Thursday, July 24, 2008

How a Classic Man-in-the-Middle Attack Saved Colombian Hostages

This is a very intersting article, written by Bruce Schneier and appeared on his blog and, that shows how a man-in-the-Middle attack has been used to save the colombian hostages. Many Critical Infrstructure services and processes are vulnerable to this kind of attack, in particular when traditional communication media are used (telephone lines).
WIRED: Last week's dramatic rescue of 15 hostages held by the guerrilla organization FARC was the result of months of intricate deception on the part of the Colombian government. At the center was a classic man-in-the-middle attack.
In a man-in-the-middle attack, the attacker inserts himself between two communicating parties. Both believe they're talking to each other, and the attacker can delete or modify the communications at will.
The Wall Street Journal reported how this gambit played out in Colombia: "The plan had a chance of working because, for months, in an operation one army officer likened to a 'broken telephone,' military intelligence had been able to convince Ms. Betancourt's captor, Gerardo Aguilar, a guerrilla known as 'Cesar,' that he was communicating with his top bosses in the guerrillas' seven-man secretariat. Army intelligence convinced top guerrilla leaders that they were talking to Cesar. In reality, both were talking to army intelligence."
This ploy worked because Cesar and his guerrilla bosses didn't know one another well. They didn't recognize one anothers' voices, and didn't have a friendship or shared history that could have tipped them off about the ruse. Man-in-the-middle is defeated by context, and the FARC guerrillas didn't have any. [...]

No comments: