Web Sites to Find if You’re a Target

Tuesday, July 12, 2011 @ 03:07 PM gHale

One security professional after another will tell you, if an attacker wants to get into your system, nothing will stop him. You can make it difficult, but rest assured they will get in.

One way to make the attacker’s life difficult and to keep your company aware it may be a victim of a targeted attack would be to look on the web. At least that is what security expert Lenny Zeltser said.

Siemens PLC Security Alert
Paranoia Means Better Security
Protecting Against Zero Day Attacks

Information could be on sites like Pastebin.com, LodgeIT, Pastie.org and other sites, Zeltser said.

With the mindset of if you can’t beat them join them, Zeltser said companies interested in getting intelligence on attempts to hack their network should start paying visits to public file sharing sites like Pastebin.com, which has become the dumping ground of choice for ideologically motivated hackers like Anonymous and Lulzsec.

“Keeping an eye on these websites can help identify a breach related to you organization…They can also help during the reconnaissance phase of a penetration testing project, allowing the assessor to collect sensitive information about the target for follow-up attacks,” Zeltser wrote on his blog.

What kinds of information should you look for? Zeltser said in addition to stolen credit card numbers and personally identifiable information (PII), file sharing sites can also hold snippets of stolen source code, configuration details of network devices as well as information on employees that could be a weapon in social engineering attacks.

Staff or external penetration testers would do well to make the sites part of their standard investigation routine, Zeltser said.

Pastebin.com is one of the largest file sharing sites and originally came about as a resource for developers to share code and collaborate on projects. It’s become much more: a virtual abandoned lot in which hackers deposit proof of their exploits, including stolen email, user names and passwords and even source code. Lulzsec has famously used the site to post information that embarrasses those they target and was also the venue of choice for those responsible for the hack of certificate authority Comodo.

However, Pastebin is just one file sharing site. Different sites house different kinds of illicit data. Pastebay is one site used by the group Anonymous and contains reams of IRC chats and personal information dumps.

Leave a Reply

You must be logged in to post a comment.