3G keyloggers. Data egress is completely bypassing your network. (There are pwni... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		bashinator on Sept 16, 2014 \| parent \| context \| favorite \| on: Sysadmins see evidence that they have been hacked ... 3G keyloggers. Data egress is completely bypassing your network. (There are pwnie express boxes that include a 3G data link for bypassing target networks when sending results back.) I guess you could add physical scans for unauthorized radio transmitters to your security routine. Opsec is hard.

atmosx on Sept 17, 2014 [–]

Sure, but that's a physical attack: You need someone to install the 3G Keylogger to your machinery.

I was talking on a keyboard-only level, but even that can be largely mitigate with proper policies IMHO.

That said, an insider is an achilles heel for every security scheme out there (e.g. Snowden).

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact