In Depth

Hackers capture dynamic data to prepare for effective, stealthy attacks

FREE

Become An Insider

Sign up now and get free access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content from the best tech brands on the Internet: CIO, CITEworld, CSO, Computerworld, InfoWorld, ITworld and Network World. Learn more.

Awareness is the first step in defeating offensive forensic tricks and techniques; action is the second step.

“Offensive forensics is an attack technique hackers use to capture non-static data that can be useful in performing further attacks,” says Joe Sremack, Principal, Berkeley Research Group, LLC, a computer forensics and e-discovery firm.

In an offensive forensics procedure, the hacker captures non-static, in-memory data in order to acquire the passwords, encryption keys, or active network session data living there, which can aid them in gaining unrestrained access to precious data.

To illustrate, a simple example of an offensive forensics attack is one that captures the Windows clipboard, a place where less-than-savvy users often copy and paste their secure passwords. Hackers typically mount this type of attack through vulnerabilities in Flash.

“There are exploits that read through Flash plug-ins in browsers in combination with weak or misconfigured settings to read the full browser content, including in-memory passwords,” says Sremack.

Awareness is the first step in defeating offensive forensic tricks and techniques; action is the second step.

To continue reading, please begin the free registration process or sign in to your Insider account by entering your email address:
Join the discussion
Be the first to comment on this article. Our Commenting Policies