1. Thomas Ianuzzi, CPP, CISSP, CFE, CCE

2. In 2007 Companies Reported  Almost 1/3 of companies reported a loss  Average loss was over $350,000  About 1/5 were targeted attacks  Fraud losses overtook virus attacks  Insider attacks were more than 50%

4.  Conferences  Magazines  Websites  Movies

7.  Point and click hacking  A socially challenged individual can ruin your whole day

8.  Criminals  Political  Disgruntled employees

10.  The art and science of getting people to comply with your wishes  Can be used for reconnaissance or can be entire attack  Easy form of hacking can bypass millions of dollars worth of security systems

11.  Do your homework  Build an emotional bond  Techniques:  Diffusion of responsibility - the VP says you wont bear responsibility  Chance for ingratiation - look at what you might get out of this  Trust relationships - He is a good guy I can trust him  You must help be - aren't you mad about this  Guild What, you don’t want to help me  Desire to be helpful - will you help me please  Cooperation - together we can do so much

12.  Memos  Organizational charts  Internal phone directories  Login names  Disks

13. The Most Stolen Item In the Country

14.  Pose as a guest  Piggyback  join the smokers  Wear a uniform  Use the restroom

15. Sam Spade for example delivers  Ping - tests for presence of system  DNS Lookup  Map domain  Whois Information  Traceroute  Crawl your web site  View Web Source  And More

16.  Secure your facilities  Keep a low profile  Know your exposure – Investigate yourself  Train your people then train some more  Test and role play - confrontation is difficult  If a company, have a plan

20.  Avoid wireless networks  Don’t answer pings/stealth ports  Monitor your systems – look for new patterns  Use log aggregation systems  Intrusion detection/ prevention systems

21.  Buffer Overflows  Cracking Password Files  Backdoors (Netcat)  Hundreds of others

22.  Firewalls and border appliances  Central security policy  Strong passwords  IDS/IPS  Patch  Scan Mail, web content  Don’t allow scripts to run

23.  Rootkits (modifying the Kernal)  Trojan Horse Programs

24.  Prepare in advance for intrusion response  Watch closely for odd behavior  Scan regularly for malware  Rebuild on suspicion

25.  Hidden Files  Using temp directories  Replacing system programs  Rewriting Logs

26.  Hide your logs somewhere else  Use system like Tripwire, Prevx, etc.  Have a response plan and trusted utilities

27.  Braggs to his friends  Sells your data  Modifies your data  Defaces your web site  Relays using your computer  Lets you join his botnet  Erases your hard drive

28.  Companies have lots resources

29.  Put a few smart people in a room and take a common sense approach.  At least you get a few things right

30.  IT standards  Accounting controls  HR practices  Business continuity  Best practices

32. Levels of Maturity More Mature Less Mature Non Existent Ad hoc Repeatable but Intuitive Defined Process Managed & Measurable Optimized

33. Logical testing (vulnerability and penetration testing) Social engineering Testing of disaster recovery plans

34. Internal Audit IT Auditor CPA Audit SAS 70 – Tier 1 – Tier 2

36.  Use good virus programs and firewalls  Set security settings to high  Control who uses your machine  Use strong passwords  Encrypt valuable data  Patch  Be suspicious of odd behavior  Back up  Rebuild on suspicion

37.  Extreme care  Whole disk encryption/selective encryption  Stronger passwords  Lojack systems  Non-removable labeling systems  Cable locks

38.  Teach your children about predators and cyber bullying  Openly supervise their internet use