GoogleGoogle Hacking Hacking MakingMakingMaking Competitive Competitive Competitive IntelligenceIntelligenceIntelligence Work Work Work for for for You You You
Tom Bowers President Philadelphia InfraGard Copyright 2008 Security Constructs, LLC All rights Reserved Managing Director, Security Constructs, LLC CompetitiveCompetitive Intelligence Intelligence 1.1. WhatWhat is is it? it? 2.2. HowHow is is it it done? done? 3.3. IsIs it it legal? legal? 4.4. HowHow do do we we prevent prevent it? it?
Copyright 2008 Security Constructs, LLC All rights Reserved AskingAsking QuestionsQuestions BasicsBasics “Godiva Chocolatier Inc” –– WhoWho – What business is it in? –– WhatWhat – How big is it? –– WhenWhen – Where are they located? – Why – Why – Is it publicly traded? –– WhereWhere – What are the annual –– HowHow sales and growth? – Pending legal issues? – Who are the decision makers?
Copyright 2008 Security Constructs, LLC All rights Reserved RefiningRefining thethe SearchSearch 1.1. UseUse ““intitleintitle”” versusversus ““inurlinurl”” (looking(looking for for dirt)dirt) 2.2. ScourScour news news sites sites and and newsgroups newsgroups 3.3. CheckCheck financial financial filings filings 4.4. CheckCheck security security analyst analyst reports reports 5.5. UseUse Google Google Groups Groups and and Blogs Blogs
Copyright 2008 Security Constructs, LLC All rights Reserved GoogleGoogle Tools Tools
Google Answers (retired) answers.google.com Google Scholar scholar.google.com Google Earth earth.google.com Google Patent Search www.google.com/patents Google Blog Search blogsearch.google.com Google Alerts www.google.com/alerts Google Maps maps.google.com
Copyright 2008 Security Constructs, LLC All rights Reserved GoogleGoogle Options Options
Copyright 2008 Security Constructs, LLC All rights Reserved GoogleGoogle Maps Maps
Copyright 2008 Security Constructs, LLC All rights Reserved GoogleGoogle Maps Maps –– SatelliteSatellite
Copyright 2008 Security Constructs, LLC All rights Reserved GoogleGoogle Maps Maps –– SatelliteSatellite
Copyright 2008 Security Constructs, LLC All rights Reserved GoogleGoogle Earth Earth –– 3D3D Satellite Satellite
3 Levels: Free Plus - $20 Pro - $400
Copyright 2008 Security Constructs, LLC All rights Reserved GoogleGoogle Maps Maps -- IntelIntel
1.1. AutoAuto traffic traffic 1.1. ManufacturingManufacturing schedules schedules 2.2. ProductionProduction cycles cycles 2.2. ParkingParking lot lot analysis analysis –– personnelpersonnel 1.1. ExecutivesExecutives –– dedicateddedicated parking parking 2.2. DepartmentDepartment Heads Heads –– earlyearly arrivals arrivals 3.3. SecuritySecurity arrangements arrangements 4.4. PlantPlant expansion expansion
Copyright 2008 Security Constructs, LLC All rights Reserved LookingLooking Inside Inside
View Operationally: Type of Equipment OS used / vulnerabilities Personnel traffic Business Operations
Copyright 2008 Security Constructs, LLC All rights Reserved GoogleGoogle Alerts Alerts Constant Information Leakage Monitoring (counter-intelligence)
Note that some search terms are “explicit” and others are not.
Copyright 2008 Security Constructs, LLC All rights Reserved AdditionalAdditional Google Google Related Related Tools Tools
•Open Directory Project dmoz.org •ResearchBuzz www.researchbuzz.org •TouchGraph GoogleBrowser www.touchgraph.com/TGGoogleBrowser.html
Copyright 2008 Security Constructs, LLC All rights Reserved OpenOpen Directory Directory Project Project
Copyright 2008 Security Constructs, LLC All rights Reserved ResearchBuzzResearchBuzz
Copyright 2008 Security Constructs, LLC All rights Reserved TouchGraphTouchGraph
Copyright 2008 Security Constructs, LLC All rights Reserved DocumentDocument Grinding Grinding Username password email Filetype:xls
Notice that this is a spreadsheet With the search terms highlighted
Copyright 2008 Security Constructs, LLC All rights Reserved MetadataMetadata analysis analysis Using Metadata Assistant
Author Creation dates…
Hidden Hyperlinks Additional points of data leakage
Copyright 2008 Security Constructs, LLC All rights Reserved CounterCounter Competitive Competitive IntelligenceIntelligence
1. Conduct CI on yourself – your competitors are 1. Build a competitive profile 2. Who are the movers and shakers 3. Lines of business……. 2. What type of information is leaking and from where? 3. Can a business process be modified? 4. Active disinformation? (running equipment at odd times…) 5. Will a new policy help? (business or security) 6. Can I leverage existing security technologies? 7. Are there new technologies?
Copyright 2008 Security Constructs, LLC All rights Reserved CaseCase Study Study
1. Los Alamos and Oak Ridge Spear Phishing attack 1. Visitor database only 2. 12 different attackers, 7 emails to 1000's of employees 3. Which scientist visited, how often and what is their expertise. 4. Allows us to build a competitive profile of the type of research being done at these facilities and by extension what type of research these facilities are capable of. 2. What about your business? 1. Whaling Attack – phishing your executives 2. Specific companies 3. Specific groups within a company 1. Who are the movers and shakers 2. Email addressing schema (look and feel) 3. Who do these people normally talk to 4. Detailed contact information 5. Similar to Executive Recruiters today Copyright 2008 Security Constructs, LLC All rights Reserved WhatWhat Can Can I I Learn? Learn?
Copyright 2008 Security Constructs, LLC All rights Reserved InterpretationInterpretation
Copyright 2008 Security Constructs, LLC All rights Reserved FlexibleFlexible Protection Protection ArchitectureArchitecture 1.1. PoliciesPolicies 2.2. ProceduresProcedures 3.3. ContractsContracts 4.4. VendorVendor selection selection 5.5. AuditingAuditing 6.6. ActiveActive Protections Protections 7.7. PassivePassive Protections Protections
Copyright 2008 Security Constructs, LLC All rights Reserved Johnny.ihackstuff.comJohnny.ihackstuff.com
GoogleGoogle Hacking Hacking for for Penetration Penetration Testers Testers JohnnyJohnny Long Long
Building Research Tools with Google for Dummies Harold Davis
Copyright 2008 Security Constructs, LLC All rights Reserved ConclusionsConclusions
•If its on Google its probably public information •Google has many tools built in •Many tools are built on Google APIs •Always start with "the question.” Then refine, research, refine... •Don't forget the documents themselves •Build a profile, use it to improve your security
Copyright 2008 Security Constructs, LLC All rights Reserved Questions?Questions?
Copyright 2008 Security Constructs, LLC All rights Reserved