How is a physical access attack conducted? You'd see one happen -- right?
"An attacker could walk into an organization, plug a flash drive with an advanced strain of ransomware into a computer and then walk around pretending to be a phone repairman or someone working with pest control," said Bryson Payne, author of Go H*ck Yourself.
Such attacks are not always as easy to detect as one might think -- nor as easy to defend against. Organizations need to converge cybersecurity and physical security to fully protect their assets. But, before trying to improve the relationship between the two, it's important to understand how weak physical security affects cybersecurity and puts an organization's sensitive data at risk.
Physical security, as the name suggests, is the protection of networks, systems or data from physical actions or events. The threat of physical cybersecurity attacks has increased with remote and hybrid work models that have employees working outside the office and on noncompany-sanctioned devices and networks.
"An employee could be working on their laptop in a coffee shop, and a threat actor could be listening for unencrypted traffic on the free Wi-Fi," said Payne, a professor and founding director of the Center for Cyber Operations Education (now the Institute for Cyber Operations) at the University of North Georgia. "The employee could get up to order another coffee, and the hacker could sit down at the employee's computer and, in five seconds, gain access to saved passwords on the device's browser."
To better help readers understand the dangers of physical cybersecurity attacks, Payne teaches readers how to hack their own devices in his book. These ethical hacker techniques give readers greater insight into cybersecurity and enable them to better protect themselves from threat actors.
In this excerpt from Chapter 2, "Physical Access Hacks," Payne explains how to conduct a Sticky Keys hack. This walkthrough demonstrates a hack that involves both cybersecurity and physical security vulnerabilities.
Click here to read the full chapter and learn about the Mac root hack. Also, read a Q&A with author Bryson Payne to learn more about ethical hacking, including the benefits and what to look for when hiring an ethical hacker.
Physical access hacks may sound scary because they can be used maliciously by attackers on stolen or unattended computers. However, they also have constructive applications. Ethical hackers at home and at IT help desks use techniques like the Sticky Keys hack or the Mac root hack to recover files that would otherwise be lost due to a forgotten password. If you have an old computer in the garage or attic with family photos or other important documents that you can't access because no one remembers the computer's password, these hacks can help.
Warning: Do not perform either of these hacks on your main computer, because they could leave your machine vulnerable to attack. You can usually find an old desktop or laptop if you ask around. Get creative, but stay ethical; be sure to get the owner's permission before trying out these hacks on someone else's computer. If you can't find an extra Windows or Mac computer to practice on, you can still read this chapter to understand the dangers of physical access attacks.
Sticky Keys is a Windows feature that makes it easier to issue certain keyboard commands, like CTRL-C to copy or CTRL-V to paste, by allowing you to press the keys one after another instead of all at once. Sticky Keys is triggered by pressing SHIFT five times and can even be turned on from the Windows login screen, before a username or password has been entered.
For this hack, we'll replace the Sticky Keys program file with another file, cmd.exe. That way, instead of launching the usual Sticky Keys assistant, pressing SHIFT five times will launch a command prompt. This is a text-based program that lets us enter commands directly into Windows. By launching a command prompt at the login screen (see Figure 2-1), you'll be able to add a new username and password, give yourself administrator-level access to the computer, and access the computer's files, all without knowing the login information on that computer!
Since Windows 10 computers that have been updated in 2019 or later are safe from the Sticky Keys hack, you'll need an older Windows computer to try out the hack for yourself. You'll also need a Windows 10 installation disc or USB drive. To create one, follow the instructions in Appendix A.
To replace the Sticky Keys program with the command prompt program, we need to access the hard drive that contains those program files using a Windows 10 installation disc or USB drive. Once you've created an installation disc, as described in Appendix A, insert the disc and then restart the computer.
We need to tell the computer to load the operating system (OS) from the disc or USB drive instead of from the computer's hard drive. To do this, we'll access either the boot menu or the Basic Input/Output System (BIOS), which contains basic settings that control your computer when it starts up. Different PC manufacturers and different versions of Windows cause the instructions to vary a bit, but the following steps combined with a little web searching will get you into most older Windows computers:
Warning: Make sure you don't install Windows 10 -- that would wipe out all the files from the PC you're trying to recover!
Now to replace the sethc.exe Sticky Keys program with the cmd.exe command prompt program. Then we'll be able to create a new administrator account on the computer.
In addition to creating a new user account, you can also reset the password of an existing user from the command prompt window by entering net user followed by the existing username and the new password you want to set -- for example, net user bryson Thisisyournewpassword!. However, you should never reset another person's password without their permission and the permission of the computer's owner.
Congratulations! You now have access to the machine as an administrator. Go ahead and log in. Enter .\ironman as the username (or select ironman from the list of accounts, as shown in Figure 2-5). The dot and backslash before ironman tell Windows the account is local to the computer and not stored on a network server. After entering the username, enter the password, Jarvis .
Since we made the ironman user a member of the local administrators group, you should have administrator-level access to all files and folders, including all users and documents in C:\Users\, as shown in Figure 2-6.
When you click into another user's folder for the first time, you'll see a pop-up message saying you need permission to open another user's files, as shown in Figure 2-7. Since you're an administrator, click Continue to grant yourself permanent access!
The Sticky Keys hack works only on Windows machines. However, computers running macOS are vulnerable to physical access hacks as well.
About the author Bryson Payne is an award-winning cyber coach, author, TEDx speaker and founding director of the Center for Cyber Operations Education (now the Institute for Cyber Operations) at the University of North Georgia (UNG.) He is a tenured professor of computer science at UNG, where he has taught aspiring coders and cyber professionals. In 2017, he received the University System of Georgia Chancellor's Service Excellence Leader of the Year Award. He has also been awarded the Department of the Army Commander's Award for Public Service medal from U.S. Army Cadet Command and the Order of Thor medal from the Military Cyber Professionals Association. Payne holds a Ph.D. in computer science from Georgia State University. He is also the author of Teach Your Kids to Code and Learn Java the Easy Way, published by No Starch Press.
Distributed IT environments increasingly require automated networks, and AIOps can provide the answer for network operations ...
Vendors are offering private 5G in a box -- a condensed and streamlined form of standalone 5G -- to simplify the complexity of ...
With help from AI and machine learning, Wi-Fi sensing detects movement in the Wi-Fi environment. While it sounds promising, the ...
Digitization and digital transformation sound similar, but they couldn't be more different in what they demand from CIOs, ...
Communities of practice, agile methods, cross-functional teams and platform strategies rank among the methods IT leaders use to ...
Companies preparing to send employees to tech conferences should have a COVID-19 safety plan and prepare for the possibility that...
While the four most common browsers -- Chrome, Edge, Firefox and Safari -- have largely the same feature sets, there are subtle ...
Many user tasks rely on the browser used, but not all browsers are well suited to these tasks. Learn the strengths and weaknesses...
While there are plenty of similarities across web browsers, the processes that they consume RAM with can greatly differ. This may...
Microsoft's Azure Advisor service offers recommendations based on five categories. Learn these categories and the roles they play...
Microsoft Azure revenue extended its rocket rise in the latest quarter -- but a variety of industry and geopolitical issues put a...
Logs can reveal important information about your systems, such as patterns and errors. Learn how to search logs with CloudWatch ...
The Digital Shadows Photon Research Team has been investigating a pro-Ukraine cyber criminal forum called Dumps, which appears to...
The government has launched a review to look at the problem of discrimination in medical devices and decision-making software
UK’s third largest infrastructure provider continues with its cross-UK gigabit fibre rollout in Lancashire town to benefit ...
All Rights Reserved, Copyright 2000 - 2022, TechTarget Privacy Policy Cookie Preferences Do Not Sell My Personal Info