White-Hot Hack
Kate: You’re the best. Where are you now?
Ian: I’m in my office.
Kate: You don’t have an office. Because you don’t actually work here.
Ian: I’ve commandeered an empty conference room on the third floor.
Kate: Of course you did. Okay, here I come.
Her heart rate increased as she got out of the car and walked toward the side door, carrying her own large box. She slowed down so her arrival would coincide with a cluster of people who were about to go in. The first person, a man with white hair and a kind smile, swiped his badge and held the door for the others. When he spotted Kate, he waited for her to pass through.
“Thanks,” she said.
He gestured toward the box. “Looks heavy.”
“Contracts. Took me four hours to get through them last night.” She adjusted the empty box, boosting it a bit higher as the lie rolled off her tongue. She remained silent, fighting the urge to add details to her story. The truth needs no explanation.
“Where are you headed? I could carry that for you.”
She smiled. “Upstairs. Thanks. I’ve got it.”
After watching to make sure he headed in the opposite direction, she got on the elevator. She felt the same thrill she’d experienced during her first social engineering assignment, and every assignment since then, although this time it was heightened. Tailgating her way into a building was definitely the trickiest thing she’d done, and she could see how the thrill of deception could become addicting. On the third floor she got out and walked down the hall, peering into conference rooms until she found Ian. A bite of donut disappeared into his mouth as Kate entered the room and shut the door behind her.
“Excellent job, sweetness. I expected nothing less from you.”
“Why don’t you like social engineering? Oh my God, it’s exhilarating.” She set her box on the table and leaned down to kiss him. “Mmmm… You taste like frosting.”
He brushed the crumbs from his hands and started typing as Kate reached into the box and grabbed a chocolate donut with pink sprinkles. “I do like social engineering, but I’m not a fan of physical entry and would much rather access the network with my technical skills from the comfort of my home office. But hackers are getting bolder, and when they start walking through the front door, you’ve got to figure out ways to keep them out so they don’t do what I’m about to do.”
He removed an Ethernet cable from his laptop bag and plugged it into a jack on the wall. Then he connected it to his laptop. “This is a live network jack. Employees can access the corporate network when they’re in here for company meetings. Once a hacker’s behind the firewall, it’s like giving him the keys to the candy store. I can go anywhere I want.” He reached into his laptop bag again and withdrew a small square item. “This is a wireless access device.” He bent down and plugged it into the jack. “If someone suspects us and we have to leave the premises temporarily, I can still access the network from my car in the parking lot. Before we leave here, I’ll have enough information to access the network from wherever I happen to be.”
“What are you going to do if someone’s reserved this conference room for a meeting?”
“My first order of business was to move everyone into new rooms. Unfortunately, they’ll all think they’re losing their minds, but it had to be done.”
“What’s next?”
“I’m going to run a scan to check the network for computers that aren’t protected by a password, and then I’ll launch a packet sniffer to capture the traffic moving over the network.”
Kate looked shocked. “It’s really called a panty sniffer?”
He grinned. “Packet.”
“Oh. That makes much more sense.”
“Once I’ve cracked all the machines that are protected, I’ll give myself administrator rights to the entire network. Should only take about half an hour.”
“Wow,” Kate said. “All of that before nine a.m.”
After Kate finished her donut, Ian sent her out on a recon mission. “Familiarize yourself with the layout of the building. Do a sweep of the break rooms. Be friendly, but not too friendly. If anyone asks you who you are, stick to your story.”
“I’m a temp working with Legal on a short-term project to make sure all job descriptions are in compliance. Got it.”
Ian had explained to Kate that the trick was not to identify too closely with any particular department because it would raise too many questions and it wouldn’t take long for the manager or leader of the department to become suspicious. She would actually be spending most of her time floating around, looking for obvious security infractions like passwords written on sticky notes and left in plain view, and sensitive information that was being disposed of incorrectly. But if anyone doubted her story and started asking legal-type questions, she would be more than qualified to answer them. Meanwhile, Ian would concentrate on the internal network pentesting.
She kissed him good-bye and headed for the door.
Before she left, he said, “Sweetness, find out where the computer server room is located, will you?”
“Anything for you, lover. I’ll be back in a little while.”
Kate roamed around the building, moving freely from floor to floor. There were no other entry points that required badge access, so after exploring the areas with cubicles, she checked out the break rooms. All had a similar setup: table for six, coffeepot, sink, microwave, vending machine, and fridge. A middle-aged man was sitting at the table reading the newspaper when Kate walked in.
“Good morning,” she said.
He looked up and smiled. “Good morning.”
Kate was pouring herself a cup of coffee when two women walked in.
They gave her a few sidelong glances, and then one of them said, “Are you new?”
“I’m a temp. Special project for the legal department. I’ll be here for a few days. Do you know where I can find the server room that houses the computer systems?”
People were always so eager to share what they knew, and one of the women answered automatically. “It’s on the second floor. My boyfriend works in IT.”
“Thanks.” Kate smiled and swept from the room with a breezy “Good-bye!” before the women could think too much about why a temporary employee working with Legal wanted to know where the computer systems were located.
The server room sat near the back of a large, open-floor-plan space filled with rows of cubicles. Kate walked past the enclosed, freestanding structure slowly, observing the same kind of sensor on the exterior door that she and Ian had successfully bypassed on their way into the building. Unfortunately, she didn’t see a single person going in or out of the server room, and the lack of traffic would make it extremely difficult to tailgate in without raising all kinds of red flags. She lingered awhile, pretending she was reading something on her phone. An L-shaped desk with a low partition sat approximately twenty feet from the server-room door, and a young man in his early twenties stared blankly at his computer monitor.
“Can I help you?” he called over after noticing her standing there.
She approached his desk. “Hi. I’m a temp. I’m supposed to join in on a marketing meeting. Do you know if that’s going on somewhere down here?”
“No, the marketing department is on the fourth floor. This is IT.”
“Thanks.
She returned to the conference room where Ian was still hard at work.
“How’d it go?” he asked. “See anything interesting?”
She pulled out a chair and sat down. “Nothing out of the ordinary. I found the server room. It’s on the second floor.”
“Freestanding?”
“Yes. How’d you know that?”
“Because no one wants their server room up against an exterior wall that might house water pipes. If they were to burst, it would ruin all their equipment. That’s why you won’t find many server rooms on the top floor or in the basement. Roofs can leak and basements can flood. Exterio
r windows can also be a potential security risk. Same with doors. If they can, most companies will try to utilize a room on a middle floor and then retrofit it for their needs by adding cooling and extra security features.”
“I noticed it’s the only place besides the building’s entrances that requires a badge.”
“I’m not surprised. Even a company with lax security knows to protect the hub of their operations.”
“There weren’t a lot of people going in or out. They’ve also got someone stationed nearby. I’m not sure if he’s responsible for keeping an eye on things or if that’s just where his desk is located.”
“Probably a little of both.”
She gestured toward his laptop. “What are you doing now?”
“I’m combing through every file on the network, looking for anything marked confidential or for internal use only. One thing you do not want a hacker to have is access to your private files. It could be a very embarrassing PR nightmare. Not only that, if they’re doing any kind of R&D, their secrets could be sold to a competitor.”
Ian wanted to take a look at the server room, so he and Kate went down over the lunch hour when there wouldn’t be as many people milling about. They walked past slowly, and Ian gave a small nod to let Kate know he’d seen enough. When they returned to the conference room, he told her he wanted her to make the rounds again as soon as everyone returned from lunch, and then they would be done for the day.
“That’s it? I feel like I’m just getting warmed up.”
“I’m sucking up an enormous amount of their bandwidth with my scans, yet no one seems to have noticed. It’s better to quit while I’m ahead. We’ve got three days, so we’ll start small and slowly become more visible. You’re going to be mingling among the employees more than I will, and I want them to get used to seeing you. But not too used to it. You’re very approachable and people will want to make friends with you, but you’ll need to keep them at a slight distance so they don’t become suspicious. By the third day, we can really push it because by then I want them to notice us.”
“So what will we be doing tomorrow?”
“Tomorrow you can start shoulder-surfing to see how discreet people are when it comes to typing in their passwords. You can also nose around their desks and eavesdrop on their conversations.”
“What about you?”
“I’ll finish looking through the files, and then we’re going to up our physical-entry game, and by that I mean figure out the best way to break into the server room.”
“We’re going to break into the server room?”
“You’re not. I am. That’s another place you don’t ever want a hacker poking around, and in order to show the CIO we’re truly the best at exposing a company’s security weaknesses, I need to get inside. It will prove there’s no place in this company we couldn’t go.”
“There aren’t a lot of people going in and out. Won’t that make it extremely difficult to tailgate your way in?”
“I’m not going to tailgate. But unfortunately, I can’t pick that kind of lock either.”
“You know how to pick locks?”
“I can get past a standard lock in about ten seconds if I have my lockpicking kit.”
She looked at him like he was crazy. “Your lockpicking kit. This is a thing you own?”
He smiled brightly and nodded. “We used to have contests at MIT. I can break into almost anything.”
“Sometimes you straight-up scare me. If you know so much about locks, why didn’t you use that knowledge to lock my apartment and go home when I was sick instead of sleeping on my couch and barging in on me in the bathtub?”
“Well, for starters, I wasn’t trying to unlock your apartment door. And secondly, I didn’t have my tools. And thirdly—and most importantly—I didn’t want to leave.”
“So how are you going to break into the server room?”
“I’m not sure. I’ll have to think on it for a while. But never fear. There’s a way in. There always is.”
CHAPTER FOURTEEN
Kate and Ian tailgated their way into the building on day two. Ian sailed through with his coffee and donuts, but things didn’t go quite as smoothly for Kate. As she prepared to fall in with a small group of people bottlenecked near the door, a woman in her early twenties juggling a Starbucks carrier with four cups of coffee, an iPad, and her purse seemed to be waiting for Kate to buzz them in. Trying to remain calm, she smiled and gestured helplessly with her box toward the only other person whose eye she could catch. The young man looked more than happy to help them as he swiped his badge and held the door open until they both passed through.
The girl who had her hands full looked at him with stars in her eyes and said, “Thanks.”
He gave her an aw shucks, it was nothing grin. “You’re welcome.”
And they said chivalry was dead.
Ian was already hard at work in the conference room. After they finished their donuts, he resumed scanning the network and sent Kate out to make another sweep of the building. “Today is phase two. You can be a little more visible. Feel free to chat with anyone who strikes up a conversation. Be sure to swing by the IT department to see what they’re up to, and make note of how many people you see going in and out of the server room.”
“Anything else?”
“Try a little shoulder-surfing. I guarantee you’ll enjoy it.”
Kate followed the same circuit she’d walked the day before and visited all five floors of the building as well as the break rooms. When she was finished, she made her way slowly up and down the aisles between the rows of cubicles and watched over the employees’ shoulders as they typed in their passwords after returning to their desks. Then she went into the break room to get a cup of coffee and check in with Ian.
Kate: I just watched three employees type in the world’s least secure password of #1234. I watched another type in catfetish1@. What is wrong with these people?
Ian: catfetish1@ is actually preferable in this scenario. Harder to crack.
Kate: I’m going down to the first floor. I’m curious to see how freaky they are in accounting.
She strolled nonchalantly down the rows of the accounts payable department. A young man returned to his cubicle with a cup of coffee in his hand. Kate was standing a safe distance behind him, watching as he set down his coffee and typed in his password—gamerboystud7—when she sensed a presence next to her. It was the girl from that morning who hadn’t been able to buzz them in because her hands were as full as Kate’s.
“Hi,” she said.
“Hi.”
Gamerboystud7 turned around and shot Kate a curious look, so she quickly moved back toward the center of the aisle.
The girl fell in beside her as she walked away. “I’m Ashley.”
Kate panicked momentarily because she blanked on the name she was using, but right before the delay in her response would have become awkward, she said, “Jeannine.”
“Do you work on this floor?”
“I’m here on a temp assignment. I’m working with Legal on a special project.”
“Legal’s on the fourth floor. This is Accounting.”
“I had to come down for some more files.”
Ashley tilted her head. “What kind of files?”
“Job descriptions. I’ll be floating around to all the departments, making sure they’re in compliance.”
“Oh. Sure. That makes sense.”
Thank God. Kate decided to change the subject. “It was really nice of that guy to hold the door for us this morning.”
“Yeah, he gets here around the same time every day.”
Ah, so the girl hadn’t been waiting for Kate to buzz them in after all. She’d been waiting for him. “And do you always have your hands full?”
She blushed. “Always. My coworkers think I like them so much I’m willing to bring them coffee every day.” She lowered her voice. “I don’t, really.”
Kate smiled. The girl reminded her of her futu
re sister-in-law, Kristin. They had the same spunk. “Do you have plans for lunch?”
“As a matter of fact, I don’t.”
“I don’t know anyone here, and it’s boring eating alone. Would you like to go with me?”
“Sure. Meet me in the cafeteria at noon.”
Back in the conference room, Kate informed Ian she was meeting someone for lunch. “At first I was worried. She was kind of staring at me with this eerie laser focus, like she was trying to see into my brain. I thought I was going to have to befriend her just to deflect suspicion. But then I learned she has a massive crush on a guy who works here, and frankly she needs help moving things forward.”
“See, I knew you’d make friends.” He took off his glasses and pushed his chair back from the table. “Are you up for something a bit more challenging? I can do it myself if you don’t feel comfortable, but you’ll be more inconspicuous because they won’t be expecting a woman to do it.”
“Are you kidding me? Of course I want to do it.” Kate leaned toward him, eager. “What is it?”
“I need you to install this on the systems administrator’s computer.” He held up a small, cylinder-shaped module with a round opening on each end. “It’s a keylogger.”
He handed it to her and she studied it.
“What does it do?”
“It records all his keystrokes so I’ll know whether he has any suspicion that someone is accessing the network. You’ll have to pull the cable that runs from the keyboard to the computer, plug this in, and reconnect the cable.”
“I can do that.”
“I found an online database that lists the physical location for every employee. He’s in the northwest corner, second row over. His name is Nathan Robertson and his cube is slightly bigger than the others. There should be a nameplate on the exterior wall.”
Kate took a deep breath. “You always know just how to get my adrenaline pumping, don’t you? I may need an extra glass of wine tonight.”
“I thought you might. I restocked the wine fridge yesterday.”