Advanced Industrial Espionage Attacks

Gianni Gnesa

Tue, 22nd January 2013


Speaker Bio 1:
Many reports out there that outline predicted security threats of 2013 all indicate that corporate and intellectual theft are on the rise. These attacks are becoming more sophisticated, but some are just plain simple - notably through social engineering.

In this Hacker Hotshot episode we talk to Gianni Gnesa, a security expert, on his research that outlines the methodology that was used in a real-life hack on a corporation. Gianni, BCS, MSCS, CEH, OSCP, OSEE, Network+, Linux+, is a security researcher and professional trainer at Ptrace Security, a Swiss-based company that offers specialized IT security services to customers worldwide. With almost seven years of experience in vulnerability research, exploit development, and penetration testing, Gianni is an expert in exposing the vulnerabilities of complex commercial products and modern network infrastructures. In his spare time, Gianni conducts independent security research on kernel exploitation and rootkit detection.

Questions and answers

Henry, Concise Courses:
Your thoughts towards beacons. Question is, do you think that companies should plant beacons of false information (rather like honeypots) and therefore backtrack and discover information relating to the location and methodology of the hackers? Or do you think that that is a bad idea because it can cause for further attacks from the hackers as revenge?

Gianni Gnesa:
That’s a difficult question. I am trying to be as objective as possible. I personally believe that a company should not attack anybody else. We should try to avoid that approach. I would encourage tools like honeypots which are very important. I think that every company should have a honeypot, at least one. It doesn’t cost too much and its an easy way to detect that something is abnormal.


Henry, Concise Courses:
What is the main thing a SME company can do to help protect against espionage? Would banning BYOD and social engineering training be the best protection?

Gianni Gnesa:
Well, social engineering would certainly training would be a good way to avoid a lot of attacks. For example in the [recent] Red October attack, the attackers were able to compromise companies systems and networks through phishing attacks. So I think that the offensive security is moving towards the client side exploits. In order to get a ‘click’ from a user, they need to be able to attack the user somehow so if you teach the user all the skills necessary to detect abnormal things then maybe that will minimize risks to being compromised.


Henry, Concise Courses:
Would you agree that social engineering is the biggest threat to today’s corporate world?

Gianni Gnesa:
Well I certainly agree that social engineering is certainly a big threat. The human factor is the weakest link in the chain. You will will always find someone who click on the [malicious] link or opens that pdf [exploit] and it is very hard for security engineers and network professionals to deal with that. You just have to train people to be aware of the risks in opening unknown pdf’s or clicking certain links from people that they don’t know.