Anybody else get a feeling it was Volexity that did all this research? Interesting story none the less
> Volexity now determined the attacker was connecting to the network via wireless credentials they had brute-forced from an Internet-facing service. However, it was not clear where the attacker was physically that allowed them to connect to the Enterprise Wi-Fi to begin with. Further analysis of data available from Organization A’s wireless controller showed which specific wireless access points the attacker was connecting to and overlayed them on a map that had a layout of the building and specific floors.
This is the kind of hackery I'd enjoy seeing in a blockbuster movie.
So, as I understand it, you 0wn a machine in one organization, then use it to tunnel over to Wi-Fi in the building next door, 0wn another machine there, rinse and repeat until you've created the world's least consensual mesh network?
They are exploiting that Wifi didn't have 2fa, because they couldn't overcome 2fa. A company accross the street had a machine that both was accessible by ethernet and wifi and they used that as a bridge.
Conclusions:
1. Anything that doesn't have 2fa is leaking like a sieve.
2. The targeted company needs to implement 2fa for their Wifi as well.
Not mentioned, but I assume that their 2fa is using specialised hardware gadgets like Yubikey and not texts or totp, because else they could target the cell phones, and like everything else they are leaking, or they are attacking the cell phone base stations.
Final conclusion:
A network is as strong as the weakest link. In that case Wifi was not protected by strong 2fa and could be used to breach.
> A network is as strong as the weakest link.
Depends on how you look at it. We have end-to-end security with things like https, so we don't need to worry about the links in the middle.
> Final conclusion: A network is as strong as the weakest link.
Final conclusion: Do not trust a device just because it happens to be on your local network.
why do you type 0wn (zero) instead of own?
Putting the "hacker" back in Hacker News, I guess
i believe it’s pronounced H4x0r
From thousands of kilometers away, to make attribution/legal issues even more complex.
What’s wrong with the tried-and-tested technique of flying a guy or girl over there to drop a small gadget in WiFi proximity?
Anybody else get a feeling it was Volexity that did all this research? Interesting story none the less
> Volexity now determined the attacker was connecting to the network via wireless credentials they had brute-forced from an Internet-facing service. However, it was not clear where the attacker was physically that allowed them to connect to the Enterprise Wi-Fi to begin with. Further analysis of data available from Organization A’s wireless controller showed which specific wireless access points the attacker was connecting to and overlayed them on a map that had a layout of the building and specific floors.
This is the kind of hackery I'd enjoy seeing in a blockbuster movie.
So, as I understand it, you 0wn a machine in one organization, then use it to tunnel over to Wi-Fi in the building next door, 0wn another machine there, rinse and repeat until you've created the world's least consensual mesh network?
They are exploiting that Wifi didn't have 2fa, because they couldn't overcome 2fa. A company accross the street had a machine that both was accessible by ethernet and wifi and they used that as a bridge.
Conclusions:
1. Anything that doesn't have 2fa is leaking like a sieve.
2. The targeted company needs to implement 2fa for their Wifi as well.
Not mentioned, but I assume that their 2fa is using specialised hardware gadgets like Yubikey and not texts or totp, because else they could target the cell phones, and like everything else they are leaking, or they are attacking the cell phone base stations.
Final conclusion:
A network is as strong as the weakest link. In that case Wifi was not protected by strong 2fa and could be used to breach.
> A network is as strong as the weakest link.
Depends on how you look at it. We have end-to-end security with things like https, so we don't need to worry about the links in the middle.
> Final conclusion: A network is as strong as the weakest link.
Final conclusion: Do not trust a device just because it happens to be on your local network.
why do you type 0wn (zero) instead of own?
Putting the "hacker" back in Hacker News, I guess
i believe it’s pronounced H4x0r
From thousands of kilometers away, to make attribution/legal issues even more complex.
What’s wrong with the tried-and-tested technique of flying a guy or girl over there to drop a small gadget in WiFi proximity?