Presentation is loading. Please wait.

Presentation is loading. Please wait.

Death of Security: Breached Hosts/Stolen Data/IP Espionage

Published byBenjamin Page Modified over 9 years ago

Similar presentations

Presentation on theme: "Death of Security: Breached Hosts/Stolen Data/IP Espionage"— Presentation transcript:

1 Death of Security: Breached Hosts/Stolen Data/IP Espionage
Tech Ed North America 2010 4/14/ :22 PM Required Slide SESSION CODE: SIA335 Death of Security: Breached Hosts/Stolen Data/IP Espionage Laura Chappell Author Wireshark Network Analysis: The Official Wireshark Certified Network Analyst Study Guide wiresharkbook.com © 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2 Case 1: Outsourcing Company Name Withheld
Tech Ed North America 2010 4/14/ :22 PM Case 1: Outsourcing Company Name Withheld Company A prepared to release new cellular product – they defined this product as their “future cash cow” Manufacturing cost reduction issues Management decided to outsource production to India Single hard drive contained all technical specs for the company Single person responsible for hand-delivering drive to outsource target Drive “disappeared” Cross-country issues for law enforcement No one watching single person Competitor released product first © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

3 Tech Ed North America 2010 4/14/ :22 PM Case 2: Failed Employee “Separation” Intake brings in new employees; separation removes them from company Separation process leaked Employee copied content from server to a series of USB drives Ex-employees should be “separated” properly © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

4 Case #3: The Beer Garden Employee Birthday Gone Wrong
Tech Ed North America 2010 4/14/ :22 PM Case #3: The Beer Garden Employee Birthday Gone Wrong Company A’s employee allegedly leaves prototype product in beer garden on birthday Prototype allegedly “found” by another customer Prototype sold to gadget mag Gadget mag article describes prototype REACT team searches author’s home Prototype returned to Company A Gourmet Haus Staudt Redwood City, California © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

5 Case #4: Blabla by Stephen Watt On behalf of Albert Gonzalez
Tech Ed North America 2010 4/14/ :22 PM Case #4: Blabla by Stephen Watt On behalf of Albert Gonzalez Gonzales was a Paid USSS Informant 170 million credit/debit card numbers TJX 7-11 Barnes & Noble OfficeMax Heartland Payment Systems Hannaford Brothers Watt pleaded guilty in 2009 as an accomplice to Gonzalez's multi-million card-hacking business. Watt created a sniffer program, Blabla, used to access at least 45 million credit and debit card numbers from TJX's corporate network. Gonzales years + $3 million restitution Watt 2 years and $171.5 million restitution (May 7th in) Stephen Watt © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

6 Case #4: Jeremy Jethro On behalf of Albert Gonzalez
Tech Ed North America 2010 4/14/ :22 PM Case #4: Jeremy Jethro On behalf of Albert Gonzalez “They want to turn their skills into cash; information for money exchange.” Jeremy Jethro Paid $60,000 by Gonzales for IE exploit Confined to home for the first 6 months of his 3-year long sentence; $10,000 restitution Christopher Scott; 7-year sentence Damon Toey; 5-year sentence Humza Zaman; 46 months and $75,000* *Former network security manager at Barclays Bank © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

7 Where R UR Credit Card Numbers?

8 Case #4: Blabla by Stephen Watt On behalf of Albert Gonzalez
Tech Ed North America 2010 4/14/ :22 PM Case #4: Blabla by Stephen Watt On behalf of Albert Gonzalez WAIT! WHAT!!!? Gonzales was a Paid USSS Informant 170 million credit/debit card numbers TJX 7-11 OfficeMax Heartland Payment Systems Hannaford Brothers Watt pleaded guilty in 2009 as an accomplice to Gonzalez's multi-million card-hacking business. Watt created a sniffer program, Blabla, used to access at least 45 million credit and debit card numbers from TJX's corporate network. © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

9 Suspect Traffic Overview
Tech Ed North America 2010 4/14/ :22 PM Suspect Traffic Overview Trace files available at wiresharkbook.com Look for traces preceded by “sec-” and “nmap-” DEMO © 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

10 Required Slide Speakers, please list the Breakout Sessions, Interactive Sessions, Labs and Demo Stations that are related to your session. Tech Ed North America 2010 4/14/ :22 PM Related Content WSV303 Death of a Network: Identify the Hidden Cause of Lousy Network Performance SIA336 Wiretapping Kung Fu: Becoming a Network Analyst Guru SIA332 (Panel) Securing the Cloud: Expert Panel Online Videos: © 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

11 Resources Learning Required Slide www.microsoft.com/teched
Tech Ed North America 2010 4/14/ :22 PM Required Slide Resources Learning Sessions On-Demand & Community Microsoft Certification & Training Resources Resources for IT Professionals Resources for Developers © 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

12 Complete an evaluation on CommNet and enter to win!
Tech Ed North America 2010 4/14/ :22 PM Required Slide Complete an evaluation on CommNet and enter to win! © 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

13 Sign up for Tech·Ed 2011 and save $500 starting June 8 – June 31st
You can also register at the North America 2011 kiosk located at registration Join us in Atlanta next year

14 Tech Ed North America 2010 4/14/2017 11:22 PM
© 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. © 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

15 Required Slide Tech Ed North America 2010 4/14/2017 11:22 PM
© 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Download ppt "Death of Security: Breached Hosts/Stolen Data/IP Espionage"

Similar presentations

Steve Smith Senior Architect The Code Project SESSION CODE: DPR304.

Steve Smith Senior Architect The Code Project SESSION CODE: DPR304.
SQL 2005SQL 2008SQL 2008 R2 Chart Multiple areas NEW! Multiple areas Multiple axes NEW! Multiple axes Calculated series NEW! Calculated series Gauge.

SQL 2005SQL 2008SQL 2008 R2 Chart Multiple areas NEW! Multiple areas Multiple axes NEW! Multiple axes Calculated series NEW! Calculated series Gauge.
Kai Axford MBA, CPP, CISSP, ACE Manager, IT Security Services Accretive Solutions SESSION CODE: SIA339 Allyn Lynd Special.

Kai Axford MBA, CPP, CISSP, ACE Manager, IT Security Services Accretive Solutions SESSION CODE: SIA339 Allyn Lynd Special.
Don Jones Senior Partner and Technologist Concentrated Technology, LLC SESSION CODE: WCL308.

Don Jones Senior Partner and Technologist Concentrated Technology, LLC SESSION CODE: WCL308.
Il-Sung Lee Senior Program Manager Microsoft Corporation SESSION CODE: DAT302.

Il-Sung Lee Senior Program Manager Microsoft Corporation SESSION CODE: DAT302.
Mike Vincent Architect, ALM Coach MVA Software SESSION CODE: DPR305.

Mike Vincent Architect, ALM Coach MVA Software SESSION CODE: DPR305.
3 Business Intelligence with the world’s most popular business productivity suite and most widely deployed information platform IT management & developer.

3 Business Intelligence with the world’s most popular business productivity suite and most widely deployed information platform IT management & developer.
Ron Jacobs Technical Evangelist Microsoft Corporation SESSION CODE: DEV207.

Ron Jacobs Technical Evangelist Microsoft Corporation SESSION CODE: DEV207.
Jason Tolley Technical Director ROK Technology Pty Ltd SESSION CODE: WEM305.

Jason Tolley Technical Director ROK Technology Pty Ltd SESSION CODE: WEM305.
Raymond P.L. Comvalius IT Infrastructure Specialist Invendows BV – The Netherlands SESSION CODE: WCL310.

Raymond P.L. Comvalius IT Infrastructure Specialist Invendows BV – The Netherlands SESSION CODE: WCL310.
Laura Chappell Author Wireshark Network Analysis: The Official Wireshark Certified Network Analyst Study Guide wiresharkbook.com SESSION CODE: SIA336.

Laura Chappell Author Wireshark Network Analysis: The Official Wireshark Certified Network Analyst Study Guide wiresharkbook.com SESSION CODE: SIA336.
Sometimes it is the stuff you know that hinders true progress.

Sometimes it is the stuff you know that hinders true progress.
The Secrets of Effective Technical Talks: How to Explain Tech without Tucking Them In! Presented by Mark Minasi and Mark Russinovich SESSION CODE: SIA334.

The Secrets of Effective Technical Talks: How to Explain Tech without Tucking Them In! Presented by Mark Minasi and Mark Russinovich SESSION CODE: SIA334.
Ashwin Sarin Program Manager Microsoft Corporation SESSION CODE: COS204.

Ashwin Sarin Program Manager Microsoft Corporation SESSION CODE: COS204.
Maciej Pilecki Consultant, SQL Server MVP Project Botticelli Ltd. SESSION CODE: DAT403.

Maciej Pilecki Consultant, SQL Server MVP Project Botticelli Ltd. SESSION CODE: DAT403.
Design Solutions in ExcelShare them on SharePoint 9.

Design Solutions in ExcelShare them on SharePoint 9.
Boris Jabes Senior Program Manager Microsoft Corporation SESSION CODE: DEV319 Scale & Productivity in Visual C++ 2010.

Boris Jabes Senior Program Manager Microsoft Corporation SESSION CODE: DEV319 Scale & Productivity in Visual C
Peter Provost Sr. Program Manager Microsoft Corporation SESSION CODE: DEV403.

Peter Provost Sr. Program Manager Microsoft Corporation SESSION CODE: DEV403.
Joe SchulmanAdrienne WuProgram ManagerMicrosoft Corporation SESSION CODE: SIA319.

Joe SchulmanAdrienne WuProgram ManagerMicrosoft Corporation SESSION CODE: SIA319.
END USER TOOLS AND PERFORMANCE MANAGEMENT APPS Excel PerformancePoint Svcs/ProClarity BI PLATFORM SQL Server Reporting Services SQL Server Reporting Services.

END USER TOOLS AND PERFORMANCE MANAGEMENT APPS Excel PerformancePoint Svcs/ProClarity BI PLATFORM SQL Server Reporting Services SQL Server Reporting Services.

Similar presentations

Ads by Google