.

New Member - Looking for Information

<<

Emerson12

Post Wed Feb 25, 2009 10:08 pm

New Member - Looking for Information

Hi …

I’m looking for research info for the purposes of a fictional novel and not sure if I’ve ended up in the right place. If not, I’m hoping someone could point me in the right direction.


I’m told that any system can be hacked into so based on that premise here is my scenario.
Someone is hacking into an Alarm company system after they have installed alarm systems in  homes or business then drops in a virus that tells the system if there is an emergency (fire, break in etc.) not to respond. After the system malfunctions same person drops in another virus to delete the first virus so there are no record of the malfunction.

Therefore, the system looks/appears to be fine and everyone at the alarm company scrambling trying to find the hacker.

Question:
1) Is this scenario possible?
2) If so, can someone give me a general idea of how it can be done?
3) What kind of educational background would someone need to do this?
4) How would they catch the hacker?

Thanks....
<<

jason

User avatar

Hero Member
Hero Member

Posts: 1013

Joined: Sat Jun 21, 2008 6:23 pm

Location: USA

Post Wed Feb 25, 2009 11:19 pm

Re: New Member - Looking for Information

1) Potentially, but it would be difficult without inside knowledge of the monitoring software used by the alarm company.

2) This would likely involve some sort of custom malware to subvert the monitoring software, as well a policing up any logs that the software kept. No need for multiple items of malware, the original should be able to delete itself if needed.

3) Programming to write the malware, likely some admin experience with the systems in question. Possibly some hacking or pen testing (maybe social engineering) experience to get things in place cleanly.

4) Some sort of flaw in the malware that caused it to misbehave and call attention to itself, and/or some sort of unintentional residual information left behind in the system.
<<

timmedin

User avatar

Sr. Member
Sr. Member

Posts: 469

Joined: Thu Feb 05, 2009 11:18 pm

Post Wed Feb 25, 2009 11:48 pm

Re: New Member - Looking for Information

1,2) He would either need to have inside knowledge or have a copy of the software. He could hack in and get the source code for the software. Might make your bad guy a little more ominous.

3) There are a lot of smart IT people that don't have a college background so this could vary quite wildly.

4) If he published the source code (see milw0rm.com) it could be traced back due to his mistake in not using a proxy and hiding his IP address. Could also be traced handle/tag/nick (whatever you call it) if he got cocky and used that name.
twitter.com/timmedin | http://blog.securitywhole.com
<<

Emerson12

Post Fri Feb 27, 2009 5:42 pm

Re: New Member - Looking for Information

Thank you both for the info. It was helpful. It gave me a starting point to my research.
<<

jason

User avatar

Hero Member
Hero Member

Posts: 1013

Joined: Sat Jun 21, 2008 6:23 pm

Location: USA

Post Sat Feb 28, 2009 10:20 pm

Re: New Member - Looking for Information

Np, let us know how it goes.
<<

Jhaddix

User avatar

Sr. Member
Sr. Member

Posts: 317

Joined: Wed Oct 29, 2008 10:25 pm

Post Sat Feb 28, 2009 11:31 pm

Re: New Member - Looking for Information

Emerson12 wrote:Hi …

I’m looking for research info for the purposes of a fictional novel and not sure if I’ve ended up in the right place. If not, I’m hoping someone could point me in the right direction.


I’m told that any system can be hacked into so based on that premise here is my scenario.
Someone is hacking into an Alarm company system after they have installed alarm systems in  homes or business then drops in a virus that tells the system if there is an emergency (fire, break in etc.) not to respond. After the system malfunctions same person drops in another virus to delete the first virus so there are no record of the malfunction.

Therefore, the system looks/appears to be fine and everyone at the alarm company scrambling trying to find the hacker.

Question:
1) Is this scenario possible?
2) If so, can someone give me a general idea of how it can be done?
3) What kind of educational background would someone need to do this?
4) How would they catch the hacker?

Thanks....



This also depends on the communication channel the alarm software uses. Every alert system uses different means to contact the company, varying from an private telephone line, to a private network connection.

Most of the time, these alarms are set to go off if the software or settings are changed, or if the communications line is cut.

I would man in the middle the connection, by reverse engineering the software and finding where it dials to, then putting an inline device changing the alarm responses as they go across the wire...

This would take a good few months to engineer though :/
<<

jason

User avatar

Hero Member
Hero Member

Posts: 1013

Joined: Sat Jun 21, 2008 6:23 pm

Location: USA

Post Sat Feb 28, 2009 11:37 pm

Re: New Member - Looking for Information

Hrmm it sounded to me like he was talking about putting false info into the monitoring end of the  system. I imagine that there are several ways that this be approached though...
<<

Jhaddix

User avatar

Sr. Member
Sr. Member

Posts: 317

Joined: Wed Oct 29, 2008 10:25 pm

Post Sat Feb 28, 2009 11:45 pm

Re: New Member - Looking for Information

jason wrote:Hrmm it sounded to me like he was talking about putting false info into the monitoring end of the  system. I imagine that there are several ways that this be approached though...


In a fictional sense, the attackers want to disable security for what reason? To rob some banks? houses? corporations?

Which is easier for them?

Crack the perimeter of what is most likely a hardened computer network, to mess with their servers, software, risk being caught, logged, etc?

Do the above without any direct attacks against the company network, but must have access to the physical locations they are attacking?

It all depends on the context =)
<<

jason

User avatar

Hero Member
Hero Member

Posts: 1013

Joined: Sat Jun 21, 2008 6:23 pm

Location: USA

Post Sat Feb 28, 2009 11:49 pm

Re: New Member - Looking for Information

Yup, it would depend on the ultimate goal. If you were doing it to compromise the security of a few or a single location, it would make more sense to tweak things at the site(s). If you were going to do this over many sites in order to do something like discredit the monitoring company, it would make more sense to go after the servers.

Return to News Items and General Discussion About EH-Net

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software