There are many different types of biometrics but here are the most common. Retinal scanners (eyes), Hand & Finger Scanners, Facial Recognition, Vocal Verification and DNA Scanning.
During this Beers With Bad Guys the guys are explaining a deep dive they went on for one of their clients. This particular client put in facial recognition for all of their employees. Now Secure Network was hired by this company to protect them against hackers. Obviously, they decided to see if they could beat the facial recognition system and connect into the internal network at the company.
During the research phase we found that photographs won’t work neither will any type of flat images. The system requires a 3-D like structure, facial movement and it can even detect a disguise. (We thought about building an animatronic head but that would cost a fortune and we would need to add controls to the facial features). Certain systems actually require a 2nd factor of biometrics, such as your face and hand.
The Plan
We decided that intelligence was the way to go. We used Open Source Intelligence (OSINT) to gain information. We searched on LinkedIn and found a large number of the employees. The company itself had also posted pictures of their new offices so we saw their biometric system from the photographs. From there we looked up that specific biometric and found exactly what access we needed. Then we found out what their work badges look like thanks to LinkedIn….. again. We did a deep dive into their security/receptionist because they are vital. We also learned about the top executives so we could name drop.
We started to prepare our guy to infiltrate the facility. Mind you that this company was a shoot first ask questions later. So, we made sure our guy looked the part. New expensive suit, new shoes, a haircut and we even made him business cards. We created a whole job persona for him with a script and an email address. We bought a similar domain to the one the company had. We then send the receptionist posing as a top executive from America. FInally, we sent him to the country and had him go to the company but he got stopped. The receptionist we were communicating with happened to be on a personal day that day. So, we came back later in the week and the right receptionist was in. He was able to go past her and got a connection to their internal network. Of course, we did not attack their system from the inside but we could have. We let the company know about our infiltration and helped them prepare against anything similar.
Now this was months of preparations, over a week of our guy being in the country, a hurricane happened while he flew in and the one receptionist we needed was not there the first try. Needless to say we had a lot of issues but we still managed to break in. The information that a company gets from biometrics is extremely sensitive. You have to protect it in a big way. It’s hard enough to change your face not to mention your DNA.
