Art of Stepping on the Same Rake, Volume 2 Hold Security, LLC Alex Holden, CISSP Chief Information Security Officer @HoldSecurity

WHO AM I AND WHY AM I HERE? Hold Security Threat Intelligence Program 5,000,000,000 stolen credentials recovered 2,000,000 site breaches identified Thousands of breaches prevented Adobe System Breach 2013 Target Brands Breach 2013 JP Morgan Chase breach 2014 Yahoo! Breach insights Insights into 60% of major security breaches since 2009

ABOUT ME 10 years CISO in a major brokerage firm Security researcher and bug hunter Pen tester and auditor Hacker Hunter

CURRENT DEFENSES Policies / Regulations End-User Protection Anti-Virus Server Defenses Spam Control Network Perimeter Firewalls IDS/IPS DLP Logging and Monitoring Awareness

WITH ALL THESE DEFENSES ARE YOU PROTECTED FROM THEM?

Defamation and Reputation Loss Stolen Secrets Stolen Data Availability WHAT IS A THREAT TO YOU? Defamation and Reputation Loss Stolen Secrets Stolen Data Availability

PERIMETER – WHO KEEPS MOVING THE CHALK OUTLINE? Brick and Mortar Cloud Vendors/Partners Employees Customers

INSIDE THE HACKER’S MIND Exploit Infect Explore Abuse Profit

EXTORTION

WHAT ABOUT ANTI VIRUS? (This screenshot has been altered for viewing purposes)

Virtual Carding Basics LEARN TO BE A HACKER Carding University Virtual Carding Basics Hacker University Job After Graduation Professor’s Insight

BLACK MARKETS ECONOMICS Supply and Demand Respect and order amongst the thieves Destroying the competition

IDENTIFYING VIABLE THREATS What is a Cyber Threat to You? Who Decides Which Threat is Viable? Do I Need to Have a Breach to React? Threats Hiding in Plain Sight

POSITIVE AND NEGATIVE BEHAVIOR MODELS Stopping Malicious Attempts Fitting Detection Model Heuristics Model Lists of Bad Things

POSITIVE BEHAVIOR REWARDED All Sins Forgiven Stolen Credentials Symbionts

ANONYMITY Hiding = blending in Sophistication and ease of use

WHAT DO HACKERS THINK ABOUT OUR DEFENSES? Don’t Read Your Disclaimers, Security Statements, or Your Audit Reports Don’t Care That You Can’t Patch Your Mission Critical System Today Don’t Get Discouraged If Your Firewall Rejected Their First Access Attempt

CREDENTIALS Topic of the day – Mega Breaches Infinite keys to a plethora of keyholes End-user re-education Authentication - Something you know - Something you have - Something you are

DEFENSE Learn about your enemy Tune your defenses toward the threat - Fantasy Football Tune your defenses toward the threat Fortify against hackers NOT auditors Make yourself an unattractive target

Viruses 0days Credentials DEFENSE 101 Viruses 0days Credentials Misconfigurations

CONCLUSIONS Hackers are winning We are improving Information stolen today may be abused today and in 2025 Defense is easy

aholden@HoldSecurity.com - www.holdsecurity.com THANK YOU Hold Security, LLC Alex Holden, CISSP aholden@HoldSecurity.com - www.holdsecurity.com