The U.S. Postal Service processes and delivers 484.8 million mailpieces of first-class mail a day — roughly one-and-a-half mailpieces for every person in the U.S. — in a single day. That’s without accounting for the millions of shipments delivered through international couriers. On-demand, free and same-day delivery options mean that virtually anything is accessible at any time and can be sent straight to our doorstep. What most people don’t realize is that some packages they receive may be looking to steal personal or confidential information. And the proliferation of e-commerce-related package deliveries is exactly what cybercriminals can exploit with a tactic IBM X-Force Red is calling “warshipping.”
IBM X-Force Red investigated how cybercriminals might seek to exploit package deliveries to hack into corporate or personal home networks right from the office mailroom or from someone’s front door. Think of the volume of boxes moving through a corporate mailroom daily. Or, consider the packages dropped off on the porch of a CEO’s home, sitting within range of their home Wi-Fi. Using warshipping, X-Force Red was able to infiltrate corporate networks undetected. Our aim in doing so was to help educate our customers about security blind spots and modern ways adversaries can disrupt their business operations or steal sensitive data.
So, What Is Warshipping?
Warshipping is the evolution of artifact hacking methods such as wardialing and wardriving. These are all techniques that allow cybercriminals to infiltrate a network remotely. In the 1980s and 1990s, the age of dial-up internet, cybercriminals used wardialing to gain unauthorized access to networks by systematically calling a block of numbers until th ..
Support the originator by clicking the read the rest link below.
