1 REMOTE CONTROL SYSTEM version 7.0 A Stealth, Spyware-Based System for Attacking, Infecting and Monitoring Computers and Smartphones. Full intelligence.

Slides:



Advertisements
Similar presentations
Software Bundle ViPNet Secure Remote Access Arrangement using ViPNet Mobile © Infotecs.
Advertisements

Voice and Data Encryption over mobile networks July 2012 IN-NOVA TECNOLOGIC IN-ARG SA MESH VOIP.
Facts about Welcome to this video from Ozeki. In this video I will present what makes Ozeki Phone System XE the Worlds best on-site software PBX for Windows.
COMPREHENSIVE APPROACH TO INFORMATION SECURITY IN ADVANCED COMPANIES.
Presentation. Contemporary Communication Fast – connects us quickly without delays Reliable – works always Global – connects us with the whole world Low.
Page 1 of 29 Net-Scale Technologies, Inc. Network Based Personal Information and Messaging Services Urs Muller Beat Flepp
Chapter 12 Network Security.
Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
Back to Start 1 of 10 Connect with a Mobile Device You can use your company’s Windows SBS computer network to extend your connectivity by using mobile.
Kaspersky Open Space Security: Release 2 World-class security solution for your business.
Norman Endpoint Protection Advanced security made easy.
©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Endpoint Security Current portfolio and looking forward October 2010.
Norman SecureSurf Protect your users when surfing the Internet.
IMonitor Software About IMonitorSoft Since the year of 2002, coming with EAM Security Series born, IMonitor Security Company stepped into the field of.
Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.
eScan Total Security Suite with Cloud Security
Communications & Data Services The Evolution of Communications Cathy Avgiris EVP/GM May 10, 2012.
Business Computing 550 Lesson 4. Fundamentals of Information Systems, Fifth Edition Chapter 4 Telecommunications, the Internet, Intranets, and Extranets.
Introduction Our Topic: Mobile Security Why is mobile security important?
Viruses.
Keylogger A presentation of computer safety. What is a Keylogger?  A keylogger is an invisible tool for surveillance that allows you to monitor the activities.
1 Copyright © 2002 ACNielsen a VNU company Why choose 3CX Phone System? Key Features & Unique Selling Points by Mike Deerfield CEO – Deerfield Communications.
TRUSTPORT PRODUCT PORTFOLIO Marcela Parolkova Sales Director.
©2014 Bit9. All Rights Reserved Endpoint Threat Prevention Charles Roussey | Sr. Sales Engineer Detection and Response in Seconds.
and VOIP. Definitions Storage- the action or method of storing something for future use. Forward system- Address book- A book for recording the.
Eng. Hector M Lugo-Cordero, MS CIS4361 Department of Electrical Engineering and Computer Science February, 2012 University of Central Florida.
Communication, Networks, The internet and the Worldwide Web.
Decision Group Inc. E-DETECTIVE Decision Group Inc.
VERSION 2.6 FAE Group Demo Guide. Remote Control System Demo In order to standardize the way how Remote Control System is presented and to maximize the.
E-Detective HTTPS/SSL Interception – MITM & Proxy Decision Group
One Platform, One Solution: eToken TMS 5.1 Customer Presentation November 2009.
Conferencing & Enterprise ROI Randy Knaub Director of Marketing.
1 REMOTE CONTROL SYSTEM V7 2 Introduction.
Enterprise Messaging & Collaboration. e-Interact Modules.
BUFFERZONE Advanced Endpoint Security Data Connectors-Charlotte January 2016 Company Confidential.
VERSION 1.0 FAE Group Delivery Guide. Remote Control System Delivery The FAE Group Delivery Guide aims to provide a simple and comprehensive list of steps.
DECISION Group Inc.. Decision Group Monitoring Center Solution on Internet Access for LEA or Intelligence.
Chapter 6 Discovering the Scope of the Incident Spring Incident Response & Computer Forensics.
COM: 111 Introduction to Computer Applications Department of Information & Communication Technology Panayiotis Christodoulou.
©2015 Check Point Software Technologies Ltd. 1 [Restricted] ONLY for designated groups and individuals CHECK POINT MOBILE THREAT PREVENTION.
]Hacking Team[ RCS Remote Control System DEMO PROCEDURES.
Remote Control System 7 Cyber intelligence made easy.
Standard Demo 1 © Hacking Team All Rights Reserved.
Integrating Lawful Hacking with NiceTrack Target360° Daniele Milan, Hacking Team Omri Kletter, NICE Systems.
The Hacking Suite For Governmental Interception.
System Software Chapter Handles technical details Works with end users, application software, and computer hardware Four types of programs –Operating.
18-1 PRENTICE HALL ©2008 Pearson Education, Inc. Upper Saddle River, NJ FORENSIC SCIENCE An Introduction By Richard Saferstein.
The Hacking Suite For Governmental Interception. Which are todays challenges? Encryption Cloud Mobility.
Main Features of iSafe All-in-One Keylogger Universal keylogger of isafe, Inc. Suitable for home parental control,corporate employee monitoring and cheating.
Yahoo is the one of the topmost “internal portal” on the web that is used for  Homepage customization  Search s  Search as a World Wide Web 
The Hacking Suite For Governmental Interception. Today’s topic: RCS installation vectors.
Best Free Key logger Download Computer & Internet Monitoring Software.
Doha - 19/08/2014 Alessandro Scarafile Field Application Engineer Lorenzo Invernizzi Field Application Engineer Emad Shehata Key Account Manager Key Account.
Remote Control System 7 Cyber intelligence made easy Belgrade - 08/02/2012 Massimiliano Luppi Key Account Manager Alessandro Scarafile Field Application.
Responder Field Edition & Pro
Advanced Endpoint Security Data Connectors-Charlotte January 2016
BUILD SECURE PRODUCTS AND SERVICES
Cyber intelligence made easy.
RCS v7 Infection Vectors
Hotmail Technical Support Services.
The Hacking Suite for Governmental Interception
Cyber intelligence made easy.
COMPREHENSIVE APPROACH TO INFORMATION SECURITY IN ADVANCED COMPANIES
Kind of evidence gathered by agents
Features Compatibility
Information Technology Ms. Abeer Helwa
Unit# 5: Internet and Worldwide Web
Cyber intelligence made easy.
Internet Engineering Course
The Hacking Suite For Governmental Interception
Presentation transcript:

1 REMOTE CONTROL SYSTEM version 7.0 A Stealth, Spyware-Based System for Attacking, Infecting and Monitoring Computers and Smartphones. Full intelligence on target users even for encrypted communications (Skype, PGP, secure web mail, etc.)

2 What the press says Financial Times, The Economist “Governments must have IT offensive capabilities” “The new frontier of intelligence is cyberspace” “Spy on suspected terrorists by inserting a remote forensic agent on their computers”

3 Financial Times

4 The Economist

5

6 Introduction

7 Hacking Team Ltd HT is a 100% Italian company founded in 2003 by Valeriano Bedeschi and David Vincenzetti with the ambition of being one of the market reference in penetration testing (Ethical Hacking) services in Italy The company developed in 2004 a unique solution for for attacking, infecting and remotely controlling targets (PCs, MACs, smartphones of different types) In order to finance such a solution we completed a first round of financing in 2007 by: Innogest Sgr, the leading Italian VC fund (€80M under management) Finlombarda Sgr: the main regional VC fund in Lombardy

Hacking Team, financials Huge market traction First mover advantage Market leader Rapid growth to market dominance Financially very strong 2009 results (Actual, YoY) Revenues: +37% EBITDA: +147% EBIT: +121% 8

Our Offer Remote Control System A comprehensive IT offensive security system for remotely attacking, infecting and controlling PCs and smartphones Hacking Team’s educational and technical support services 9

10 RCS – a few key metrics More than 20 customers are currently using our solution in 5 different continents and 15 countries More than 4000 active investigations as at today (estimated) In order to guarantee optimal performance, strong development since inception with : 25 patches finalized since product launch More than new 20 modules released

11 Skype is a nightmare for LEAs IT offensive security represents a new and highly innovative technology It’s growing very fast because of phenomena such as terrorism, industrial espionage and insider trading Advanced use of the Internet by terrorists makes LEAs increasingly nervous Example: the exponential growth of encrypted VoIP communications (Skype claims millions of users) by residential and business users, is a nightmare for LEAs

12 Why IT offensive security Cyber space is a very attractive place for criminals: It’s cheap, quick and easy to access IT offensive security systems can be complementary to more traditional passive IT monitoring solutions Governments need to have both defensive and offensive (IT) capabilities

13 IT offensive security Operational scenarios: 1. “Standard” criminal investigation (evidence gathering) performed by Government Organizations such as Police and Anticorruption (LEAs). 2. Intelligence gathering activities performed by Security Agencies for fighting serious crime and terrorism

14 Remote Control System Remote Control System is an IT stealth investigative tool for LEAs and security agencies It allows passive monitoring and active control of all data and processes on selected target devices E.g., uploading and stealthily executing programs on target, or destroying the target Such devices might or might not be connected to the Internet

15 Functionalities

16 PC: Monitoring and Logging Remote Control System can monitor and log any action performed on the target personal computer Web browsing Opened/Closed/Deleted files Keystrokes (any UNICODE language) Printed documents Chat, , instant messaging Remote Audio Spy Camera snapshots VoIP conversations (eg: Skype) …

PC: architectures Windows XP Windows 2003 Windows Vista Windows 7 Mac OS X (Leopard 10.x) 17

18 Remote Control System can monitor and log any action performed on the target smartphone Call history Address book & Calendar messages Chat/IM messages SMS/MMS interception Localization (cell signal info, GPS info) Remote Audio Spy Camera snapshots Voice calls interception … Smartphones: Monitoring and Logging

Smartphones: architectures Windows Mobile 5 Windows Mobile 6 Windows Mobile 6.5 iPhone OS 2.x iPhone OS 3.x Symbian S60 3 rd edition BlackBerry OS

20 Clear technology & product roadmap to market dominance Q1 2011Q2 2011Q Q Linux Injection Proxy Appliance Symbian

21 Key Features

22 Key features Invisibility: Anti-viruses, anti-spywares, anti-rootkits, anti-keyloggers cannot detect our product ► It is resistant to all products in 2009 Gartner Endpoint Security Magic Quadrant (Gartner is likely the most respected name in IT research worldwide) Flexibility: advanced-logic based on event/action paradigm ► Send data only when the target is away ► Activate microphone only when inside a given location ► and many more... Advanced installation: can be installed locally or remotely by means of various attack vectors

23 Key features Robustness & Scalability: the solution can scale up to unlimited numbers of targets and each investigation can be assigned to different teams Integration with LI platforms : it can be integrated with existing investigation platforms. Data can be automatically forwarded to them once they arrive to our Collection Node Uniformed management: a single console to configure the agents, perform data analysis, configure the attack vectors, manage the users and monitor the system Privilege separation: each user/group can be granted with different privileges and assigned to different activities

24 Key features Stealthiness: the Collection Node can be hidden behind a chain of anonymizers which can be easily changed on the fly Data mining : evidences can be easily retrieved and visualized performing advanced filtering on collected data Alerting: you can be alerted when sensitive data arrives in the system ► E.g. you were waiting for a particular password to be recorded or a particular file to be opened on an encrypted volume

Attack Vectors 25

Local (hands-on) attack (Boot from) USB key/CD-ROM Physical hard-drive extraction and low- level direct access by another PC Encrypted disk?  Evil Maid Attack! PC running and locked by screensaver?  Kill screensaver! Protected by DeepFreeze-like restoration technology?  Make RCS permanent infection! 26

Remote attacks, 1/3 You know your target’s only  Send spoofed with “special attachment” ► E.g.,.PDF,.PPT,.DOC,.MOV, etc Attachment is composed by exploit + RCS backdoor Attachment creation totally automatic and transparent to the user > 50 zero day and non-zero day exploits guaranteed available by means of integrated RCS Exploit Portal 27

Remote attacks, 2/3 You can access your target’s network or your target’s ISP  Use RCS Injection Proxy Proprietary patent-pending technology Handles network speeds till 10G/bits! Infects targets on the fly, automagically! 28

Remote attacks, 3/3 You have other intelligence information about your target  Use RCS Support Portal Social engineering support provided by means of secure channel Active 24x7x365 29

30 Use cases

Voice Communications Issue: the targets are using encrypted VoIP to communicate The voip agent is able to record audio before the encryption and after the decryption The microphone agent can be used to record the surroundings even if the target is not using the computer to communicate 31

Encrypted chat Issue : the target is using a third party encryption plugin (such as OTR) over common chat protocols (MSN, Yahoo!, Gtalk, Skype) The chat agent is able to capture data before the encryption and after the decryption You don’t have to worry about encryption anymore 32

PGP Encrypted data Issue : passive interception can record data, but can not decrypt it The file capture agent can be used to retrieve the private keyring of the target The keylog agent can be used to view the passphrase for the private keyring Recorded data can now be decrypted 33

Webmail interception Issue : modern webmails are really a mess to be decoded on LI platform (ajax & co.) The URL agent can make a screenshot of the visited page (incoming s) The keylog agent can be used to capture outgoing s while the user is writing The clipboard agent can capture the body if it is copy-and-pasted (PGP tray) 34

Deepfrozen Internet Café PCs Issue : Rootkits don’t survive reboot of DeepFreezed computers Our solution is DeepFreeze resistant Just install it 35

36 Final words

Why trusting HT? Reputation Our software has been widely deployed and is used for national security issues worldwide No remote access to data from HT The infrastructure is totally at customer’s site No “hidden features” inside You can have a full source code walk–through 37

How we can help you Delivery on-site Site Acceptance Test Product training Advanced training On-site assistance Support Portal Exploit Portal 38

mailto: 39