Targeted Data Breach Turn slides

Slides:



Advertisements
Similar presentations
Jnan B2C Features Hotel Reservation - B2C Features  Hotel Search on country, city wise  Hotel sort options  Filter search option  Hotel rates  Hotel.
Advertisements

Data Security and Payment Card Acceptance Presented by: Brian Ridder Senior Vice President First National September 10, 2009.
Do you know who you’re dealing with? Social Engineering: Minimise the risk of becoming a victim.
Sarah Hayle Community Law Service. v Community Law Service is a charity which helps people with their benefits. You do not have to pay. Our advisors can.
Fraud Procedures Tips for Mitigation Fraud Case Process.
Student Accounts Presentation. Student Accounts Barge Hall Room 104 (509) Barge Hall Room 105 (509)
How to Claim Your Jennifer Maimone from Dual Crossroads
Spanish internet ordering system – Slide 1
Making card acceptance work for you
New College Now Student Application and Registration Instructions
How To Register & Order Meals on Meal Selector
Can the Patient Registration Department get value from collection agency data?
Scams & Schemes Common Sense Media.
Parent Online Payments using Westpac QuickWeb
ALTERNATIVE CLIENT CONTACT CHANELS
Fraud and Scams.
Enrollment Services Orientation 2017.
Learning Objectives Today we will Learn:
Welcome to Excel English Institute F1 Student Orientation
Cybersecurity Preparedness:
2011 Featured Branding Program
How to build a good reputation online
Making card acceptance work for you
MyOBLab Type the name of your MyLab or Mastering product where text says MyLab/Mastering – PLEASE MAKE SURE TO CHANGE THE FONT COLOR TO PEARSON BLUE! Add.
WORK EXPERIENCE th JULY – 13th JULY.
Service Provider Best Practices
Administrative Training Guide
ACCOUNTING COMPANIES IN NYC. Tax Adviser bulltaxaccountants.combulltaxaccountants.com is one of the most respected accounting companies in NYC that.
Cyber Issues Facing Medical Practice Managers
Important Note for Students
Social Media and Communications Training
Important Note for Students
Welcome to (insert course name)
Week ___ ✓ Team Member Category Task Donor Engagement
CYBER- BULLYING.
How to survive a ransomware attack and live to tell about it
Want to get fit and have fun?
Budget Simulation : Finance Refresher
Welcome to (insert course name)
Pledge Card Template Payment:
STUDENT FINANCIALS YEAR END PROCESSES
The Interview
Royal Mail Group: Publishing Volume Commitment Incentive.
Royal Mail Group: Publishing Volume Commitment Incentive.
What is BankMobile? A process to select how to receive student refunds and student payroll payments It is fast, secure, and convenient. Go to:
Networking: Circle of Influence
Week ___ ✓ Team Member Category Task Donor Engagement
Week ___ ✓ Team Member Category Task Donor Engagement
Week ___ ✓ Team Member Category Task Donor Engagement
Scan & Deliver Scan & Deliver is available to University card holders. You need to login using SSO to place a request.
Week ___ ✓ Team Member Category Task Donor Engagement
Communication with Patients
Security of People, Property and Information
DDoS attack Turn slides
Targeted Data Breach Turn slides
Week ___ ✓ Team Member Category Task Donor Engagement
Week ___ ✓ Team Member Category Task Donor Engagement
Company Name | Phone Number | Website | Address
Music Education LicensureTalk
Royal Mail Group: Publishing Volume Commitment Incentive.
Week ___ ✓ Team Member Category Task Donor Engagement
Setting the Scene These slides can be appended before the specific incident slides. Change the master slides to fit your company brand or templates This.
Scenario Discussion.
team room reservation system demonstration
Wolves of the Internet: Where do fraudsters hunt for data online?
Founded in 2002, Credit Abuse Resistance Education (CARE) educates high school and college students on the responsible use of credit and other fundamentals.
Presentation transcript:

Targeted Data Breach Turn slides These drive the incident along. Change the master slides to fit your company brand or templates This work is licensed under a Creative Commons Attribution 4.0 International License. Remember to delete this slide!

Gold team exercise Date| Time Cyber Incident Gold team exercise Date| Time

1: An email is received MONDAY | 1:00 pm An email was sent to our Finance Director at 09:00 a.m. this morning. The sender claims to have direct access to our systems and to have extracted hundreds of thousands of our Customer/3rd Party details including Credit Card data. They say that unless they receive a ransom of $500,000 paid in bitcoin … Two deadlines: Respond with intention by 3pm today Pay the money by 1pm tomorrow If we don’t pay, data will be released to the public

1: An email is received We have 50 sample records from the attacker MONDAY | 1:00 pm We have 50 sample records from the attacker IT says they ”look credible” I have direct access to your systems and have already taken hundreds of thousands of details including all your credit card data. You need to pay me a ransom of $500,000 in bitcoin into 1AvAASEYstWetqTFn5Xu9m4GFg7xJgNVN2 by Tuesday 13:00 or I will put it all out there for all to see. Contact me by 15.00 today confirming that address or I will tell all the media and everyone else that you have lost this data and lost all your systems. Here’s some of your data to show you.

2: Half an hour before the deadline MONDAY | 2:30 pm IT say they have found no evidence yet of external access onto our systems; they’re continuing to perform checks and monitor networks. Good news: Credit Card data provided by the attacker in those 50 records does not match live data held for those customers or companies. It only looks plausible; it can’t be used directly in fraud. Bad news: but the data does contain valid Customer IDs, Names, Addresses, Phone Numbers, Email Addresses. The Customer IDs are unique to us so it’s definitely our data. Customers could be vulnerable to Social Engineering attacks if contacted by fraudsters who know of their relationship to us and have this data.

3: End of the day There has been no further contact from the attacker MONDAY | 6:00 pm There has been no further contact from the attacker IT think it could be test data There’s noise on Twitter Reuters has contacted public relations Have we lost data? Have we lost Elon Musk’s data? Twelve fraudulent payments have been found (and stopped) in the accounting system. Entered by a colleague who is on holiday

4: It is definitely test data TUESDAY | 9:00 am No evidence of intrusion Definitely system test data Found a file of 50K customers like the attacker’s BUT credit card data all randomized! i.e. Credit card numbers definitely of no use to the attacker in direct fraud We (sadly) don’t have Elon Musk as a customer General media reporting of the data breach Another email from the attacker Don’t mess me around! If I don’t have the money by the deadline all the data will go to the media!!

5: The deadline for payment TUESDAY | 1:00 pm No further contact from the attacker No further fraudulent payments Media claim to have the file

6: The attacker’s gone quiet TUESDDAY | 5:00 pm No attacker contact Significant media reporting Lots of social media comment Requests for CEO interviews

Incident Wrap-up Handout # 1.7

Questions Response Planning Processes Data Communications Ransom Bitcoins Overall