It is called Cyber Warshipping where cybercriminals send a package using low-cost and low power computers to remotely perform close-proximity attacks, regardless of the cyber criminal’s location. All for a cost of around £100.
This package, when received by the target business, starts working on remote commands of hackers where it either starts intercepting the wireless connectivity to get into the corporate network or pledges an evil twin attack which allows the threat actor to set up a decoy/fraudulent WiFi to steal credentials.
It then sends that scrambled data over the cellular network back to the attacker’s servers, which has far more processing power to crack the hash into a readable Wi-Fi password.
Once access to the Wi-Fi network is attained, the attacker can navigate through the company’s network, seeking out vulnerable systems and exposed data, and steal sensitive data or user passwords.
All of this could be done covertly without anyone noticing — so long as nobody opens the parcel.
Security researchers of IBM Security say that this Warshipping technique is sophisticated enough to pass through the firewall, spam filters, and other threat monitoring tools that are placed in the security perimeter of a company’s computer network.
Charles Henderson led the Big Blue’s Offensive Security team in building a cheap 3G enabled ‘warship device’ which was powered by a mobile battery and consisted Wi-Fi Chip, antenna and other components. They sent all these well-installed components in a package to a company and managed to intercept the company’s PC network.
Henderson said: “If we can educate a company about an attack vector like this, it dramatically reduces the likelihood of the success of it by criminals,” Henderson said.
IBM X-Force Red suggests that employees of companies, especially those at the physical security counter should scan all packages before they get delivered to the concerned team/individual/official.
Also, packages received from outside should be quarantined at a place where there is limited access to the corporate network.
Furthermore, any personal packages sent to employees should be monitored for any warshipping content.