President Obama'smuch loved BlackBerryis still
hackable, claims infamous hackerKevin Mitnick.
He
told
FOXNews.com, "You would probably need to be pretty
sophisticated, but there are people out there who are.
"If I was the attacker, I would look to Obama's close circle of
friends, family and associates and try to compromise their machines
at home. The objective would be to get Obama's e-mail address on
the BlackBerry."
That address is a closely guarded secret after
Obama insisted on keeping his BlackBerry, against White House
rules covering personal gadgets.
Mitnick served almost five years in prison after pleading guilty
to charges of wire and computer fraud for hacking into computer
systems at large mobile phone and IT companies during the
1990s.
He is now a security white hat and runs
Mitnick Security
Consulting.
The White House says only a small circle of associates and
senior aides are allowed to exchange e-mails with the
president.
As well as hackers wanting to target the president for the fame,
there are fears that foreign governments wanting trade secrets on
the US are a bigger threat.
Fortunately for the US, Obama is seen as technology savvy and
may not be tempted by a simple malicious web link. When it comes to
social engineering attacks, however, it can all depend on what the
link is promising as to whether the user is tempted or not.
Responding to our article, Kevin Mitnick
writes:
The Fox News reporter misquoted me. I never proffered the send
Obama an email link social engineering attack. Rather, I thought up
several scenarios to obtain information or intelligence from his
use of his BlackBerry. See below for the details:
Second, I told this reporter numerous times that I don't believe
Obama uses his Blackberry device for any classified communications
– that should be a no brainer, right?
I did, however, share some attack scenarios that are feasible.
One example below I used to surveill the FBI when playing the
fugitive game – which would likely work today.
Objective: Identify Obama's current cellular phone
number
1. Compromise his past provider (he's likely to be using the
same one).
2. Obtain past (3 months) billing records (call detail
records)
3. Compromise (current) provider and perform terminating number
searches for any mobile device that has dialed or received calls
from the same numbers on Obama's past billing records.
4. Maintain a list of suspect devices (mobile handsets) for
further analysis
5. Analyze each suspect device's call detail records looking for a
similar pattern of call traffic (incoming /outgoing)
6. Narrow the list of devices down to similar call patterns
7. Pull the subscriber data (billing name, address, contact #,
device info (IMEI, SIM info) or (ESN if CDMA provider)
8. Use mobile operator's intelligent network to find where the
device is registered (in real time)... Is Obama near that
location?
Once Obama's cellular number is identified the attacker can
acquire his text messages by compromising the smsc (orable db) at
the provider, determine his location via cell tower registrations,
and his capture call traffic ( via real time CDR).
Objective: Obtain Obama's email address.
1. Identify Obama's close circle of friends and family.
2. Compromise these target systems (phishing, wifi, etc) and
install a trojan
3. Steal authentication credentials stored on target system or via
keylogger (web based email)
4. Watch email communications.. eventually the attacker may hit
pay dirt.
As far as compromising his BB device, I said it would be
difficult but not impossible depending on whether he uses BB's
browser. The possible attack scenario I explained to the reporter
was:
1. Identify vulnerability in BB's browser that allows execution
of arbitrary code.
2. After compromising his provider, identify what sites Obama
visits on his BB (this can be logged by an attacker in the
providers intelligent network.)
3. Identify the sites visited that are not so popular (minimize the
potential victims) and compromise these targets (every BB
visitor).
4. Plant exploit code to execute payload-- whatever that
is...
5. Wait... and see what happens.
I brought up several others but the article omitted most of what
I discussed... go figure...
Best regards
Kevin Mitnick