOS | Android

This Book

Search

Contents

Chapter 2. Inside-Out Attacks: The Attacker Is the Insider

Chapter 2. Inside-Out Attacks: The Attacker Is the Insider