Sometimes when you are deep in the forest looking at one branch of one tree, trying to reduce false negative rates for detecting a specific class of software vulnerability, it is useful to step back and look at the forest of what is going on in criminal hacking.

Today we were throwing some ideas around the office about hacking techniques we had seen reported. This got the discussion flowing towards extrapolating and using techniques in new areas. The following is a list of old and new.

Gaining network access

• Popping open the TNI box outside someone’s house and running a phone cable from the test plug at their house to another location to steal their phone line when it’s not in use.
• Cloning ESNs on analog cell phones to steal cell phone access (Oki 900)
• Getting a job somewhere just to explore and use the computer and phone system. (Local Phone Co Central Office, Data Entry jobs, janitor),
• Piggybacking behind someone with a badge
• Printing your own visitors badge (with Bold Unescorted label)
• Getting tours of facilities to learn more about their computers and phones
• RFID skimming to get into a facility
• Walking onto college campuses to use open labs
• Hooking up a wireless access point onto someone else’s network while inside their building, or paying someone else to do it
• Bouncing/proxying traffic through multiple countries and jurisdictions
• Free wireless hotspots!

Compromising Machines for Identity theft

• Parking lot wireless attacks (TJX)
• Access point spoofing, commonly in airports, conferences, or other public areas
• ATMs with hacked circuit boards that transmit track data over 802.11 or GSM
• Jump on IRC and pay someone to set up a phishing attack
• Using USB keys to load remote access and keystroke loggers on computers you have physical access to at retail stores, schools, doctor’s office, etc.

What old hacker tricks have you seen and how would you apply the old to the new?