Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Jeff Jonas IBM. Spear Phishing en Masse Jeff Jonas, IBM Distinguished Engineer Chief Scientist, IBM Entity Analytics OReilly Gov.

Published byJuan Black Modified over 11 years ago

Similar presentations

Presentation on theme: "1 Jeff Jonas IBM. Spear Phishing en Masse Jeff Jonas, IBM Distinguished Engineer Chief Scientist, IBM Entity Analytics OReilly Gov."— Presentation transcript:

1 1 Jeff Jonas IBM

2 Spear Phishing en Masse Jeff Jonas, IBM Distinguished Engineer Chief Scientist, IBM Entity Analytics jeffjonas@us.ibm.com OReilly Gov 2.0 – May 27, 2010

3 3 Whats Coming Data will find data and relevance will find you. – Amazing ads tailored just for you – Populations spear phished en masse

4 4 How? Context accumulating systems used to deliver real-time, high quality predictions.

5 5 Context, definition of: Better understanding something … by taking into account the things around it.

6 6 No Context Billy scrila34@msn.com In Barcelona now

7 7 In Context Previously Worked at AOL Is a Google Net Admin Lives in San Jose Acquaintance of Esthers Billy scrila34@msn.com In Barcelona now

8 8 Social Media Bill Smith Play: scrila34@msn.com Work: Bill@Google.com Data Finds Data About Bill is a computer network administrator at Google. Author. Speaker. Bill@Google.com Forum In Barcelona now! Whoo Hooo. Note new email: scrila34@msn.com /Billy Is a Google Net Admin In Barcelona

9 9 Social Media Bill Smith Play: scrila34@msn.com Work: Bill@Google.com Data Finds Data About Bill is a computer network administrator at Google. Author. Speaker. Bill@Google.com Forum In Barcelona now! Whoo Hooo. Note new email: scrila34@msn.com /Billy Is a Google Net Admin In Barcelona

10 10 Context Accumulates Acquaintance of Esthers Is a Google Net Admin Living in San Jose In Barcelona Previously Worked at AOL

11 11 Phish This Esther is likely influential to Billy –Esther has 2,500+ FaceBook friends –Billy has 103 FaceBook friends Not best buddies –No recent communications evident on Facebook –No co-references between the two in open source Timely knowledge finds timely material –Lives in San Jose, in Barcelona now –First Google PDF for: [barcelona travelers guide pdf]

12 12 Phish Bait To: Bill@Google.com From: Esther@hotmail.com Billy, sorry we dont connect more often. Busy busy. A mutual friend tells me you are in Barcelona right now! This is my favorite guide for the area, just in case you need one. Esther PS: The spams killing me, hence the new email address Barcelona eGuide.pdf

13 13 Results Amazing click through rates: – Ads – Infections

14 14 Spear Phishing en Masse Not a picture of a person. A whole population – the big picture. Humanless, not enuf of em. Targeted searches, subscriptions and crawlers feeding a fully automated context accumulation process. Not a snapshot of the past. What is happening here and now.

15 15 Plausible Targets The technical elite –Network and database administrators –CIOs, CTOs, CSOs, etc. People in positions of power –Elected officials –Corporate executives Their staff, family and friends Let your imagination run wild, there is virtually no limit

16 16 Hints for Scripts Travels Hobbies Interests Charitable causes Metallica Family members Others influential over them

17 17 Old School: GhostNet Next Gen: lasers on foreheads from 6,940 miles 1 vs. 1 vs. 1,000,000s

18 18 What Now? Better education – Cant keep up Better malware detection – Windows shut too late Better phone home detection – Traffic masking one-step ahead Investment for resilience to black swans – Catastrophic outages too rare

19 19 Closing Thoughts As context accumulates everyone gets smarter. Great ads. And timely emails from folks you recognize and trust … that arent. Will identity authentication be mandated? And how will we square this with our right to be anonymous?

20 20 Related Links More About GhostNet http://en.wikipedia.org/wiki/GhostNet http://www.scribd.com/doc/13731776/Tracking- GhostNet-Investigating-a-Cyber-Espionage- Network Related Stuff On My Blog Puzzling: How Observations Are Accumulated Into Context Data Finds Data Prediction: Channel Consolidation

21 Spear Phishing en Masse Jeff Jonas, IBM Distinguished Engineer Chief Scientist, IBM Entity Analytics jeffjonas@us.ibm.com OReilly Gov 2.0 – May 27, 2010

Download ppt "1 Jeff Jonas IBM. Spear Phishing en Masse Jeff Jonas, IBM Distinguished Engineer Chief Scientist, IBM Entity Analytics OReilly Gov."

Similar presentations

Yahoo! OpenID and OAuth 1 Allen Tom Yahoo! Membership Architect OpenID Foundation Board

Yahoo! OpenID and OAuth 1 Allen Tom Yahoo! Membership Architect OpenID Foundation Board
TWO STEP EQUATIONS 1. SOLVE FOR X 2. DO THE ADDITION STEP FIRST

TWO STEP EQUATIONS 1. SOLVE FOR X 2. DO THE ADDITION STEP FIRST
FaceBook Pics More Important Than You May Realize!

FaceBook Pics More Important Than You May Realize!
Search Engine Marketing 101 June 20, 2006 Presented By:

Search Engine Marketing 101 June 20, 2006 Presented By:
Our Social Media Why and how to compose a social media release.

Our Social Media Why and how to compose a social media release.
1 Wiki Wikiage An Experiential Workshop By Anas Eljamal 9 March 2007.

1 Wiki Wikiage An Experiential Workshop By Anas Eljamal 9 March 2007.
Final Project Instructor: Nguyen Anh Tu Students: Tran Tien Tai Tran Tien Tai Tran Ngoc Mai Tran Ngoc Mai Tu Kim Tuan Tu Kim Tuan Nguyen Ngoc Phuong Nguyen.

Final Project Instructor: Nguyen Anh Tu Students: Tran Tien Tai Tran Tien Tai Tran Ngoc Mai Tran Ngoc Mai Tu Kim Tuan Tu Kim Tuan Nguyen Ngoc Phuong Nguyen.
BeKnown How-to: Company Profiles & Jobs App for Timeline.

BeKnown How-to: Company Profiles & Jobs App for Timeline.
1 Copyright © 2010, Elsevier Inc. All rights Reserved Fig 2.1 Chapter 2.

1 Copyright © 2010, Elsevier Inc. All rights Reserved Fig 2.1 Chapter 2.
By D. Fisher Geometric Transformations. Reflection, Rotation, or Translation 1.

By D. Fisher Geometric Transformations. Reflection, Rotation, or Translation 1.
Business Transaction Management Software for Application Coordination 1 www.choreology.com Business Processes and Coordination.

Business Transaction Management Software for Application Coordination 1 Business Processes and Coordination.
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Title Subtitle.

Title Subtitle.
Facebook Part I Building Your Profile Patrick Therrien Technology & Education Training Specialist.

Facebook Part I Building Your Profile Patrick Therrien Technology & Education Training Specialist.
List and Search Grants Chapter 2. List and Search Grants 2-2 Objectives Understand the option My Grants List Grant Screen Viewing a Grant Understand the.

List and Search Grants Chapter 2. List and Search Grants 2-2 Objectives Understand the option My Grants List Grant Screen Viewing a Grant Understand the.
1 FUND RAISING THE GAME EVERYONE CAN PLAY – AND MUST! Leadership Institute March 2006.

1 FUND RAISING THE GAME EVERYONE CAN PLAY – AND MUST! Leadership Institute March 2006.
Michigan Electronic Grants System Plus

Michigan Electronic Grants System Plus
Instant Messages: I am bored. Social Networks: Facebook, Myspace.

Instant Messages: I am bored. Social Networks: Facebook, Myspace.
0 - 0.

0 - 0.

Similar presentations

Ads by Google