Cyber attacks have a whole social engineering where platforms such as Uber or Twitter enable most of the tricks. There is no sophistication of hackers; on the contrary, they take advantage of social networks. Today’s network engineering allows hacking without extensive knowledge of the software world. One of the most recent high-profile cases involved the deception of an employee of a company in the sector. In this way, he got the keys to the company and once there, it mattered little how elegant the 2FA system is if the SMS codes are delivered haphazardly.
The positive aspect of all this is the possibility of defending ourselves personally, as well as the company from this type of attacks. Of course, it is essential to cut through the paranoia that can be caused by thinking that we can be breached at any time. Sites such as Twitter, Uber or Twilio, the latter being a communications platform with cloud services, have allowed cyber attacks to become commonplace. It is increasingly common for social networks to have to come out and explain what has happened.
How do they defend social engineering?
A few days ago, Uber had to explain and answer some questions about a cybersecurity incident. Less than 24 hours after the event, it became clear that we were dealing with a data breach that exposed corporate firms. The hacker was apparently 18 years old. The leak was reported by The New York Times, which stated that the access was linked to a “social” modification to an employee of the firm. This situation would have given the hacker the necessary access to commit the computer “crime”.
The Motherboard portal had access to the “hacker” and he had confirmed that he was looking for personal data, but finally decided on corporate information. Following the announcement of the infringement, more information about the case was revealed on Twitter. All indications are that the hacker had been talking to cybersecurity experts. From there, information was shared on how the irruption went in the accounts.
Piracy as part of simple engineering
The person who was responsible for the login to “steal” information confirmed that he had stolen the password from a company employee. Subsequently, once with the access data, the hacker activated Uber to send multi-factor push notifications to the employee. Through this intermediary, i.e., pop-up windows that open on an employee’s device, the login attempt is either approved or rejected.
Although the employee did not authorize the login, the hacker contacted him via WhatsApp messenger. There he posed as an Uber IT worker and that it was necessary for him to grant access. After an hour, the employee agreed, as confirmed by a screenshot of a conversation between the cybersecurity expert and the hacker.