Kevin Mitnick demonstrates how easy it is for a hacker to tap into your network and read your email messages, even if it’s a fiber optic network.
Kevin Mitnick is the father of the art of hacking, hacking is a philosophy of life and today the Master demonstrates how easy it is for an attacker to tap into a network to steal sensitive data, access emails, even if it’s a fiber optic network.
Kevin Mitnick clamped onto a fiber optic cable, CAT5x or CAT6x network wire, and by using the popular network analyzer Wireshark demonstrated how is simple to sniff any unencrypted information is a few minutes without leaving any trace. Mitnick used in his attack an optic fiber clip-on coupler that provides non-invasive bi-directional coupling into 250 micron coated single-mode fibers.
“The FOD 5503 offers the ability to couple fiber optic talk sets at any intermediate point along a fiber span where access to a terminated end is not available.” states the description of the optic fiber clip-on coupler.
Such kind of hardware is not used to hack into fiber, but it is designed for maintenance purpose and fiber identification.
Kevin Mitnick published a video to demonstrate the attack, it shows the popular hacker while is sniffing an email directly from the tapped cable.
The hackers can easily tap without cutting the wire by using alligator clips to attach to the cable or they can cut the cable and plug both ends into a small hub to intercept the traffic.
In both cases, it is essential to prevent physical access to the wire, but most important is to use encrypted connections, while accessing any kind of web services, including email, chat, web browsing.
An attack like the one presented by Kevin Mitnick is very easy to arrange, clever attackers could use a cheap and tiny Raspberry Pi hide the tap used to grab the data. A similar scenario is scaring because an attacker can exfiltrate data from the targeted network for a long period without arousing suspicions.
Let me suggest to watch the video.
(Security Affairs – Kevin Mitnick, hacking)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.