Wallonia Cyber Resistant ? Part 109/03/2019

I recently attended a presentation of "The Global Risks Report 2019" published by Marsh & McLennan Companies in "Living Tomorrow" and a few weeks ago I read the report published by the "World Economic Forum".
 When reading these documents, it is impossible not to be concerned by the information they contain...

Cyber Attacks appear twice in the top five positions, so what can we do to defend ourselves in Wallonia?
We will see that Wallonia has a number of advantages, which do not get enough exposure,
but after a series of introductory articles.

As luck would have it...
While looking for a document for a student doing a thesis on drones and their "insurability", I found a document that was dated 2013 but fully up-to-date.

"LA GUERRE DES DRONES : ASPECTS STRATÉGIQUES ET JURIDIQUES DE LA « ROBOTIQUE SÉCURITAIRE »
(The drone war: strategic and legal aspects of "security robotics") - 90 pages dedicated to military drones, their uses, etc. ... it is easy to abridge with current events... Recently, Iran confirmed that it had diverted and landed a US drone on its territory

While these machines should be fully secure, what about civilian drones?
I addressed this issue in this very blog in May 2018.

And now it is 2019, so what has changed?
How is Europe preparing for these "cyber" threats, and what are the opportunities for Walloon businesses working or interested in this area?
How can Belgium integrate the new UAV legislation that must be "operational" by mid-2020 and promote Walloon skills?

The risks have been identified, so the question now is... "How do they do it: how can an on-board system be penetrated, what tools are used?”
During my studies (1980), the first Personal Computers appeared, such as the famous TRS-80 and the C128, which were presented to the CES in 1985.

The nostalgic among you should remember the languages used,
Basic, Fortran (invented in the 1950s), then COBOL and many others.
Languages such as Python and/or Ruby are now used in the "hacking" process, or more specifically and globally "taking control of an information system" (Web servers, emails, networks, etc.).

These languages allowed the creation of tools that (often) complement each other and interact.
(When tests were carried out with small, funny programmes such as the snake that ate the "victim's" screen, none of us, as students, could imagine the creation of tools such as Metasploit).
These "Frameworks" continued to evolve over time with the integration of emerging technologies such as WiFi and now GSM networks, 5G and the IoT!

Here is a quick overview of the tools that "we" are using (on the positive side of the Force) in 2019. 

You will notice that a lot of tools are developed for Linux platforms (Debian or Ubuntu) and that Windows is not really recognised as an "attacking machine"; quite the opposite.
However, there are tools that use Windows directly or via extensions written in JAVA.

"Exotic" OS (operating systems) are sometimes used under certain conditions, for example an OS that has a rosy future ahead and is intended for a very specific section of the public. QUBES OS
(If you are really interested in this use of the IT tool... Google is my friend (Although...) and there are lots of videos on the internet).

WiFi is just about everywhere now, but you would be amazed at the tools developed for this technology that are perhaps used to control drones and, soon, automated vehicles or connected objects.

So I suggest that we start this series of articles with the issue of WiFi and radio links in general.
WiFi is an incredible Phishing opportunity, based on human weakness (social engineering); it is one of the methods that gives a very high "satisfaction" rate.

Aircrack-ng: a suite of tools (the Reference) at the basis of a number of attacks on WiFi networks from 2.4 GHz to 5 GHz (WiFi standards).

In the same style is BOOPSUITE, but it is less well known than aircrack-ng.

The latest version of Wifite (V.2) is also based on the Aircrack-ng models
Wifite offers the "automation" of attacks on WiFi networks that are carried out in a Linux terminal via control cables.
Although it sometimes saves time during intrusions (or other activities), it would still be preferable to control the parameters in a terminal.
You can even have a demonstration...

We could also mention FLUXION (V.5), which has been around for several years, and the developments that have resulted in highly developed tools that are very popular for the pre-intrusion phases.

Did you like these last two? Then let's move on to AIRGEDDON...
Just the name in itself has an effect, doesn't it?
This too has a lot of automated attacks... it is easy to use and is very popular with script kiddies.

(Perhaps) less well known is INFERNAL-TWIN, which includes an impressive suite of applications.

BULLY is also an interesting intrusion solution. It uses an opportunity to utilise WPS as a loophole... either by means of software or through human stupidity.

Before moving on to the last but not the least... here are a few words about Kismet.
This is a highly developed tool that leads to another dimension, as it can be used with different SDR interfaces such as the famous "HackRfOne", which covers all electrical signals from 1 MHz to 6 Ghz!
I refer you to an (old) but very detailed article.

And to conclude, WiFi-Pumpkin, which I particularly like for its different plug-ins and additional modules.
But I will leave you to look for information and videos about it.
Why? I would like you to be aware of the power of these different tools originally developed for penetration or vulnerability tests, but whose primary use has now changed to turn it into software that could do a huge amount of damage in the wrong hands.
You will see that the FREE connections encouraged by Europe through calls for projects to the municipalities for "free" WiFi are a potential source of great concern. We anticipate small catastrophes if citizens do not have at least some training on the risks and how, with a bit of forethought, they can avoid being hacked.

These tools are also practically all available via Wifi-Arsenal.
Although some scripts are relatively "old", new ones such as Evil Portal have been around for 20 days as I write this. This means that IT monitoring will become particularly important and what is taken for granted today cannot be tomorrow.

Although there are counter-measures such as KRACK Detector, it is very difficult for the average Smartphone, laptop, etc. user to identify an "attack".
Frequent travellers and "sales people" must be the first to be informed about the security policy by management or HR, especially if they are involved in sensitive or very competitive commercial activities.

As an introduction to a future subject, please note that these solutions, these programmes developed particularly in Python, are associated with additional modules intended to crack your passwords.
They include REAVER, COWPATTY, etc. But that's another story... 

Vignette: 
Cyber résistance wallonne