Social Driven Vulnerability Assessment (SDVA) against phishing

DAP/20-07

Finished

Defence Funded Research

March 2020 March 2024

49 months

Zacharia Mansouri

The predominant approach for performing an “Advanced Persistent Threat” (APT)-type attack against high-profile target organizations is through attacking an innocent internal user, that is used as a pivot point for getting a foothold inside the target network, and then performing lateral movement towards other internal resources that can provide a persistent access or are of higher value to the attacker.

Organizations with a certain cyber-security maturity level nowadays have awareness trainings as a standard part of their cyber-security management approach. As a result the internal computer users will typically have at least a minimal cyber-awareness level and will not fall for the most obvious phishing traps.

That is why attackers are moving towards evermore sophisticated spear-pishing attacks that use specifically crafted emails, as well as to modern social media channels such as Instagram direct messages, etc. We therefore need to constantly improve the cybersecurity knowledge, skills and aptitudes of our internal users so they resist to these attacks and continue to be a part of the solution rather than becoming a part of the problem.

As a contribution to this constant scaling up of the cyber awareness level of our internal users, we will develop in this project a “Social Driven Vulnerability Assessment” (SDVA) toolkit, that will allow us to evaluate to what extent our corporate users are vulnerable to targeted spear-phishing attacks, and will allow them to improve their defensive posture by receiving informative feed-back when they happened to be tricked by a specific phishing test.

Publications

A brief overview of passkey

Teaching Phishing

You may have come across terms like “passkeys” or the intriguing idea of going “passwordless.” These concepts might sound confusing, especially since we’re all so used to securing everything with passwords—and constantly reminded of the importance of having strong ones. So, how could a world without passwords possibly be secure? In this blog post, we’ll explore this new method of authentication and break down how it works in a simple, easy-to-und...

Read
Sending SMS with a USB GSM modem (and Python)

SMS Phishing Python Cyber-Wise

Despite its occasional unreliability as seen here and there, SMS remains a common communication method. Before diving into Python, understanding AT commands is a good start for interfacing with a USB GSM modem. This concise guide lays out the steps to integrate SMS functionality into your projects, enabling you to utilize the power of SMS communication with ease.

Read
Are SMS messages vulnerable in 5G ?

SS7 Phishing

This blog discusses the security of SMS in the context of 5G. In a preceding blog (https://cylab.be/blog/171/sms-based-2-factor-authentication-is-insecure), we already addressed the issue of SMS interception in 2G/3G networks and its potential consequences for 2-Factor Authentication. Here, we analyze the situation within the 5G ecosystem.

Read