Anonymous vs. HBGary Jared DeMott Principle Security Researcher Crucial Security, Inc.

Slides:

Advertisements

Similar presentations

MFA for Business Banking – Security Code Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing these QT sheets.

Advertisements

Homework Assignment. Assignment One Ready for the next challenge. Great! Time to pick an affiliate product to promote. Go to ClickBank.com and go to the.

Internet Safety Gleneagles Computer Club February 16, 2015 by Deborah Benson.

 Someone who exercises playful ingenuity  Misusers of the internet who try to obtain or corrupt information; people who try to prevent it.

Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.

Beyond “I Fought The Law” Educating Law Enforcement about Privacy Services Adam Shostack.

AVG- Protecting those who are vulnerable.  Free Anti-Virus Software ◦ J.R. Smith President of AVG oversees a lineup of antivirus products used by 110.

Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.

Network & Computer Security Training.  Prevents unauthorized access to our network and your computer  Helps keep unwanted viruses and malware from entering.

Vs The Illusion of Security. Aaron Barr : “Security Expert” CEO of security company HBGary Federal Provide Security Training Create Malicious Software.

January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS © Abdou Illia.

We are partners in learning.. Note: Office 365 works best in Internet Explorer V 9 or above. Some features do not work in PWCS’s Chrome Browser or in.

By Laura Trawin.

SiteLock Internet Security: Big Threats for Small Business.

evidence. Safety To stay safe on the internet there are many points you need to follow. The first point is to change your password regularly, you.

This PowerPoint presentation will show you how to use your productively and successfully.

For technical assistance, call 1-(800) Welcome to Cornerstone’s Updated VISION Software System Your MSDS & Chemical Inventory.

Security and Risk Management. Who Am I Matthew Strahan from Content Security Principal Security Consultant I look young, but I’ve been doing this for.

MS systems use one of the following: LanManager Hash (LM) LanManager Hash (LM) NT LanManager (NTLM) NT LanManager (NTLM) Cached passwords Cached passwords.

Web Security Demystified Justin C. Klein Keane Sr. InfoSec Specialist University of Pennsylvania School of Arts and Sciences Information Security and Unix.

1 Title ECI: Anatomy of a Cyber Investigation Who Are the Actors.

Special Anatomy of an Attack Or Layered Security Failure.

Lecture 7 Page 1 CS 236 Online Password Management Limit login attempts Encrypt your passwords Protecting the password file Forgotten passwords Generating.

Principles of Secure Account Management By Chuck Connell

Welcome to the wonderful world of……. . A Quick & Easy Guide.  What IS ?  A quick, easy and convenient way to send a letter to friends, family.

Online Social Networking. Agenda Survey Results What is Online Social Networking? Popular Online Social Networking Sites Privacy Settings for Facebook.

The Internet Explained

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS). SELECT AND USE APPROPRIATE METHODS TO MINIMISE SECURITY RISK TO IT SYSTEMS AND DATA 1.1 I can describe.

Review Security Hardening IPTables SELinux. Today Installations and updates – Rpm command and packages Apache “Issue Ownership”

Easy Chair Online Conference Submission, Tracking and Distribution Process: Getting Started + Information for Reviewers AMS World Marketing Congress /

Customer Service and Support Sutherland Global Services Consultant Learning Services Microsoft Store.

| nectar.org.au NECTAR TRAINING Module 5 The Research Cloud Lifecycle.

Digital Citizenship Grade Why are we here and what is Digital Citizenship? Part 1: What is Private Online? Part 2: Passwords Part 3: Responsibilities.

Registration and Log-in Flow Benjamin Melançon agaric.com & dgd7.org.

Password Security Everything (well… a lot, anyway) you didn’t know, or want to, but really actually need to.

Cyber Edition:.

Session 7 LBSC 690 Information Technology Security.

G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.

By Demi Gardiner 8P Who’s been on your computer??

PREPARED BY: SHOUA VANG ABHINAV JUWA CHASE PAUL EASy Security Project Anonymous vs HBGary Inc.

Viruses Hackers Backups Stuxnet Portfolio Computer viruses are small programs or scripts that can negatively affect the health of your computer. A.

Company Guidelines and Basic Rules for …. No text words or slang, all s sent have to be polite and formal Use suitable, relevant subject lines.

Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.

INTERNET SAFETY FOR KIDS

Teacher Rooming Equipment Rules / Expectations Login / Passwords Technical Issues Homework Printing.

Utilizing Your Class Site Class Website Guide by Kimberlee Fulbright.

| nectar.org.au NECTAR TRAINING Module 5 The Research Cloud Lifecycle.

1 Day 2 Logging in, Passwords, Man, talk, write. 2 Logging in Unix is a multi user system –Many people can be using it at the same time. –Connections.

Cyber Safety Mohammad Abbas Alamdar Teacher of ICT STS Ajman – Boys School.

Computer Security By Duncan Hall.

When Vulnerability Disclosure Gets Ugly For CNIT All materials posted at samsclass.info and free to use.

Databases Kevin Wright Ben Bruckner Group 40. Outline Background Vulnerabilities Log File Cleaning This Lab.

© 2015 albert-learning.com How to talk to your boss How to talk to your boss!!

Blogs How to use the bog safely and secure? Create new username. Create a strong password to your account. Create the password to your uploaded files.

SY0-401 COMPTIA Security+ Certification Exam Vcepracticetest.com.

Lecture 12 Page 1 CS 136, Spring 2009 Network Security: Firewalls CS 136 Computer Security Peter Reiher May 12, 2009.

General Information: This document was created for use in the "Bridges to Computing" project of Brooklyn College. You are invited and encouraged to use.

Lecture 9 Page 1 CS 236 Online Firewalls What is a firewall? A machine to protect a network from malicious external attacks Typically a machine that sits.

Common System Exploits Tom Chothia Computer Security, Lecture 17.

Information Security 101 Richard Davis, Rob Laltrello.

Forensics Week 11.

Instructor Name Instructor Title Library Name

Introduction to Soonr by ….

Yahoo Mail Is Not Working Support number

Uppingham Community College

Company Name | Phone Number | Website | Address

G061 - Network Security.

Presentation transcript:

Anonymous vs. HBGary Jared DeMott Principle Security Researcher Crucial Security, Inc.

Sample Topology of Computer Crime

A Message to HBGary after Anonymous Hack

Even at the expense of some country laws and possible safety of others?

Anarchy is best?

Mostly DDoS in the Past Scientology Censorship Egypt gov Big Biz etc

HBGary Inc. – Greg Hoglund, Founder and CEO – Penny Leavy-Hoglund, President – Products Responder – Analyze RAM, pagefiles, VMWare images, sort & display images, network links, etc Digital DNA, Active Defense – Detects malware via in-memory analysis HBGary Federal – Aaron Barr was the CEO – Site now says, “hbgaryfederal.com is currently offline. Please try again later”

The Buildup

How did Barr get into this mess? 1.1, 2.1, pwned 12 ? $$ issues!

Technical Details Time for an Injection – 2&page=27 2&page=27 Got user database Rainbow tables – Non-iterative, unsalted MD5 == fairly easy to crack Alas, two HBGary Federal employees—CEO Aaron Barr and COO Ted Vera—used passwords that were very simple; each was just six lower case letters and two numbers – Allowed for hbgaryfederal website defacement

Technical Details Password Reuse – Ted’s was good on a HBGary Linux box, support.hbgary.com – Privilege Escalation Months old bug, with public exploit available Stealing of data, and “sharing” with the world – Makes me wonder what they found, but didn’t share....

Technical Details Using Google Apps for – Aaron’s reused password lead to access to his company , but he was also an admin, FTW – Reset Greg’s password to get his too Found info about rootkit.com Social Engineering to pwn rootkit.com – Knew a couple things (actually just one, lolz) The root password to the machine running Greg's rootkit.com site was either "88j4bb3rw0cky88" or "88Scr3am3r88“ (so they thought) Jussi Jaakonaho, Chief Security Specialist at Nokia, had root access

Social Engineering “Greg” Subject: need to ssh into rootkit im in europe and need to ssh into the server. can you drop open up firewall and allow ssh through port or something vague? and is our root password still 88j4bb3rw0cky88 or did we change to 88Scr3am3r88 ? thanks Jussi hi, do you have public ip? or should i just drop fw? and it is w0cky - tho no remote root access allowed

Social Engineering “Greg” no i dont have the public ip with me at the moment because im ready for a small meeting and im in a rush. if anything just reset my password to changeme123 and give me public ip and ill ssh in and reset my pw. Jussi k, it should now accept from anywhere to as ssh. i am doing testing so that it works for sure. your password is changeme123 i am online so just shoot me if you need something. in europe, but not in finland? :-) _jussi

Social Engineering “Greg” if i can squeeze out time maybe we can catch up.. ill be in germany for a little bit. anyway I can't ssh into rootkit. you sure the ips still ? Jussi does it work now?

Social Engineering “Greg” did you reset the user greg or? yup im logged in thanks ill you in a few, im backed up thanks Jussi nope. your account is named as hoglund (later on…) did you open something running on high port?

Actual s

Actual Documents

Fallout March 1, 2011: 17 members of the United States Congress called for a congressional investigation for possible violation of federal law by Hunton & Williams and "Team Themis" Will Anonymous be help responsible for what they did?

On Oct. 3, 2010, HBGary CEO Greg Hoglund told Aaron that “we should have a pow-wow about the future of HBGary Federal. [HBGary President] Penny and I both agree that it hasn’t really been a success… You guys are basically out of money and none of the work you had planned has come in.” April 1 st, 2011 Defcon CTF Organizers: “HBGary is awarded contract to clean CTF sheep stalls!”

Damage to others? HBGary Hunton&Williams? – Kevin Zeese, a lawyer with the NGOs VelvetRevolution.us and StopTheChamber.com, filed a complaint with the Washington, D.C. Bar Association earlier this week against John Woods, Richard Wyatt Jr., and Robert Quackenboss Palantir? – "I have directed the company to sever any and all contacts with HB Gary," said the CEO of Palantir Berico Technologies? – "We find such actions reprehensible and are deeply committed to partnering with the best companies in our industry that share our core values. Therefore, we have discontinued all ties with HBGary Federal." Maybe a bit to other DoD contractors? – Endgames, SRA, ManTech, GD, BAH, Symantec, QinetiQ, GD …

Comedy report-videos/375428/february /corporate-hacker-tries-to-take-down- wikileaks

Technical Lessons Learned Don’t have SQL injections in your websites Use strong passwords – 14chars with mix of upper, lower, numbers » “MyTruckisC00l!!” – Or sentence style passwords for long passwords » “my super duper extra secretive password” Public key crypto on ssh 2 factor authentication – A good option to help with weak or lost passwords Social Engineering Training Patch systems very regularly Encryption – Shorter term storage of as well

Moral Questions I think work should more then $$ – I doubt Mr. Barr started with this in mind… People need the right to free press – But where is that line when dealing with stolen documents? Should HBGary competitors study the stolen proposals and other documents? What about studying the s … they’re public now? Does two wrongs make a right?