It's the human threat, stupid

Eric O'Neill, the former FBI operative who played a crucial role in the arrest and conviction of FBI agent Robert Hanssen for spying against the U.S. for the former Soviet Union and Russia, says security can't rely on tech alone.

. What's this?

By George V. Hulme

May 17, 2011CSO

Anyone who has worked to defend enterprise secrets from theft knows that the answer to success certainly doesn't come from technology alone.

Few know this better than Eric O'Neill. O'Neill is the former FBI operative who worked as an investigative specialist and played a crucial role in the arrest and conviction of FBI agent Robert Hanssen for spying against the U.S. for the former Soviet Union and Russia. The 2007 movie "Breach" was based on O'Neill's experience investigating Hanssen.

"The human element is usually the weakest link," O'Neill said yesterday at the 2011 Computer Enterprise and Investigations Conference (CEIC) 2011.

That's not to say IT security isn't important. It is. In fact, the forensic analysis of a Palm Pilot played a crucial role in the apprehension of Hanssen, as it detailed the location and time of his next drop to the Russians. And the explosion of electronic devices has become crucial to fighting both the spying of nations and of corporate espionage. "Spies previously had to first photocopy or photograph the material they wanted, then make arrangements for drops and payments," O'Neill said. "Today they just capture it on their phone and email it to anywhere in the world."

It's also probably no surprise that an attacker today is likely to start their attack with their web browser. "When you think of hackers, the hackers will spend some time social engineering their targets rather than spend hours of hacking," he said. "If I were to try to steal from you, I would examine your personnel, and today I'd start on Twitter, Facebook, and look at as many people involved with you that I can find," O'Neill said. "I would look for people who talked about how they hated their boss. I'd find out where they like to hang out and I'd go see what they had to say," he said.

Some of the other things an attacker is likely to do to start, O'Neill said, is to comb through public Web sites, file Freedom of Information Act (FOIA) requests, eavesdrop on employees at airline terminals. "Be carful when traveling abroad, don't leave your laptop in hotel room," he said. "Dumpster diving is also one of the easiest ways to find out about someone."

Also, don't underestimate the depths an adversary might go to grab the information they seek. He told one story of an organization setting up a fake charity and requesting older computers be donated from the target company. "The company donated the computers to what they thought was a charity, and the drives had plenty of information on them," he said. "Front companies are a common technique," he said.

What is Tech Briefcase?
TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more
Bookmark content
Speed up your research efforts with content across the web.
Search and Store
Find the white papers you need. Create folders for any topic.
View Anywhere
Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.
Don't have an account yet?
RESOURCE CENTER