{"id":307188,"date":"2018-12-18T09:55:12","date_gmt":"2018-12-18T09:55:12","guid":{"rendered":"http:\/\/tehelka.com\/?p=307188"},"modified":"2018-12-18T09:55:13","modified_gmt":"2018-12-18T09:55:13","slug":"new-playground-to-trap-soldiers-for-information","status":"publish","type":"post","link":"https:\/\/tehelka.com\/new-playground-to-trap-soldiers-for-information\/","title":{"rendered":"New playground to trap soldiers for information"},"content":{"rendered":"

\"\"<\/a>Slow down a bit. There\u2019s a trap somewhere along here. Using subterfuge to gain entry is not a new trick. It has been done before through various forms in the past. Now, the social media is the new playground for trapping old guys, especially army veterans who want to connect to their former colleagues through Facebook pages. The findings and the report is mind boggling. <\/span><\/p>\n

Using this trick is super easy in a country like India which has recently beaten countries like the US, UK and China in the race of gaining the top post on the chart of \u2018Internet Addiction\u2019. Now, 82 percent of Indian Internet users cannot live without the Internet as per the data collated by Statista, the survey was conducted by IPSOS. Old and young alike, people are connected now; in countries such as India, where the net-addiction rate is so high, old people could easily fall prey to the trap laid by the hackers hired by the enemy country. They are lured to the misinformation and junk news about military affairs. <\/span><\/p>\n

Last year, an Oxford study revealed this truth first: military veterans are ripe targets for such exploitation by enemy countries. Why they are targeted? According to the report, veterans are more likely than the average person to be community leaders and they participate in community culture more actively than average citizens; it is also true that their political opinions are momentous determiner on those around them.<\/span><\/p>\n

Sensing that, foreign powers, impersonating individuals and organisations, target the veterans and try to gain their trust. What the hackers are doing now is not a very advanced level of breach of trust or spoofing; the method is simple: gain the trust by impersonating organizations that veterans rely on. Bombarding them with misinformation, conspiracy theories, and other forms of junk news about military affairs and national security issues. Recently the same thing happened in the US where through Facebook and Twitter, a broad network of extremists has targeted the veterans the same way. Researchers have found the persistent interactions between current and former military personnel and the impersonators hired by the foreign enemy country. In Facebook, the researchers have experienced the same thing: there are pages dedicated to the military and veterans that have significant and persistent interactions with the subgroups dedicated to the political conspiracy theories. <\/span><\/p>\n

To the researchers\u2019 astonishment, it has been found that many subgroups spend quality time consuming the fake and junk news targeting the democracy and the veterans suddenly begin to suffer from such wrong, misinformation. It has also been found that the military and the veterans are among the most sophisticated news consumers and as they play the community roles effectively, it is easier to convince them with the misinformation.<\/span><\/p>\n

While targeting the veterans enemy hackers do some kind of reconnaissance using search engine giants such as Google. And that is also not a very difficult task, indeed. How do the hackers often use Google for reconnaissance? For information gathering anyone can use his simple technique which sometimes could bear lots of fruits. <\/span><\/p>\n

Though it seems trivial at first glance, hackers generally use search engines to collect huge information about the target veterans before launching any direct attack. Common people don\u2019t know and even don\u2019t have any faint idea of how a hacker uses this skill for gathering passive information about any target. Refining web searches can be made easy with the help of Google search. Hackers can use symbols or words in their searches to make the search results more precise. <\/span><\/p>\n

When someone uses these techniques, \u201cGoogle Search\u201d usually takes no notice of punctuation, which isn\u2019t part of a search operator so better one omits it in the very beginning. The hacker does not include spaces between the symbols or words and the search terms. In the course of time, if one writes \u201csite:xyz.com\u201d, then this will work. However, if any space is given between them like this \u2013 \u201csite: xyz.com\u201d then it will not work.<\/span><\/p>\n

There are many common search techniques through Google search that can be used to gather passive information to gather information about the target. Suppose the hacker wants to search the social media about a person or organization. In that case, one can place \u2018@\u2019 sign in front of a word to search social media. If you want to get information about a veteran like \u201cSanjib Sinha\u201d in social media then just writing @sanjibsinha will give tons of information.<\/span><\/p>\n

For social media, \u201chashtags\u201d are popular to find out your favorite words that are trending at present. In Google search, you may write the word like this: #word. <\/span><\/p>\n

Making the search more specific and pinpointed is a real challenge. To do that one may need to omit few words. There are lots of words that have similarity and it\u2019s impossible for Google algorithm to make a differentiation between them. Suppose you want to know the speed of a tiger. Now there might be a brand of car that has also been called \u2018tiger\u2019. In such cases, Google brings all the relevant measurement \u2013 the speed of the animal alongside the speed of the car. If you don\u2019t want the speed of car then you can place \u2018-\u2019 before the word \u2018car\u2019. So finally the search phrase will stand like this:
\n\u2018tiger speed \u2013car\u2019. <\/span><\/p>\n

You may want to search for an exact match of any word like \u2018Sanjib Sinha army infantry\u2019. In that case, your search must be double quoted: \u201cSanjib Sinha army infantry\u201d.<\/span><\/p>\n

You may want to search wildcards of an unknown word with star sign \u201c*\u201d like this: \u201cSanjib Sinha * air force\u201d.<\/span><\/p>\n

Sometimes searching within a range of numbers is necessary. Suppose you\u2019re looking for a mobile within price range 50 and 100 dollars. In that case, you may zero down your hunt this way: mobile $50..$100. Using two dots like this \u201c..\u201d will help you to find mobile prices ranging from 50 to 100 dollars only.<\/span><\/p>\n

Combining searches is another option where you may want to compare between two closely related words like \u2018army\u2019 and \u2018navy\u2019. To narrow down your chase write \u201cOR\u201d between these two words \u2014 army OR navy. <\/span><\/p>\n

By now you have probably known that extensions are generally used for domain specifications like \u201c.gov\u201d usually stands for government sites. In such cases simply put \u201csite:\u201d before a site or domain like this: \u2018site:xyz.com\u2019 or \u2018site:.gov\u2019, or \u2018site:.mil\u2019.<\/span><\/p>\n

There are other sites that are related to one specific site and the hacker may need to get results about them also. In such cases, you can use the term \u201crelated\u201d. Write \u201crelated:xyz.com\u201d. Other sites associated with \u2018xyz.com\u2019 will automatically fall prey to the hunting spree. <\/span><\/p>\n

Want more information and go deep into the details of any site? Just put \u201cinfo:\u201d in front of the site address like this \u2014 info:xyz.com.<\/span><\/p>\n

Usually, Google keeps the cached version of many sites those do not exist anymore. You may want to check whether such cached versions exist or not. Put \u201ccache:\u201d before the site address \u2014 cache:xyz.com or about someone like this \u2014 cache:sanjibsinha. <\/span><\/p>\n

Particularly in a country like India the challenge is immense. The low tech-literacy and ailing health can create vulnerabilities for old veterans, in the US we saw in 2015 a massive OPM data-breach took place where the cyber-attack compromised background check information for nearly every soldier who had received a security clearance since the Iraq war began. In our country we need to be aware of these facts and take suitable actions if needed.<\/span><\/p>\n

\u00a0<\/span><\/p>\n

\u2014The writer is an author and ethical hacker. As a published author, Microsoft\u2019s community contributor award winner, Sanjib Sinha has written several books, including the best selling security book \u201cBeginning Ethical Hacking with Python\u201d for Apress.<\/span><\/i><\/span><\/p>\n

letters@tehelka.com<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

Slow down a bit. There\u2019s a trap somewhere along here. Using subterfuge to gain entry is not a new trick. It has been done before through various forms in the past. Now, the social media is the new playground for trapping old guys, especially army veterans who want to connect to their former colleagues through […]<\/p>\n","protected":false},"author":20,"featured_media":307199,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[23,2205],"tags":[],"_links":{"self":[{"href":"https:\/\/tehelka.com\/rest-api\/wp\/v2\/posts\/307188"}],"collection":[{"href":"https:\/\/tehelka.com\/rest-api\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tehelka.com\/rest-api\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tehelka.com\/rest-api\/wp\/v2\/users\/20"}],"replies":[{"embeddable":true,"href":"https:\/\/tehelka.com\/rest-api\/wp\/v2\/comments?post=307188"}],"version-history":[{"count":2,"href":"https:\/\/tehelka.com\/rest-api\/wp\/v2\/posts\/307188\/revisions"}],"predecessor-version":[{"id":307214,"href":"https:\/\/tehelka.com\/rest-api\/wp\/v2\/posts\/307188\/revisions\/307214"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/tehelka.com\/rest-api\/wp\/v2\/media\/307199"}],"wp:attachment":[{"href":"https:\/\/tehelka.com\/rest-api\/wp\/v2\/media?parent=307188"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tehelka.com\/rest-api\/wp\/v2\/categories?post=307188"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tehelka.com\/rest-api\/wp\/v2\/tags?post=307188"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}