September 19, 2016 Steve Konecny CFE, CIRA, CEH, CRISC Hands on Hacking.

Slides:

Advertisements

Similar presentations

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

Advertisements

Lunker: The Advanced Phishing Framework

Penetration Testing & Countermeasures Paul Fong & Cai Yu CS691 5 May 2003.

ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.

© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.

ECE Prof. John A. Copeland Advanced Persistent Threat Material.

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.

Emerging Trends: Cyber Threats Bryan Sheppard Cyber Security Defense Center.

Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.

Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.

External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.

1 Title ECI: Anatomy of a Cyber Investigation Who Are the Actors.

13Computer Intrusions Dr. John P. Abraham Professor UTPA.

CS101 Lecture 14 Security. Network = Security Risks The majority of the bad things that can be done deliberately to you or your computer happen when you.

Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.

Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.

Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.

PART THREE E-commerce in Action Norton University E-commerce in Action.

An Insight into the Relationship Between Social Media and the Susceptibility to Malicious Intent Presented by Rebecca Morgan 15/05/2015 >>>>2.

Becoming More Secure Online: Passwords & Social networking Walid Al-Saqaf For the Workshop: Secure Information Gathering, Storing, and Sharing Istanbul,

1. password (Unchanged) (Down 6) (Unchanged)14. sunshine (Up 1) (Unchanged)15. master (Down 1) 4. abc123 (Up.

Managing Data Against Insider Threats Dr. John D. Johnson, CISSP.

GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.

Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.

Birmingham News Sunday October 28, 2012  password1.

Hacking Windows 9X/ME. Hacking framework Initial access physical access brute force trojans Privilege escalation Administrator, root privileges Consolidation.

Topic 5: Basic Security.

Network Security. Announcements Review Assignment - Assessment 3 (due Tuesday, before class) Assessment 3 – Next Thursday Reminders: Network Design Project.

1. password (Unchanged) (Down 6) (Unchanged)14. sunshine (Up 1) (Unchanged)15. master (Down 1) 4. abc123 (Up.

Information Security In the Corporate World. About Me Graduated from Utica College with a degree in Economic Crime Investigation (ECI) in Spring 2005.

Cybersecurity Risk, Remediation, Response Nathan Gibson, CCE, CEH.

INTRODUCTION & QUESTIONS.

1 Law, Ethical Impacts, and Internet Security. 2 Legal Issues vs. Ethical Issues Ethics — the branch of philosophy that deals with what is considered.

DoS Attacks Phishing Keylogging Computer Laws/Acts.

Cyber Security – The Changing Landscape Erick Weber Department of Public Works Khaled Tawfik Cyber Security.

David Wigley HCC Security Architect Security Trends for 2016.

Computer Forensics. OVERVIEW OF SEMINAR Introduction Introduction Defining Cyber Crime Defining Cyber Crime Cyber Crime Cyber Crime Cyber Crime As Global.

1. password (Unchanged) (Down 6) (Unchanged)14. sunshine (Up 1) (Unchanged)15. master (Down 1) 4. abc123 (Up.

1. password (Unchanged) (Down 6) (Unchanged)14. sunshine (Up 1) (Unchanged)15. master (Down 1) 4. abc123 (Up.

CURRENT STATUS OF CYBERCRIME  Security is the fastest growing service in IT  Cyber Crime Costs $750 Billion annually  70% of threats arrive via .

Warm Up: Identity Theft: Quick Write 1. What is Identity Theft? 2. What is Fraud?

CNP Fraud. Occurs when a fraudster falsifies an application to acquire a credit card using an individual’s personal information. (Eg: postal intercept)

Unit 4 Protecting Your Information Section C. Chapter 1, Slide 2Starting Out with Visual Basic 3 rd EditionIntroduction to ComputersUnit 4C – Protecting.

Common System Exploits Tom Chothia Computer Security, Lecture 17.

Your security risk is higher than ever.

2016 Data Breach Investigations Report

Class Name: Online Safety & Privacy Basics

Common Methods Used to Commit Computer Crimes

Information Security.

Types of Cyber Crimes Phishing - is a scam to steal your online username and password. Phishing attacks work by tricking you into entering your username.

Some Methods Phishing Database & Password Exploits Social Engineering & Networking Weak Controls Default Accounts & Passwords Dated Software & Patch.

Data Compromises: A Tax Practitioners “Nightmare”

E-commerce Application Security

ADVANCED PERSISTENT THREATS (APTs) - Simulation

Dissecting the Cyber Security Threat Landscape

Year 10 ICT ECDL/ICDL IT Security.

Forensics Week 11.

Cybersecurity Awareness

Cybersecurity Awareness

Partnering to Minimize the Impact of Data Compromises

4 ways to stay safe online 1. Avoid viruses and phishing scams

Unit 1.6 Systems security Lesson 2

David J. Carter, CISO Commonwealth Office of Technology

Introduction to Computers

Computer Security.

The Internet: Encryption & Public Keys

Information Protection

最容易被破解的25個密碼.

Information Protection

Presentation transcript:

September 19, 2016 Steve Konecny CFE, CIRA, CEH, CRISC Hands on Hacking

Who Has Been Hacked Lately? 2 650, Million 128 Million 6.5 Million

Who Else Has Been Hacked? 3 CPA firms hacked MAJOR FOUR 1 Hacker by

What Makes You So Special? Who would want to hack me? Too Small Low Profile Little Financial Gain 4

5

Top Cyber Crimes 1.Tax-Refund / Payment Fraud 2.Account Takeover 3.Identity Theft 4.Theft of Sensitive Data 5.Theft of Intellectual Property 6.Ran omware 6 $

Attack Cycle 7 Identify key individuals & create profiles Gather public info Google search data Scan Attack & Access Complete Mission Target Maintain & Escalate Cover Tracks

Attack Cycle 8 Assess, research, build tools Network scanning tools nmap/zmap Scan Nessus Scan Maltego Develop network profiles OS versions, models, etc Scan Attack & Access Complete Mission Target Maintain & Escalate Cover Tracks

Attack Cycle 9 Scan Attack & Access Complete Mission Target Maintain & Escalate Cover Tracks Phishing Database & password exploits Social engineering & networking Weak controls Default accounts & passwords Dated software & patch exploits APTs & zero-day

Attack Cycle 10 Backdoors, tunnels Remote admin software Modify registry Application exploitation User enumeration New processes when booting Scan Attack & Access Complete Mission Target Maintain & Escalate Cover Tracks

Attack Cycle 11 Compress data Download/exfiltrate data from system Encrypt/ransomware Zombie/bot Scan Attack & Access Complete Mission Target Maintain & Escalate Cover Tracks

Attack Cycle 12 Modify or delete logs Change file names Change process names Change file modification & creation time Delete artifacts Scan Attack & Access Complete Mission Target Maintain & Escalate Cover Tracks

Video 13

Internal vs. External Threats Data Breach Investigations Report. Verizon. Percent of breaches per threat actor over time Partner Internal Collusion External (n=8,158)

Detection of Breaches Data Breach Investigations Report. Verizon. (n=6,133) Breach discovery methods over time Law Enforcement Fraud Detection Third Party Internal

Dated Software & Patch Exploits Some Methods 16 Phishing Social Engineering & Networking Database & Password Exploits Weak Controls Default Accounts & Passwords Advanced Persistent Threat & Zero-Day

17

18

Phishing 19 30% Open messages 12% Open attachments PayPal, eBay, Battle.net, AOL, and Runescape are the most common phishing sites Data Breach Investigations Report. Verizon.

20 Spear Phishing Fake CEO asks Finance Dept “Send Me the Money” Change Payment Method Mid-Project HR Dept Sends Out 1,000+ W2s of Employees Fool me once, shame on you. Fool me twice, shame on me. Fool me thrice? Right Method – Wrong Account No need to file taxes this year – someone did it for you!

Example CEO Fraud 21

Some Methods 22 Phishing Social Engineering & Networking Database & Password Exploits Weak Controls Default Accounts & Passwords Dated Software & Patch Exploits Advanced Persistent Threat & Zero-Day

23

Top 25 Passwords | 2014 & (new) 91% of passwords are Top 1, % of passwords are Top 10,000 Data Splash Most Popular Passwords of 2014, 2015 Datasplash.com password qwerty football baseball 11. welcome abc qaz2wsx 16. dragon 17. master 18. monkey 19. letmein 20. login 21. princess 22. qwertyuiop 23. solo 24. password 25. starwars password qwerty baseball 9. dragon 10. football monkey 13. letmein 14. abc mustang 17. access 18. shadow 19. master 20. michael 21. superman batman 25. trustno1

Passwords 25 Circumvent Reset Attack, brute force 2O ACCOUNTS MINUTES HACKED 1O in under

Encryption 26 Encrypt Outlook Files No need for passwords Backdoor opens all encrypted messages Encrypt Application Files Word, Excel, Compressed Files, etc Many have backdoors May 2012 Flash drive AND encryption code 27, 000 records lost in the mail

27