Computer Expert Wanted

[Robert Gonko]

Working on my crime thriller in which the murderer is also an expert computer hacker. I would like to ask questions of an expert in this area. Please PM me if interested as I'm not willing to reveal plot details at this stage. Thank you!

 

[RichardGarfinkle]

You probably need to be more specific as to what area of expertise you need. For example, I'm a professional programmer, I know some about security, but I've never done what is conventionally called hacking.

 

[Cath]

Robert, we strongly prefer answers in thread. You don't have to share key plot points, but some details of what kinds of systems would be hacked into and the purpose would be helpful.

 

[Deleted member 42]

The greatest vulnerability are users; social engineering is generally part of any really great hack.

 

[WeaselFire]

The greatest vulnerability are users; social engineering is generally part of any really great hack.

Bingo. It's really the only hack you usually need. Or at least, that I usually need.

Jeff

 

[Robert Gonko]

My guy is hacking into security systems for the purpose of bypassing them so he can get to his victims undetected. Would a social engineering approach work for this? How would it work? I don't want to put in the kind of detail that would encourage or enable someone to do it, but I would like to know what I'm talking about.

 

[clee984]

The greatest vulnerability are users; social engineering is generally part of any really great hack.

I studied computer science at university, and in a lecture on hacking, one lecturer made this point in the following way - he set up an mp3 of a siren wailing. He then telephoned the university's central office, told the first person he spoke to that he was IT support and there was a major problem (hence the alarm in the background), and he needed that person's password immediately. The person gave it to him almost without hesitation, and with no checking of credentials. No computer involved. I was impressed.

 

[Deleted member 42]

My guy is hacking into security systems for the purpose of bypassing them so he can get to his victims undetected. Would a social engineering approach work for this? How would it work? I don't want to put in the kind of detail that would encourage or enable someone to do it, but I would like to know what I'm talking about.

Yes. Social engineering is a key tool for this kind of exploit. Google it—I'm not being dismissive, but you'll see lots of references.

 

[melindamusil]

Not directly related to hacking, but in terms of "social engineering"... the Gardner Museum in Boston was robbed in 1990 by two men who came to the door, after hours, pressed the buzzer, and said "Police! Let us in!". The guards did, and the two men made off with over a dozen priceless works of art.

And I can't even count the number of times I've read about students who changed their grades by logging into the teacher's account using the password written on a post-it note and stuck to the computer monitor!

Of course, this all depends on how "criminal" your guy is. He could just call them, like Clee suggested, and demand a password. He could kidnap them and threaten to kill them if they don't give him the password. Or he could kidnap someone else (the IT guy's spouse/child/friend) and threaten to torture/kill them if he doesn't get the password.

Depending on the size of the company/security system, he could also dress up like an IT guy, pretend like he knows what he's doing, and just walk into the IT department. Then he could ask someone (maybe a lower-level employee?) something like, "Oh, shoot, I left my notebook at home. Can you tell me the password for xyz?" If he looks like he is supposed to be there, the other employees probably won't question him.

 

[Russell Secord]

The basic question, then, is how to override a security system. You're talking mainly about video surveillance and logins/logouts.

In a building, everything is probably on a network. Every device has an identifier. A camera sends video to the security center over the network. If you convince the network that some input you provide comes from that device, it will take the data and treat it as genuine. An investigator will not be able to tell the difference between bogus data and real data.

One way to do that is to record several days' worth of data from the network, once you've got access to it. Put together an hour or two of bogus data (during most of which nothing happens). When the villain wants to get in, he starts the bogus feeds. Anything reported by the real devices will be ignored. Unless a security guard is standing underneath a camera and notes the time, he can't dispute the evidence that the security system provides.

It's more complicated than that, of course, but that's the basic idea.

 

[Drachen Jager]

Get your hands on a book called The Cuckoo's Egg, in it a Stanford faculty member relates his experiences of being hacked and going through the process of catching the guy after finding out he's been into multiple military and other secret government networks. It's an entertaining read. The guy who wrote it spent years working as a consultant for the CIA, NSA and other organizations on tightening their security. It's also a very entertaining story in its own right.

The technical data is all old, but the basics remain the same.

 

[Robert Gonko]

Thanks, everyone. This really helps!

 

[kellycoinguy]

Hi, I'm also a computer expert... but not the world's greatest hacking expert... so take this with a grain of salt, i.e. it is credible to a seasoned programmer, but perhaps not to a seasoned hacker.

Depending on the sophistication of the hacker in question, one interesting way to break into a particular person's computer would be to send them an email with an attached virus that was designed specifically for them, and didn't spread. That way it would most likely not match a virus scanning software profile, and would get installed. The key is that the virus would install what is called a key logger, which sends their keystrokes to an anonymous server where the hacker can go see everything they have typed. That would of course include usernames and passwords.

You would have to have a pretty good hacker to build something new and unique that didn't match a virus scanner's database, and it couldn't be widely employed without creating such a database entry.

-Kelly

 

[Deleted member 42]

The average user will quite happily fill out an attached form, or follow a link to a Web page telling them that they need to log in because their account has been compromised.

The average user uses a password that is less than 8 characters long, and is a word in a dictionary.

The average user users the same password on multiple accounts.

No, I am not kidding.

 

[Cornelius Gault]

This is useful to me, as I have a hacker-type in my WIP. I added some drama by having the MC's friend go into the opponent's company in disguise as a janitor and sift through the trash cans of the entire company.

I work for the government and this method is a lot more common than you might imagine. We are not allowed to throw normal paper in the trash. We have a shredder that shreds classified papers into literal powder - impossible to put back together.

I have been thinking of having a "spy" using some social engineering to build a profile of the victim company to make it easier to infiltrate later by hacking (finding passwords, etc).

 

[Robert Gonko]

You guys are great! Thank you!

 

[Robert Gonko]

Another question on this general subject. Could a malicious, and brilliant, hacker be able to take down a large computer network? Like the one used by a police department? If so, how (in general terms only, please) could this be done?

 

[Deleted member 42]

Another question on this general subject. Could a malicious, and brilliant, hacker be able to take down a large computer network? Like the one used by a police department? If so, how (in general terms only, please) could this be done?

Yes; it's not even likely to be that difficult. Most hacks aren't the work of someone brilliant. We never hear about the brilliant ones because they go undetected.

 

[benbradley]

The greatest vulnerability are users; social engineering is generally part of any really great hack.

Not directly related to hacking, but in terms of "social engineering"... the Gardner Museum in Boston was robbed in 1990 by two men who came to the door, after hours, pressed the buzzer, and said "Police! Let us in!". The guards did, and the two men made off with over a dozen priceless works of art.

And I can't even count the number of times I've read about students who changed their grades by logging into the teacher's account using the password written on a post-it note and stuck to the computer monitor!

Of course, this all depends on how "criminal" your guy is. He could just call them, like Clee suggested, and demand a password. He could kidnap them and threaten to kill them if they don't give him the password. Or he could kidnap someone else (the IT guy's spouse/child/friend) and threaten to torture/kill them if he doesn't get the password.

Depending on the size of the company/security system, he could also dress up like an IT guy, pretend like he knows what he's doing, and just walk into the IT department. Then he could ask someone (maybe a lower-level employee?) something like, "Oh, shoot, I left my notebook at home. Can you tell me the password for xyz?" If he looks like he is supposed to be there, the other employees probably won't question him.

While Medeivalist confirms this stuff works way too often, these things look too easy to look realistic in a novel. I'd write some thing a little more complicated, like the custom-written key logger.

There was a recent thing on how the Onion's Twitter account was hacked (around the same time as AP's twitter account was hacked). I saw it in some article that said how great it was that the Onion was telling EXACTLY how it happened, and linked to the Onion's blog account of it. I was SO disappointed when I read the actual account - while there WAS multiple layers of the attack, every step of it came down to social engineering.

Dumpster diving for printouts with passwords is so 1970s...

The basic question, then, is how to override a security system. You're talking mainly about video surveillance and logins/logouts.

In a building, everything is probably on a network. Every device has an identifier. A camera sends video to the security center over the network. If you convince the network that some input you provide comes from that device, it will take the data and treat it as genuine. An investigator will not be able to tell the difference between bogus data and real data.

One way to do that is to record several days' worth of data from the network, once you've got access to it. Put together an hour or two of bogus data (during most of which nothing happens). When the villain wants to get in, he starts the bogus feeds. Anything reported by the real devices will be ignored. Unless a security guard is standing underneath a camera and notes the time, he can't dispute the evidence that the security system provides.

It's more complicated than that, of course, but that's the basic idea.

I recall this in a movie I saw about 40 years ago - the criminals had access to a part of the building where the video cables went between the guard station with the monitor and the secure place where the jewels and camera were. They tapped into the video cable in some back electrical room, put in a video recorder (they were expensive and had reels back then, but weren't that much of an investment for being part of a multi-million dollar heist) and recorded some regular activity. When they did the heist they cut the cable and played back the video recording through it, so the guard saw everything as normal activity on his monitor.

The average user will quite happily fill out an attached form, or follow a link to a Web page telling them that they need to log in because their account has been compromised.

The average user uses a password that is less than 8 characters long, and is a word in a dictionary.

The average user users the same password on multiple accounts.

No, I am not kidding.

Facepalm, even though I've known this since the late 1990s, and I've KNOWN people like that and tried to describe the dangers to them. This is how spammers stole AOL dialup accounts to spam from back then. For the true criminals, this also gave them passwords for more valuable online accounts.

Yes; it's not even likely to be that difficult. Most hacks aren't the work of someone brilliant. We never hear about the brilliant ones because they go undetected.

Even the not-so-brilliant ones often don't go public, as a private company won't want to let the public (specifically investors) to know they were hacked.

 

[Deleted member 42]

Another question on this general subject. Could a malicious, and brilliant, hacker be able to take down a large computer network? Like the one used by a police department? If so, how (in general terms only, please) could this be done?

Even a state police department doesn't have a large network; they don't need one. All they need is a single server with the CMS for reports etc.

They'll have login access to a number of state and federal databases. If you google this kind of thing, you'll find news. Try police server hacked.

 

[arkanis50]

Computer programmer here, although I couldn't tell you the first thing about hacking. I do know it is absolutely nothing like what is portrayed on television or the movies. I tend to get the impression a lot of wannabe hackers are simply kids who download some hacking tools on the web and follow tutes.

As an aside, you'd be surprised how many people leave their password on a PostIt note right on their computer monitor.