An author of a traffic interception program who introduced himself as Ares showed students of Innopolis University how to capture network traffic.
Students of the Master's degree Program in Secure Systems and Networks Engineering had an extraordinary class. The lecture was read by the hacker who designed the Intercepter-NG, a popular tool for traffic interception available on the market for over 10 years.
According to the Russian hacker, Edward Snowden used a sniffer of the Intercepter-NG to intercept traffic in the Tor network during his service at the National Security Agency (NSA). Ares admits his acquaintance with the former US secret service officer.
"One day I received a letter from a seemingly ordinary user - at least that was how it looked like at first glance. He asked questions about the Intercepter-NG and versions of the program. During the conversation, I realized that this person was collecting traffic. Every day he got hundreds of gigabytes - that is what he used my program for. I asked him to share over a hundred of files for analysis, and he provided 200 gigabytes. I studied them, fixed bugs and found some nuances. Once all the bugs were fixed, our communication stopped. A year after, I was looking through my old correspondence and paid attention to the name of that man. It was Edward Snowden. He wrote me from the same website he used to send damaging evidence to reporters", said the Russian hacker.
Ares showed how to get a remote access, told about his product, described its functions and types of cyber attacks. The Intercepter-NG is a multifunctional tool designed for network administrators, programmers and experts in information security. The service is used to restore traffic data (passwords, files, correspondence, etc.) and make MiTM attacks. As for legitimate purposes, it serves for network diagnosis and investigation of cybercrimes.
The expert mentioned classic ways to obtain a remote access, in particular, social engineering (send a Trojan via email), password attack (RDP, SMB, VNC) and use of security vulnerabilities. Ares chose a "victim" from the list of computers and demonstrated basic operating principles of his program. Two virtual demo machines were designed especially for this experiment.
"It was hard to answer students' questions during the lecture as they implied many technical details. Anyway, if I was a student it would be interesting to talk to experts who are well-known in the fields of applied IT", said Ares.
The hacker had an online communication with students. He did not show his face and changed the voice. Ares warned students that illegal use of information received during the online session may result in criminal prosecution.
Konstantin Urysov, Senior Lecturer of the Master's degree program in Secure Systems and Networks Engineering said: "I was looking for a cybersecurity expert for practical training. A year ago, when surfing the Internet I found Ares and paid attention to the tool he designed. The hacker instantly refused to take part in any public event. Then I offered him to organize seminars in the same format as he made podcasts with his voice altered, and the hacker agreed. At that moment, the Master's degree program had not been launched yet, so we decided to put our cooperation off. At the beginning of this academic year we got in touch again and agreed on a lecture. Our program provides different perspectives on system security. For example, a course in Offensive Technologies is focused on hacking methods and security issues. Being in the "hacker's shoes" helps students to expand horizons regarding possible attack vectors that are initially invisible in terms of protection. Workshops with real hackers is a way to discover sources of security threats for information systems".
It was the first lecture of this format read at Innopolis University, and the University will continue organizing such classes with interesting speakers, including hackers.
"Our students need to be informed about existing levels of system security and be able to think like attackers in order to design effective protection mechanisms. During this lecture students learned about different scenarios of network attacks and vulnerabilities of security systems. We will maintain cooperation with cybersecurity experts and keep inviting them to give lectures and workshops. We plan to organize special seminars on hacking and security of banking systems, quantum cryptography, security of embedded systems and other new technologies that require security tools," explained Rashid Hussain, Head of the Master's degree program in Secure Systems and Network Engineering.
Ares shared some personal information, in particular: "I am a citizen of the Russian Federation, programmer, explore and implement network attacks as part of my own Intercepter-NG project. Being a modest person, I do not like excessive attention to personal life which is not related to my professional activity.
