CYBER SECURITY IN THE
REAL WORLD
Presented by Mark Thompson
WHO IS THIS GUY?
• Co-Founder of Sterling Thompson Consulting, LLC
• Consultant and Technical Instructor
• CompTIA Certification Prep
• Microsoft Certification and deployments
• Travels a lot and sees a lot
• Loves all types of technologies
• Story teller…..watch out.
• MCT, MCSE, MCSA, Linux, Security+,
WHY YOU NEED CYBER SECURITY
AWARENESS
• Regulatory Requirements
• The Vanishing Perimeter (Thanks to Bring Your Own Devices policies).
• Constant Changes in the Threat Landscape
• Everyone has a networked device
• Homes are networked therefore connected to the rest of the world
THREATS – SOCIAL ENGINEERING
• Impersonation
• Dominate or charm targets into revealing information or providing access
• Exploit “weak authentication” over telephone / IM / email
• Reasons for effectiveness
• Familiarity / Liking
• Consensus / Social Proof
• Authority and Intimidation
• Scarcity and Urgency
THREATS – SOCIAL ENGINEERING
• Dumpster-diving – Looking for information (build trust)
• Shoulder-surfing - password observation
• Lunchtime Attack - The idea that a user's computer, with the ability to decrypt, is available to an
attacker while the user is out to lunch
• Tailgating - simply walks in behind a person who has legitimate access. Following common courtesy, the
legitimate person will usually hold the door open for the attacker or the attackers themselves may ask the
employee to hold it open for them
PREVENT SOCIAL ENGINEERING ATTACKS
• NEVER provide confidential information or, for that matter, even non-confidential data
and credentials via email, chat messenger, phone or in person to unknown or suspicious
sources.
• BEFORE clicking on links both in emails and on websites keep an eye out for for
misspellings, @ signs and suspicious sub-domains
• BLOCK USB devices in order to reduce the risk of Baiting. Baiting is the digital equivalent
of a real-world Trojan Horse, where the attacker tempts users with free or found physical
media (USB drives) and relies on the curiosity or greed of the victim – if they plug it in,
they are hacked!
PREVENT SOCIAL ENGINEERING ATTACKS
• ATE – AWARENESS, TRAINING and EDUCATION security concept for all
employees, no matter what level and what position they hold in the organization
• Repeat every 6 months
• USE 2-factor authentication in order to make it more difficult for hackers to enter your
organization.
PHISHING
• Using spoofed electronic communications to trick a user into providing confidential
information
• Spoof emails or faked / hacked websites
• Vishing (VoIP or IM)
• Spear Phishing / Whaling (targeting senior management)
• Pharming (redirection)
• Watering Hole
IDENTIFY PHISHING ATTACKS
• Learn to Identify Suspected Phishing Emails
• They duplicate the image of a real company.
• They also copy the name of a company or an actual employee of the company.
• Include sites that are visually similar to a real business.
• Promote gifts, or the loss of an existing account.
PREVENT PHISHING ATTACKS
• Check the Source of Information From Incoming Mail
• Never Go to Your Bank’s Website by Clicking on Links Included in Emails
• Enhance the Security of Your Computer
• Periodically Check Your Accounts
• Phishing Doesn’t Only Pertain to Online Banking
• Phishing Knows All Languages
MALWARE
• Computer viruses
• Rely on some sort of host file
• Vector (executable, script, macro, boot sector)
• Payload
• Worms
• Propagate in memory / over network links
• Consume bandwidth
• May be able to compromise application or OS to deliver payload
• Logic bombs / fork bombs
MALWARE
• Hoaxes
• Drive users to fake Anti-V
• Cause unnecessary support calls
• Use vendor sites to identify malware
• Spam / spit
• Unsolicited email
• Can be vector for malware
• Spit delivered over IM / VoIP
TROJANS AND SPYWARE
• Trojans and botnets
• A malicious program concealed within a benign one
• Many are designed to provide covert surveillance or control of infected host
• Backdoors
• Backdoors may be opened by malicious software or from configuration oversight
• Spyware
• Allows attacker to record system configuration and user actions
• Key logging, screenshots, remote logging, etc
TROJANS AND SPYWARE
• Adware
• Records some user activity but to lesser extent than spyware
• Uses cookies to deliver targeted adverts (based on user browsing behavior)
• Legitimate adware should make privacy policy obvious
• Rootkits
• Replace key system files and utilities
• Most powerful operate with system- or kernel-level privileges
• Ransomware
• Nuisance (“lock out” user by replacing shell)
• Serious (encrypt data files or drives)
WHAT ABOUT MY DEVICES
The Internet is the How-To Guide
We can learn to Hack and protect
STEPS TO PROTECT YOUR DEVICES
• Lock your phone when you're not using it. Set a
password and change it regularly to prevent
others from guessing it
• Activate your phone's tracker capability, if it has
one
• Update your phone's firmware to the most current
version
• Install apps on your phone only if they come from
a trusted source, such as the manufacturer's app
store.
• Access the Internet on your phone only from a
secure Wi-Fi network. Wi-Fi networks that aren't
secure allow nearby hackers to intercept your
data when you get online. Don't do any shopping
or banking on a public Wi-Fi network.
• Delete text messages from unknown senders that
ask for your information, and avoid clicking links
in messages. Some hackers send messages that
appear to be from your bank or another trusted
source
TODAY'S WI-FI NETWORKS
• Hackers are looking for easy targets
• Built-in wireless LAN encryption (such as Wired Equivalent Privacy) is weak.
• Bluetooth Attacks
Bluetooth technology is growing and being adopted at an amazing rate, surpassing
one billion Bluetooth devices shipped in 2006
• Hidden Rogue APs
The threat of a rogue AP is significant for any network, effectively offering an attacker
the equivalent of a RJ45 jack in the parking lot (or across the street, or in the high-rise
building next door).
HACKABLE CARS
• Navigation, Wi-Fi and Bluetooth.
• Proprietary radio, remote keyless entry and a cellular network could be vulnerable
on these vehicles
Read more: http://www.bankrate.com/finance/auto/most-hackable-cars-1.aspx#ixzz4NMVIcZQn
SECURING HACKABLE CARS
• Know if your car’s software needs to be updated
• Check your car manufacturer’s website to see if any recalls or software updates have been
issued.
• Be careful if you’re modifying the car’s software
• Making unauthorized modifications to vehicle software may not only impact the normal operation of your
vehicle, but it may introduce new vulnerabilities that could be exploited by an attacker,”
• Be aware of what devices you connect to your car
• Before connecting a phone or other devices to your car’s diagnostic port, think about whether you can
trust them
• Don’t leave your car stranded and unlocked
• it is important that you maintain awareness of those who may have access to your vehicle
THANK YOU FOR NOT FALLING ASLEEP
DURING MY RANT
YouTube.com
Simply go to youtube.com and enter
“Consultant Chronicle” in the search box.
Make my day by clicking the “Subscribe”
button
https://www.youtube.com/channel/UCBFXqsYnBiAB9A8r
TT5Q0xw
Email/Twitter
[email protected]
@mctsmark
RECOMMENDED BLOGS
• http://usa.kaspersky.com/
• http://krebsonsecurity.com/
• http://www.darkreading.com/
• https://staysafeonline.org/
• https://info.wombatsecurity.com/blog