Sans Summit Feature: Zhuang Wei Liang on Sock Puppets Jan 2020
Welcome to the (Sock) Jungle
Cyber adversaries can easily hide their identities, as they share among themselves ideologies and plans of wreaking havoc. One of their ways of remaining anonymous is by using sock puppets to avoid identification, detection and attribution.
A sock puppet is a fictitious identity used in online communities and social media to deceive others, and for other more sinister pursuits. To penetrate and expose these malicious groups or individuals, cybersecurity experts at Ensign InfoSecurity employ the same tactics, using Open Source Intelligence (OSINT) to augment their cybersecurity investigations, forensics, and adversarial emulation exercises. By combining OSINT, Human Intelligence (HUMINT), and proprietary intelligence sources, we are able to preempt cyber threats before they can do harm.
In the SANS OSINT Summit 2020, Zhuang Weiliang, Ensign’s Lead Consultant, shared how his 10-year experience in Singapore’s Armed Forces’ Counterterrorism web intelligence unit, along with his own personal research, has helped him unmask potential threats in the past. In his presentation, he outlined some effective ways of creating a sock puppet that can circumvent identity recognition protocols, including:
- Creating redirected email accounts
- Tapping SMS verification sites
- Paying anonymously for the services to create an account
- Tips on buying VPN services
- Cultivating habits for social media avatars or sock puppets
Watch the video here: https://ensign.global/SANS-Summit-Feature
Provides insights on how organisations can enhance their security posture across their cybersecurity lifecycles
Ensign Systems Integration
Architects and deploys advanced cybersecurity solutions that bolster defences
Ensign Managed Security Services
Operates intelligence-led advanced detection, threat hunting and response services