Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cyber Attack Scenario Overview Hervey Allen Chris Evans Phil Regnauld September 3 – 4, 2009 Santiago, Chile.

Published byWillis Spencer Modified over 9 years ago

Similar presentations

Presentation on theme: "Cyber Attack Scenario Overview Hervey Allen Chris Evans Phil Regnauld September 3 – 4, 2009 Santiago, Chile."— Presentation transcript:

1 Cyber Attack Scenario Overview Hervey Allen Chris Evans Phil Regnauld September 3 – 4, 2009 Santiago, Chile

2 Overview Cyber Attack Categorizations Cyber Attack Demonstration Structure 2

3 Cyber Attack Categorization Foothold Reconnaissance & Enumeration Privilege Escalation Corruption Disruption Data Exfiltration Persistence 3 FootholdRecon & EnumPriv Esc. Corruption Persistence Data Exfiltration Disruption Time & Effort Concurrency

4 Cyber Attack Categorization Foothold – Initial attempts to access and establish a remote connection into the network – Phishing Email with Malware Attachments – Website Hosted Malware Installations 4

5 Cyber Attack Categorization Reconnaissance & Enumeration – The act of scanning a network to determine its layout, hosts, services, users, and other information which may be useful in a cyber attack – Network Mapping – Port Scanning 5

6 Cyber Attack Categorization Privilege Escalation – Obtaining credentials, beyond what is normally available, for the purpose of accessing systems or information – Username / Password Cracking – Social Engineering 6 MetaSploit

7 Cyber Attack Categorization Corruption – Modifying information or content on a system or application – Website Defacement – Cache Poisoning 7 011101001101

8 Cyber Attack Categorization Disruption – Denying, degrading, or otherwise limiting the availability of services provided by a system or application – Packet Floods – Deleting Operating System Files 8

9 Cyber Attack Categorization Data Exfiltration – Copying data, that is not publicly accessible, from a network for malicious purposes – “Smash & Grab” – Corporate Espionage 9

10 Cyber Attack Categorization Persistence – Establishing an unauthorized, constant, presence on the network and thwarting administrator removal attempts – Root Kits – Monitoring Administrator Actions 10 011101001101

11 Cyber Attack Demonstration Structure How the cyber attacks will be demonstrated: – Attack Demonstration (Round 1) – Discussion of Monitoring Tools – Installation, Configuration, Operation of Tools – Establishing a Baseline – Attack Demonstration (Round 2) – Analysis of Results – Discussion of Response & Recovery Actions – Enact Response / Recovery Actions – Attack Demonstration (Round 3) 11

12 Cyber Attack Demonstration Structure 12 Attack Tool Talk Mitigate Analysis Monitor Attack See Effect See the Attack See the Attack Fail

13 QUESTIONS? 13 ? Do you have any questions about … –Cyber Attack Categorizations –How the Cyber Attacks Will Be Demonstrated to You?

Download ppt "Cyber Attack Scenario Overview Hervey Allen Chris Evans Phil Regnauld September 3 – 4, 2009 Santiago, Chile."

Similar presentations

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile.

Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile.
Web Defacement Anh Nguyen May 6 th, 2010. Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.

Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.
Network Security and its Impact on Network Continuity.

Network Security and its Impact on Network Continuity.
Malicious Attacks Angela Ku Adeline Li Jiyoung You Selena Yuen.

Malicious Attacks Angela Ku Adeline Li Jiyoung You Selena Yuen.
Network Security Testing Techniques Presented By:- Sachin Vador.

Network Security Testing Techniques Presented By:- Sachin Vador.
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.

Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
S EC (4.5): S ECURITY 1. F ORMS OF ATTACK There are numerous way that a computer system and its contents can be attacked via network connections. Many.

S EC (4.5): S ECURITY 1. F ORMS OF ATTACK There are numerous way that a computer system and its contents can be attacked via network connections. Many.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Hands-On Microsoft Windows Server 2008 1 Connecting Through Terminal Services Terminal server – Enables clients to run services and software applications.

Hands-On Microsoft Windows Server Connecting Through Terminal Services Terminal server – Enables clients to run services and software applications.
Internet Relay Chat Chandrea Dungy Derek Garrett #29.

Internet Relay Chat Chandrea Dungy Derek Garrett #29.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Secure Registry Operations Framework Hervey Allen Chris Evans Phil Regnauld September 3 – 4, 2009 Santiago, Chile.

Secure Registry Operations Framework Hervey Allen Chris Evans Phil Regnauld September 3 – 4, 2009 Santiago, Chile.
BOTNETS & TARGETED MALWARE Fernando Uribe. INTRODUCTION  Fernando Uribe   IT trainer and Consultant for over 15 years specializing.

BOTNETS & TARGETED MALWARE Fernando Uribe. INTRODUCTION  Fernando Uribe   IT trainer and Consultant for over 15 years specializing.
Incident Response Updated 03/20/2015

Incident Response Updated 03/20/2015
Reconnaissance & Enumeration Baseline, Monitor, Detect, Analyze, Respond, & Recover Hervey Allen Chris Evans Phil Regnauld September 3 – 4, 2009 Santiago,

Reconnaissance & Enumeration Baseline, Monitor, Detect, Analyze, Respond, & Recover Hervey Allen Chris Evans Phil Regnauld September 3 – 4, 2009 Santiago,
Hacking Windows Justin Bell Department of Computer Science University of Wisconsin, Platteville

Hacking Windows Justin Bell Department of Computer Science University of Wisconsin, Platteville
13Computer Intrusions Dr. John P. Abraham Professor UTPA.

13Computer Intrusions Dr. John P. Abraham Professor UTPA.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
SECURITY BASELINES -Sangita Prabhu.

SECURITY BASELINES -Sangita Prabhu.

Similar presentations

Ads by Google