Scott Granneman's latest column looks at recent security examples where people have been fooled in increasingly innovative ways: from keyloggers used in a massive bank heist and new Trojans that encrypt data and request ransom money, to real financial rip-offs that extend out from online virtual gaming worlds like World of Warcraft.
Lately I've been immersing myself in Shelby Foote's magisterial epic, The Civil War: A Narrative, Vol. 1: Fort Sumter to Perryville, and in it, Foote details several instances that occurred during the Civil War that bear out Lincoln's observation. Too often, though, the trickery works long enough for those doing the fooling to achieve their ends... and those being fooled to be taken for everything they're worth.
John Bankhead Magruder was a Confederate general who needed to convince the Federal army - headed by the notoriously cunctative general George McClellan - that it was facing a much larger Confederate force than it suspected. Foote explains how Magruder accomplished his task:
No wheeze was too old for Magruder to employ it. One morning he sent a column along a road that was heavily wooded except for a single gap in plain view of the enemy outposts. All day the gray files swept past in seemingly endless array, an army gathering in thousands among the pines for an offensive. They were no such thing, of course. Like a low-budgeted theatrical director producing the effect with an army of supernumeraries, Magruder was marching a single battalion round and around, past the gap, then around under cover, and past the gap again.Magruder's ruse worked, helping the overly cautious McClellan to find yet another reason to delay his attack. Of course, Magruder's trick pales in comparison to the stunt that Pierre Gustave Toutant de Beauregard - another Confederate general, easily possessed of the most colorful name of any soldier on either side of the War - pulled against the Union armies commanded by the unimaginative Henry Halleck. Beauregard and his men were forced to retreat from their supply base in Corinth, Mississippi, but they needed to keep the retreat from turning into a rout. They needed, in other words, to hide from Halleck and the Northerners that a retreat was under way. According to Foote, here's how the wily Southerners did it:
When [Beauregard's men] stole out of the entrenchments [at Corinth] after nightfall, they left dummy guns in the embrasures and dummy cannoneers to serve them, fashioned by stuffing ragged uniforms with straw. A single band moved up and down the deserted works, pausing at scattered points to play retreat, tattoo, and taps. Campfires were left burning, with a supply of wood alongside each for the drummer boys who stayed behind to stoke them and beat reveille next morning. All night a train of empty cars rattled back and forth along the tracks through Corinth, stopping at frequent intervals to blow its whistle, the signal for a special detail of leather-lunged soldiers to cheer with all their might. The hope was that this would not only cover the incidental sounds of the withdrawal, but would also lead the Federals to believe that the town's defenders were being heavily reinforced.Inside men, in an IT world
It worked to perfection. ... Daylight showed "dense black smoke in clouds," but no sign of the enemy Pope expected to find massed in his front. Picking his way forward he came upon dummy guns and dummy cannoneers, some with broad grins painted on. Otherwise the works were deserted.
It seems that modern cyber-criminals have learned a thing or two from the Confederates of old. No subterfuge is too old not to see itself reborn in a modern setting, and it seems that while you can't fool all the people all the time, sometimes fooling people enough of the time will still net a bad guy plenty of money.
Sumitomo Mitsui is one of the larger Japanese banks, and as such it has branches around the world, one of them in London. Last year, Sumitomo Mitsui was nearly the victim of the largest bank robbery in history: nearly half a billion dollars. Yes, you read that right. Thieves nearly made away with $440 million but were foiled by police before the heist could be completed. How did it happen? It was an inside job, of course.
The robbers disguised themselves as janitors and then, with the help of a security guard on staff, surreptitiously placed hardware keystroke loggers between the keyboards and PCs of certain employees' computers. And which ones would those be? They were the machines used by the help desk employees, naturally, and those used by the employees in charge of wire transfers over the SWIFT (Society for Worldwide Interbank Financial Telecommunication) network, which links over 7,800 financial institutions across 202 countries and transfers more than six trillion US dollars every day. A short time later, the bad guys had captured the admin passwords needed for remote access to the bank's other machines, along with the necessary logins and passwords to begin transferring money to the financial accounts of their choosing. Let the looting begin!