- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
Espionage - Utilizing Web 2.0, SSH Tunneling and a Trusted Insider
- Abstract
- This technical report was written to fulfill the requirements of the GIAC Certified Incident Handler (GCIH) certification. It will address recent trends in the Information Security field such as: exploiting client side vulnerabilities [SANS 2007], increased commercial espionage and lack of security policy and awareness. The report will describe how in the realm of Web 2.0, a business-oriented social networking site along with other aiding technology and human factors resulted in an espionage-type security incident, and how that incident was handled. The aiding technology factors are a web-browser plug-in vulnerability and a Secure Shell (SSH) tunnel, as in most espionage-cases a trusted insider is involved as the human factor. The story is realistic but fictitious, which will hopefully benefit the security community in preparing for similar commercial espionage incidents by taking into consideration the technology, process and people aspects.