Chapter 16 - Sabotage

Abstract

This chapter discusses the use of sabotage. Although sabotage is not frequently used in penetration testing, it was used historically by the ninja, and it is regularly put to use in various conflicts and by criminal organizations. It discusses logical sabotage, which, when used with care, can actually be very useful in a penetration-testing scenario. It discusses various uses for malware, including backdoors, rootkits, and infected hardware such as phones and USB storage devices. It also discusses the use of data manipulation for financial gain, client-side attacks, and vandalism. It focuses on the use of physical sabotage as well, including communications, hardware, and access controls. The disruption of devices that run critical infrastructure, communications, or control the access of personnel can be very damaging to an organization. Such acts of sabotage may result from substandard parts used to build counterfeit equipment, or they may be because of clandestine disruptive features that were deliberately built in. It concludes with the discussion about the various sources for sabotage, the main categories being internal and external. Internal sources can include disgruntled employees, human error, and others. External sources might include foreign governments, hacktivists, and software pirates, just to name a few. Although the motivations driving the efforts of various sources may differ, the end result to the target often looks much the same.