The Seattle SAGE Group (SSG)
Seattle based special interest group for system and network administrators.
The Attack
- Going from knowing nothing to having access
- This is a real attack.
- The target was litterate on hacking from a "normal presentation" stand point.
- This was done against a LIVE and AWARE target.
- The target's upper management signed off on the attack as a "free security evaulation".
- The target was a development environment with real value software and trade secrets.
- The TARGET did NOT detect the attack.
- ALL real transcripts were given to the target.
- The target is more secure today.
- The upper management made a small change to the Information Systems
Budget (they added a training budget large enough to send three
people to five expensive courses, they trippled the conference budget
on the condition the conferences were security related.)
