It used to be the fear of 1984 and Big Brother—watching and controlling citizens’ every move. These days the writing is on the wall, while Big Brother is watching via the CCTV networks, little brother is insidiously infiltrating our computers and smart devices to build a cache of information—and it is no longer simply making off with corporate/personal data/information. Enter the RAT.
In reality, RATs have been with us since the inception of computer networking systems. Essentially they are a bastardisation of Remote Assistance Tools and Remote Administration Tools (umm, RATs, and err, RATs). Good RATs enable legitimate remote access and administration of a computer so that a helpdesk can work out the issue without having to despatch a technician from their dark basement to tinker with the machine. It also enables administrators to remotely log in to servers in Data Centres from the comfort of their sofa to perform routine tasks.
Bad RATs (Remote Access Trojans) are there without the owner or operator being aware of it, and allow the same tasks to be performed as the good RATs, without their knowledge.
Recent media attention has shone a spotlight on the prospect of others taking control of a device’s camera using a bad RAT to take images or video of the user and transmit it in real-time (or store it for later retrieval and review).
The majority of paranoid security practitioners have a creative solution for this… a piece of insulation tape across the lens—coming soon to a security-vendor near you.
Of greater concern, however, is that once a malicious RAT has been installed on a system, and don't forget smart-phones are computers too—the remote operator essentially has command and control capabilities over most features on the device. This ranges from controlling the camera, the microphone, all the information stored on the device and any peripherals connected to it, including network resources, printers, scanners and more. It grants them exactly the same access as if they are seated at that computer or have the device in the palm of their hand.
So ultimately, an image or a video would be the least of an owner’s concerns. Imagine, for example, the conversations that take place within earshot of your mobile device or computer. Boardroom meetings, tender evaluations, contract negotiations and let’s not forget private chats in a bar. A lot of this could can cause significant personal, corporate and financial damage if it falls into the wrong hands..
A significant number of our gadgets also have integrated GPS capabilities. So once compromised, the bad guys can turn on and track the owners movements too. You can imagine how this might be used. Monitoring the home owner in order to rob their house while they’re out, or tracking them to a dark alley where they are vulnerable.
I personally like the idea it poses as a new form of social engineering and information gathering—a six-step tool-kit for the professional crook to drive legitimate sales.
• Step one: insert a bad RAT into a targets mobile device. • Step two: use the audio information collected from eavesdropping on the device to develop a convincing and customised “sales” pitch. • Step three: use the camera or images stored on the device and from their social media to get to know the target, what they look like, friends etc. • Step four: use GPS location data build a profile of the targets movements. • Step five: create a chance meeting, “bump” into the target. • Step six: deliver the perfect pitch/conversation, including the exact solution to their problems.
And if that doesn't convince them to buy, simply resort to blackmail or sell the stolen secrets.
Kids, don't try this at home.