This excerpt is from an early chapter and introduces the main protagonist, Brody. The chapter provides the reader with a good understanding of Brody’s skills as a social engineer, who is showing the executives of a pharmaceutical company how he broke into their secure facilities and obtained the formula of one of their most important drugs in development.
I hope you like it!
. . . Brody pressed some keys on his laptop and an image slowly appeared on the large screen at the foot of the table. It was a very long chemical formula, with lots of C’s and H’s.
Brody asked the group, “Do you recognise this?”
Hall frowned. Wilson shrugged. Jacobsen spoke for them, “Just because we work here doesn’t make us pharmaceutical experts.”
Moorcroft, who had known what was coming and hadn’t looked at the screen, answered Brody’s question. “It’s the formula for our new Alzheimer’s prevention drug. The one that is still in development, two month’s away from beginning clinical trials. The same one that the future financial success of HTL is riding on. Let me put it this way.” Moorcroft leaned forward towards his three colleagues, his fists clenched. “If this formula got into the hands of our competitors, especially an unscrupulous Chinese firm, HTL’s future would be wiped out overnight”. He paused and then asked, staring at his three colleagues rather than Brody, “Where did you get hold of this Brody?”
“I broke into your IT systems and stole it from you, Dr Moorcroft,” said Brody, matter-of-factly.
“That’s impossible!” said Hall, his belly flopping on the board table as he leaned forward.
“Impossible?” Brody frowned theatrically. “No, not impossible. I’d categorise it as . . . quite difficult.”
Hall countered, “But I’ve put in the most expensive, most sophisticated perimeter defences in the world. They’ve withstood hundreds of hacking attacks from all over the world. Anyway, the new product development system this formula is located on is on a network physically ring-fenced from the main corporate network. It really is impossible to get in from the outside.”
“Yes, I agree,” conceded Brody, “Your firewalls are hardened well. Very few ports are open to the Internet. No obvious vulnerabilities. It passed a standard pentest.”
Hall sat back in his chair, seemingly relieved.
Brody continued, “It’s your employees that are the problem.”
“Are you saying that one of our employees gave you this formula?” It was Wilson. She had removed her glasses. Without them she looked softer, more feminine even.
“Yeah, give me their name,” said Jacobsen, “I’ll have them fired.”
“No one employee gave it to me. And you’re right Mr Hall, the new product development system is on a separate network only accessible from within this building. Once I figured that out, I simply walked into the secure area, logged into the system, copied it and emailed it to myself.”
“That’s impossible!” It was Jacobsen this time.
“I thought we were done with that,” smiled Brody, coolly. “Have you heard of social engineering?”
“I’ll take that as a no, then. Let me show you.”
. . .
Copyright © Ian H Sutherland, 2013
©2018 All Rights Reserved.