SlideShare une entreprise Scribd logo

IESBGA 2014 Cybercrime Seminar by John Bambenek

John Bambenek
John Bambenek

This talk by John Bambenek, "What Small Businesses and Entrepreneurs Need to Know About Cybercrime" was given at IESBGA 2014 on May 30th, 2014 at Illinois State University.

Petites entreprises & entrepreunariat
1  sur  56
Télécharger pour lire hors ligne
What Entrepreneurs & Small Businesses Need to Know about Cybercrime IESBGA 2014 John Bambenek - Bambenek Consulting
About Me ●15 Years experience in cybercrime, in IT generally since I was a toddler ○ My first toy I remember was a TI-99 computer, I programmed on it when I was 6. I had an unusual childhood. ●Part-time Faculty in Computer Science at the University of Illinois and own my own firm ●Lecture and teach internationally on cybersecurity, forensics and threat intelligence. ●This conference’s theme is “Big Dreams for Small Business…”
Spoilers ●Employ Risk Management and Be Skeptical ●Keep Software Up-to-Date ●Have Backups and a Plan When Things go Wrong ●Limit Access to Resources and Information ●Use Strong and Unique Passwords
About You ●Small businesses (and those who counsel small businesses) aren’t flush with cash. ●Many don’t have high-tech operations, most don’t have in-house IT staff. ●Most don’t know where to start with security and many operate a component of their business online.
Why this matters... ●Small businesses have real risks. ●You’ve heard about Target or any number of other major companies that had major breaches… ●Have you heard about Fazio Mechanical Services? ●Small business is less able to weather the liability of a major breach. ●Good news, the expectations are lower (but not non-existent) on smaller companies.
Why bother? ●For most small businesses, security will only cost money, it won’t make money. ○ Not as true as you think it is, many companies now require their vendors to have a standard of security. ●Some industries have more stringent regulatory requirements. ●You may not be a prime beef target… ○ But you probably have a payroll account worth draining... ●Cryptolocker example.
Don’t think you are affected by regulation? From Illinois Law: "Personal information" means an individual's first name or first initial and last name in combination with any one or more of the following data elements, when either the name or the data elements are not encrypted or redacted: (1) Social Security number. (2) Driver's license number or State identification (3) Account number or credit or debit card number, or an account number or credit card number in combination with any required security code, access code, or password that would permit access to an individual's financial account.
Who pays when fraud happens? ●Generally, fraud against consumers is not liable to the consumer whether credit or debit cards. ●If funds are taken directly from a bank account, within reason most banks will protect the consumer from losses. ●Electronic commerce requires consumers to “trust” it, so banks and businesses have incentive to protect them from fraud losses.
Who pays when a business is defrauded? ●If a business, large or small, has bank account emptied, credit cards defrauded the business pays. ○“You have means to protect yourself” ●If consumers are defrauded because of an incident in your environment, you pay. ○Credit cards cost $40-$50 to reissue. ●If your payroll account is emptied, your bank may help… by giving you a line of credit to make payroll. ●Can your business afford to eat that kind of loss?
It gets worse... ●If you lose consumer records, the FTC (or other) penalties can be substantial. ●HIPAA fines can easily get into millions. ●Usually need to pay for credit monitoring for all victims. ●Intangible costs of bad publicity (though this is going down) ●But there are things that can be done, which is why you’re here today
Item #1 - Risk Management & Skepticism ●Employ risk management. ●Be skeptical of what you see (e-mail / web). ●What secrets & confidential info do you have? ●What information could someone use for fraud if stolen? ●What information could a competitor use if stolen? ●You’re not paranoid if they really all are out to get you.
A Brief Note on Who Our Attackers Are ●Generally cybercriminals can be broken down into these groups: ○Nation States ○Organized Crime ○Disorganized Crime ○Hacktivists ○Disgruntled Insiders ○Your Competitors ●Depending on the group will determine how, why and when they attack and at what skill level.
Hacktivism example
How Much to Spend on Security? ●If you wanted, you could spend unlimited amounts of money on security… and you’d still get breached. ○Just ask the NSA. ●Security vendors will happily charge you lots of money to protect you against unknown threats that aren’t reasonable for you to worry about. ○Example: Nation states ●However, lots of ground can be covered by basic (and generally free) steps that follow.
What is “reasonable” security? ●If laws or regulations require you to do it, it’s reasonable. ○The more laws and regulations, the harder it is for a small business to continue to exist. ●If contracts or other written agreements require you to do it, it’s reasonable. ●Beyond that, reasonable is what your peer companies do and what is reasonable based on “what bad could happen” if certain data got lost. ○Can vary wildly.
Example: Nation States ●Nation states are constantly attacking either for national security-related material or industrial trade secrets. ●Actors are highly-trained, highly-funded and operative with overt (or tacit) state sanction. ●If they want to get in, they will have a plan and all the resources they need at their disposal to do so. ●Is it reasonable for a small business to fend off an entire industrialized nation?
Example: Nation States ●Nation states are constantly attacking either for national security-related material or industrial trade secrets. ●Actors are highly-trained, highly-funded and operative with overt (or tacit) state sanction. ●If they want to get in, they will have a plan and all the resources they need at their disposal to do so. ●Is it reasonable for a small business to fend off an entire industrialized nation?
Example: Disorganized Crime ●People send spam constantly that claims all sorts of dubious and outrageous things. Usually uses same content or infrastructure. ○Heard the one about the Nigerian general... ●Anti-spam solutions exist to prevent those messages from getting to you in the first place, some are even free. ●Commodity attacks are easily handled by commodity off-the-shelf tools. ●Is a $50 anti-virus package reasonable?
Be Skeptical ●Most computer attacks rely on end-users doing something that puts them at risk. Usually this works by abusing their trust. ●E-mail, social media, text messages, webpages, and robocalls can be easily spoofed. ●Avoid blindly trusting what your technology is telling you. ●If something seems odd, verify it out-of-band (i.e. not using the same medium you just got message on).
Example: Fake Subpoena
Be Skeptical ●Don’t give passwords on request to those who ask. ●Avoid clicking on links for sensitive transactions (i. e. type full URL instead). ●Be careful of typos when typing URLs (Whitehouse example). ●The more something seems to require immediate action, the more you should verify its authenticity. ●No legitimate person will object to you attempting to verify they are who they say they are.
Takeaways ●Have some understanding of the threats you face. ●Make reasonable decision about protecting yourself without going broke. ●Take advantage of free things you can do. ●Be skeptical of what your technology tells you and verify when needed. ●Limit (or eliminate) the sensitive information you give someone on request.
Item #2 - Stay Up-to-date ●Almost all modern major software has means to update itself for bugs and security vulnerabilities. ●Microsoft, for instance, releases updates on second Tuesday of every month (and occasionally at other times) ●Adobe Reader, Flash, Java all have their own updates. ●Anti-virus and security tools also need to be updated frequently to protect against the latest threats.
Microsoft Updates ●
Microsoft Updates - Key Points ●Update automatically. ●Include other Microsoft products in updates (i.e. Office) ●This doesn’t include other non-Microsoft products. Some may have pop-up reminders but make sure you know what the real one looks like. ●This is the one, single best thing you can do to prevent breaches. Don’t put it off.
Old Versions ●Anyone still using Windows XP? ●After a product is out there long enough, software publishers will no longer support it with updates. ●Find a way to fit version updates into routine technology refreshes. Systems won’t tell you they are too old. ●What about applications that don’t tell you they need an update? ○Smartphones, for instance.
Security Software ●Are you using a comprehensive security software solution on every machine? (Many banks and ISPs will give you this for free) ●They do more than block malware and are generally updated automatically. ○If this stops, you have a problem. ●Limitation: will only protect against already-known threats. ●If you have it make sure it’s updating. If you don’t have it see if someone will give it to you for free.
One final point... ●Sometimes good computer hygiene can prevent headlines like this: “Russia Takes Cyber-Swipe at Illini” News-Gazette, 3/17/2014 ●Do to vulnerable and misconfigured servers, someone was able to reflect an attack on Russian infrastructure off of University servers. ●It’s all fun and games until someone causes an international incident with your network...
Takeaways ●Have updates applied automatically where possible (and make sure it stays that way). ●When pop-ups ask for updates, make sure you apply them that day… ○But know what the real pop-up looks like. ●Be aware when old versions of software are no longer supported and replace them. ●Make sure security software is updated on a nightly basis.
Item #3 - Regular Backups ●Remember cryptolocker? ●Sometimes computer failures happen, would you be able to recover your data? ○Forensic work is my high hourly billing item. ●What happens if your computer or server fails? ●What is critical for your business to run? What things are nice to have but you could live without? ●Some viruses will destroy a system or be impossible to remove without a full reinstall.
Backups ●What is critical data? ○Your financial records? ○Your customer records? ○Your employee records? ○Your email address book? ●Any piece of data that if you lost forever would cause irreparable and significant harm. ●Just enumerating this is a useful business exercise.
Backups ●A commercial solution is best (i.e. tapes) but there are free software packages out there and you can always just backup to external hard drives. ○Most important thing is to keep multiple backups and some of those off-site from the company. ●You could backup to cloud storage (Google Drive / OneDrive) but be sure to encrypt sensitive information. ○What if the cloud provider goes out of business?
Disaster Recovery ●It is very easy to spend lots of money on this to protect against a wide variety of situations that aren’t relevant to you. ●Obvious situation is what to do if your systems fail and that failure can be malicious. ●If you have a server hosted by a third-party provider, what do you do if they fail? ○Hosting provider example. ●Best way to deal with an infected machine is to wipe and reinstall.
Takeaways ●Failures happen, the difference between recovering and going out of business is planning and preparing. ●All critical information for a business should be identified and backed up with at least one backup being off-site (i.e. safe in home). ●Have a plan for system failures.
Item #4 - Limit Access ●Sometimes basic attacks succeed, people make mistakes, someone’s kid uses the employee’s laptop to play games… ●That mistake shouldn’t give immediate and full access to everything. ●Sometimes disgruntled employees retaliate. ●Sometimes people just make a mistake and didn’t intend to erase an entire disk. ●Limit the foothold an attacker can get.
Limiting File Access ●People tend to always want more access than they need. General practice should be to grant access based on need-to-know. ●Avoid giving people administrator access on their computers. ●If you have a server, does everybody need access to everything? (Answer: no) ●Cryptolocker example again.
Limiting Stored Data ●First rule: create no evidence... ●Avoid storing passwords in your web browser. ●Avoid creating files with sensitive information. ●Absolutely limit what you put online that could be useful to attackers. ●Be careful with what you e-mail (it goes across the Internet in the clear). ○A simple press release from White House exposed the CIA’s Station Chief in Afghanistan
Now to Pick on the NSA
Still Picking on the NSA
Limiting Access to Systems ●Do your employees have laptops they bring home? Do you? ○Avoid familial use ○Practice good physical security ●Recreational use of systems can lead to infections (i.e. malvertising). ●All machines should require logging in with a password to use and should lock after 15 minutes of inactivity. ●Control who has access to the building.
Limiting Access to your Network ●Do you have a “guest” wireless network? Make it separate from internal business network. ●Wireless networks can be monitored from miles away, make sure yours is using WPA2 and passphrases at a minimum. ●Avoid having machines with direct internet access. Have them behind a firewall or router (most cable ISPs provide devices to do this already).
Sensitive Systems ●Consider having separate computers for use ONLY for sensitive business transactions like payroll or high- dollar transfers. ●Recreational use of a computer can lead to infections. If that system processes payroll too now bad guys have your payroll... ●Those systems need to be updated and secured too. Access should be limited to those who need access to execute those functions. ●If relevant, consider throwaway computers for guests.
Takeaways ●Limit access of employees to only what they need to know. ●Limit access to information from outside entities. ●Avoid familial use of computers. ●Have separate computers for sensitive business functions.
Item #5 - Use Strong Passwords ●Usually, your password is the key to your digital identity. If that is captures, now that person is you. ●Simple passwords are cracked easily. Even 8 character passwords of random characters can be cracked without too much effort. ●Secure passwords should be at least 12 characters and include uppercase, lowercase, numbers and special characters. ●Avoid password reuse between sites.
The 25 Worst Passwords of 2013 according to PCWorld 123456 iloveyou monkey password adobe123 shadow 12345678 123123 sunshine qwerty admin 12345 abc123 1234567890 password1 123456789 letmein princess 111111 photoshop azerty 1234567 1234 trustno1 000000
Weak Passwords ●There are plenty of other weak passwords than what was on last slide. ●Anything that is a dictionary word (or similar to one) ●Anything that is all numbers ●Anything that can be easily derived from you ●Anything that can be easily derived from the business ●Anything that’s less than 12 characters ●Anything not changed within 90 days
Password Re-Use ●One of the biggests causes of people having their accounts accessed is password re-use. ●Let’s say you comment on a blog, you register with your e-mail address and the password you use for everything. ●If a blog gets hacked, no one cares. But now they have your e-mail and a password, they try the password and are now in your e-mail. ●Your e-mail has everything you’ve signed up for, online banking, social media, perhaps work e-mail...
Password Reset Features ●Almost everything has a password reset feature to recover lost passwords automatically. ●The questions can usually be easy to guess if you know the person. ○Sarah Palin example. ●Make sure password resets send some notification, hopefully out-of-band (i.e. text message). ●Consider putting fake information in for password recovery questions.
How to Make a Strong Password Passwords should be long (more than 12 characters) and contain upper & lower case, numbers and special characters. Microsoft’s Advice: Create an acronym from an easy-to-remember piece of information. For example, pick a phrase that is meaningful to you, such as My son's birthday is 12 December, 2004. Using that phrase as your guide, you might use Msbi12/Dec,4 for your password. Substitute numbers, symbols, and misspellings for letters or words in an easy-to-remember phrase. For example, My son's birthday is 12 December, 2004 could become Mi$un's Brthd8iz 12124 (it's OK to use spaces in your password). Relate your password to a favorite hobby or sport. For example, I love to play badminton could become ILuv2PlayB@dm1nt()n.
Use Unique Passwords ●If you don’t use the same password everywhere, one compromised account doesn’t compromise your entire digital identity. ●If ideal of unique password for everything in unmanageable, at least have 3: ○One for sensitive business use (i.e. payroll) ○One for general business use ○One as a throwaway (i.e. blogs, fantasy sports…) ●How to make strong, unique passwords: ○Msbi12/Dec,4### (where ### is some unique site identified)
Never Share Your Password ●Avoid situations where you share your password with anyone, even coworkers. ●Try to have unique logins for each individual (can later be used to track if needed). ●How did Edward Snowder steal so much information? ○He asked coworkers for their passwords and used their access. ●Avoid shared accounts and escrow sensitive passwords in a safe.
Two-Factor Authentication ●Where possible, sensitive applications should use two-factor authentication. ○Something you have (i.e. cell phone) and something you know (i.e. password) ●Most banks offer this for commercial accounts. ●Many other services (like Gmail, Twitter and Facebook) will send text messages before letting you fully log in. ●This notifies you that your password is stolen while still limiting what an attacker can access.
Takeaways ●Have unique strong passwords for each application or site you use. ●Avoid password re-use and weak passwords. ●Everyone should have their own login. ●Use two-factor authentication for all sensitive business applications where possible.
Last Point ●Basic computer maintenance goes a long way towards security. ●If someone isn’t assigned in your office to maintain computers, having general tech support handy can help security. ●Having someone in office with basic computer support skills can work, better to invest in people than technology when it comes to security.
Remember these 5 things ●Employ Risk Management and Be Skeptical ●Keep Software Up-to-Date ●Have Backups and a Plan When Things go Wrong ●Limit Access to Resources and Information ●Use Strong and Unique Passwords
These slides available at: http://tinyurl.com/jcbiesbga Questions? John Bambenek jcb@bambenekconsulting.com 217.493.0760

Recommandé

Champaign EDC Cybersecurity Seminar by John Bambenek - March 25, 2014
Champaign EDC Cybersecurity Seminar by John Bambenek - March 25, 2014Champaign EDC Cybersecurity Seminar by John Bambenek - March 25, 2014
Champaign EDC Cybersecurity Seminar by John Bambenek - March 25, 2014John Bambenek
 
Staying Safe and Secure Online
Staying Safe and Secure OnlineStaying Safe and Secure Online
Staying Safe and Secure Onlineevolutionaryit
 
Phil Grimes - Penetrating the Perimeter: Tales from the Battlefield
Phil Grimes - Penetrating the Perimeter: Tales from the BattlefieldPhil Grimes - Penetrating the Perimeter: Tales from the Battlefield
Phil Grimes - Penetrating the Perimeter: Tales from the Battlefieldcentralohioissa
 
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...Casey Ellis
 
Security Unplugged
Security UnpluggedSecurity Unplugged
Security Unpluggedsean_mckim
 
No National 'Stand Your Cyberground' Law Please
No National 'Stand Your Cyberground' Law PleaseNo National 'Stand Your Cyberground' Law Please
No National 'Stand Your Cyberground' Law PleaseWilliam McBorrough
 
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9UISGCON
 
Banning Whining, Avoiding Cyber Wolves, and Creating Warrior
Banning Whining, Avoiding Cyber Wolves, and Creating WarriorBanning Whining, Avoiding Cyber Wolves, and Creating Warrior
Banning Whining, Avoiding Cyber Wolves, and Creating WarriorSandra (Sandy) Dunn
 

Recommandé

Champaign EDC Cybersecurity Seminar by John Bambenek - March 25, 2014
Champaign EDC Cybersecurity Seminar by John Bambenek - March 25, 2014Champaign EDC Cybersecurity Seminar by John Bambenek - March 25, 2014
Champaign EDC Cybersecurity Seminar by John Bambenek - March 25, 2014John Bambenek
 
Staying Safe and Secure Online
Staying Safe and Secure OnlineStaying Safe and Secure Online
Staying Safe and Secure Onlineevolutionaryit
 
Phil Grimes - Penetrating the Perimeter: Tales from the Battlefield
Phil Grimes - Penetrating the Perimeter: Tales from the BattlefieldPhil Grimes - Penetrating the Perimeter: Tales from the Battlefield
Phil Grimes - Penetrating the Perimeter: Tales from the Battlefieldcentralohioissa
 
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...Casey Ellis
 
Security Unplugged
Security UnpluggedSecurity Unplugged
Security Unpluggedsean_mckim
 
No National 'Stand Your Cyberground' Law Please
No National 'Stand Your Cyberground' Law PleaseNo National 'Stand Your Cyberground' Law Please
No National 'Stand Your Cyberground' Law PleaseWilliam McBorrough
 
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9UISGCON
 
Banning Whining, Avoiding Cyber Wolves, and Creating Warrior
Banning Whining, Avoiding Cyber Wolves, and Creating WarriorBanning Whining, Avoiding Cyber Wolves, and Creating Warrior
Banning Whining, Avoiding Cyber Wolves, and Creating WarriorSandra (Sandy) Dunn
 
Meet the hackers: Seattle Tech Law CLE December 2018
Meet the hackers: Seattle Tech Law CLE December 2018Meet the hackers: Seattle Tech Law CLE December 2018
Meet the hackers: Seattle Tech Law CLE December 2018Wendy Knox Everette
 
Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Don Grauel
 
Cognitive automation with machine learning in cyber security
Cognitive automation with machine learning in cyber securityCognitive automation with machine learning in cyber security
Cognitive automation with machine learning in cyber securityRishi Kant
 
Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9UISGCON
 
Sj terp emerging tech radar
Sj terp emerging tech radarSj terp emerging tech radar
Sj terp emerging tech radarSaraJayneTerp
 
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copyBest_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copyStephanie McVitty
 
CCIAOR Cyber Security Forum
CCIAOR Cyber Security ForumCCIAOR Cyber Security Forum
CCIAOR Cyber Security ForumCCIAOR
 
Hacking_SharePoint_FINAL
Hacking_SharePoint_FINALHacking_SharePoint_FINAL
Hacking_SharePoint_FINALIan Naumenko, CISSP, CRISC
 
Cyber Security Awareness Month 2017-Nugget 6
Cyber Security Awareness Month 2017-Nugget 6Cyber Security Awareness Month 2017-Nugget 6
Cyber Security Awareness Month 2017-Nugget 6Chinatu Uzuegbu
 
Combating Cyber Security Using Artificial Intelligence
Combating Cyber Security Using Artificial IntelligenceCombating Cyber Security Using Artificial Intelligence
Combating Cyber Security Using Artificial IntelligenceInderjeet Singh
 
HOW AI CAN HELP IN CYBERSECURITY
HOW AI CAN HELP IN CYBERSECURITYHOW AI CAN HELP IN CYBERSECURITY
HOW AI CAN HELP IN CYBERSECURITYPriyanshu Ratnakar
 
Risk, SOCs, and mitigations: cognitive security is coming of age
Risk, SOCs, and mitigations: cognitive security is coming of ageRisk, SOCs, and mitigations: cognitive security is coming of age
Risk, SOCs, and mitigations: cognitive security is coming of ageSara-Jayne Terp
 
2021 12 nyu-the_business_of_disinformation
2021 12 nyu-the_business_of_disinformation2021 12 nyu-the_business_of_disinformation
2021 12 nyu-the_business_of_disinformationSaraJayneTerp
 
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...Withum
 
Why_TG
Why_TGWhy_TG
Why_TGTOP GUN
 
Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...
Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...
Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...Shawn Tuma
 
IQ4 Final Presentation (1)
IQ4 Final Presentation (1)IQ4 Final Presentation (1)
IQ4 Final Presentation (1)Chathura Wickramage
 
Webinar: Understanding the Cyber Threat Landscape for Nonprofits
Webinar: Understanding the Cyber Threat Landscape for NonprofitsWebinar: Understanding the Cyber Threat Landscape for Nonprofits
Webinar: Understanding the Cyber Threat Landscape for NonprofitsWithum
 
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...Rishi Singh
 
PCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red HatPCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red HatPCM
 
Forthright Security Lunch and Learn - Ransomware Focus 2
Forthright Security Lunch and Learn - Ransomware Focus 2Forthright Security Lunch and Learn - Ransomware Focus 2
Forthright Security Lunch and Learn - Ransomware Focus 2David Dubree
 
IT-Risks-for-Non-profits-September-18SEPT17.pptx
IT-Risks-for-Non-profits-September-18SEPT17.pptxIT-Risks-for-Non-profits-September-18SEPT17.pptx
IT-Risks-for-Non-profits-September-18SEPT17.pptxSAbedinArman
 

Contenu connexe

Tendances

Meet the hackers: Seattle Tech Law CLE December 2018
Meet the hackers: Seattle Tech Law CLE December 2018Meet the hackers: Seattle Tech Law CLE December 2018
Meet the hackers: Seattle Tech Law CLE December 2018Wendy Knox Everette
 
Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Don Grauel
 
Cognitive automation with machine learning in cyber security
Cognitive automation with machine learning in cyber securityCognitive automation with machine learning in cyber security
Cognitive automation with machine learning in cyber securityRishi Kant
 
Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9UISGCON
 
Sj terp emerging tech radar
Sj terp emerging tech radarSj terp emerging tech radar
Sj terp emerging tech radarSaraJayneTerp
 
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copyBest_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copyStephanie McVitty
 
CCIAOR Cyber Security Forum
CCIAOR Cyber Security ForumCCIAOR Cyber Security Forum
CCIAOR Cyber Security ForumCCIAOR
 
Cyber Security Awareness Month 2017-Nugget 6
Cyber Security Awareness Month 2017-Nugget 6Cyber Security Awareness Month 2017-Nugget 6
Cyber Security Awareness Month 2017-Nugget 6Chinatu Uzuegbu
 
Combating Cyber Security Using Artificial Intelligence
Combating Cyber Security Using Artificial IntelligenceCombating Cyber Security Using Artificial Intelligence
Combating Cyber Security Using Artificial IntelligenceInderjeet Singh
 
HOW AI CAN HELP IN CYBERSECURITY
HOW AI CAN HELP IN CYBERSECURITYHOW AI CAN HELP IN CYBERSECURITY
HOW AI CAN HELP IN CYBERSECURITYPriyanshu Ratnakar
 
Risk, SOCs, and mitigations: cognitive security is coming of age
Risk, SOCs, and mitigations: cognitive security is coming of ageRisk, SOCs, and mitigations: cognitive security is coming of age
Risk, SOCs, and mitigations: cognitive security is coming of ageSara-Jayne Terp
 
2021 12 nyu-the_business_of_disinformation
2021 12 nyu-the_business_of_disinformation2021 12 nyu-the_business_of_disinformation
2021 12 nyu-the_business_of_disinformationSaraJayneTerp
 
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...Withum
 
Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...
Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...
Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...Shawn Tuma
 
Webinar: Understanding the Cyber Threat Landscape for Nonprofits
Webinar: Understanding the Cyber Threat Landscape for NonprofitsWebinar: Understanding the Cyber Threat Landscape for Nonprofits
Webinar: Understanding the Cyber Threat Landscape for NonprofitsWithum
 
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...Rishi Singh
 
PCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red HatPCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red HatPCM
 

Tendances (20)

Meet the hackers: Seattle Tech Law CLE December 2018
Meet the hackers: Seattle Tech Law CLE December 2018Meet the hackers: Seattle Tech Law CLE December 2018
Meet the hackers: Seattle Tech Law CLE December 2018
 
Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012
 
Cognitive automation with machine learning in cyber security
Cognitive automation with machine learning in cyber securityCognitive automation with machine learning in cyber security
Cognitive automation with machine learning in cyber security
 
Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9
 
Sj terp emerging tech radar
Sj terp emerging tech radarSj terp emerging tech radar
Sj terp emerging tech radar
 
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copyBest_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
 
CCIAOR Cyber Security Forum
CCIAOR Cyber Security ForumCCIAOR Cyber Security Forum
CCIAOR Cyber Security Forum
 
Hacking_SharePoint_FINAL
Hacking_SharePoint_FINALHacking_SharePoint_FINAL
Hacking_SharePoint_FINAL
 
Cyber Security Awareness Month 2017-Nugget 6
Cyber Security Awareness Month 2017-Nugget 6Cyber Security Awareness Month 2017-Nugget 6
Cyber Security Awareness Month 2017-Nugget 6
 
Combating Cyber Security Using Artificial Intelligence
Combating Cyber Security Using Artificial IntelligenceCombating Cyber Security Using Artificial Intelligence
Combating Cyber Security Using Artificial Intelligence
 
HOW AI CAN HELP IN CYBERSECURITY
HOW AI CAN HELP IN CYBERSECURITYHOW AI CAN HELP IN CYBERSECURITY
HOW AI CAN HELP IN CYBERSECURITY
 
Risk, SOCs, and mitigations: cognitive security is coming of age
Risk, SOCs, and mitigations: cognitive security is coming of ageRisk, SOCs, and mitigations: cognitive security is coming of age
Risk, SOCs, and mitigations: cognitive security is coming of age
 
2021 12 nyu-the_business_of_disinformation
2021 12 nyu-the_business_of_disinformation2021 12 nyu-the_business_of_disinformation
2021 12 nyu-the_business_of_disinformation
 
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...
 
Why_TG
Why_TGWhy_TG
Why_TG
 
Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...
Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...
Cybersecurity and Privacy for In-House Counsel: How the New Regulations and G...
 
IQ4 Final Presentation (1)
IQ4 Final Presentation (1)IQ4 Final Presentation (1)
IQ4 Final Presentation (1)
 
Webinar: Understanding the Cyber Threat Landscape for Nonprofits
Webinar: Understanding the Cyber Threat Landscape for NonprofitsWebinar: Understanding the Cyber Threat Landscape for Nonprofits
Webinar: Understanding the Cyber Threat Landscape for Nonprofits
 
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
 
PCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red HatPCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red Hat
 

Similaire à IESBGA 2014 Cybercrime Seminar by John Bambenek

Forthright Security Lunch and Learn - Ransomware Focus 2
Forthright Security Lunch and Learn - Ransomware Focus 2Forthright Security Lunch and Learn - Ransomware Focus 2
Forthright Security Lunch and Learn - Ransomware Focus 2David Dubree
 
IT-Risks-for-Non-profits-September-18SEPT17.pptx
IT-Risks-for-Non-profits-September-18SEPT17.pptxIT-Risks-for-Non-profits-September-18SEPT17.pptx
IT-Risks-for-Non-profits-September-18SEPT17.pptxSAbedinArman
 
The Human Side of Security
The Human Side of SecurityThe Human Side of Security
The Human Side of SecurityRandy Earl
 
Cyber Security & User's Privacy Invasion
Cyber Security & User's Privacy InvasionCyber Security & User's Privacy Invasion
Cyber Security & User's Privacy InvasionIsaiah Edem
 
War Against Terrorism - CIO's Role
War Against Terrorism - CIO's RoleWar Against Terrorism - CIO's Role
War Against Terrorism - CIO's RoleAyodeji Rotibi
 
What is Cybercrime and How to Prevent Cybercrime?
What is Cybercrime and How to Prevent Cybercrime?What is Cybercrime and How to Prevent Cybercrime?
What is Cybercrime and How to Prevent Cybercrime?Entrance Exam Info
 
APT or not - does it make a difference if you are compromised?
APT or not - does it make a difference if you are compromised?APT or not - does it make a difference if you are compromised?
APT or not - does it make a difference if you are compromised?Thomas Malmberg
 
11 19-2015 - iasaca membership conference - the state of security
11 19-2015 - iasaca membership conference - the state of security11 19-2015 - iasaca membership conference - the state of security
11 19-2015 - iasaca membership conference - the state of securityMatthew Pascucci
 
Cyber security with ai
Cyber security with aiCyber security with ai
Cyber security with aiBurhan Ahmed
 
140707_Cyber-Security
140707_Cyber-Security140707_Cyber-Security
140707_Cyber-SecurityTara Gravel
 
Security Awareness Program
Security Awareness ProgramSecurity Awareness Program
Security Awareness ProgramDavid Wigton
 
Top 6 things_small_businesses_q12015
Top 6 things_small_businesses_q12015Top 6 things_small_businesses_q12015
Top 6 things_small_businesses_q12015anpapathanasiou
 
computer and society impact of Computer in society
computer and society impact of Computer in society computer and society impact of Computer in society
computer and society impact of Computer in society Sumama Shakir
 
How Data Loss Prevention End-Point Agents Use HPE IDOL’s Comprehensive Data C...
How Data Loss Prevention End-Point Agents Use HPE IDOL’s Comprehensive Data C...How Data Loss Prevention End-Point Agents Use HPE IDOL’s Comprehensive Data C...
How Data Loss Prevention End-Point Agents Use HPE IDOL’s Comprehensive Data C...Dana Gardner
 
New business opportunities in smart societies and industry 4.0
New business opportunities in smart societies and industry 4.0New business opportunities in smart societies and industry 4.0
New business opportunities in smart societies and industry 4.0Peter Waher
 
Common sense security by Fortium Partners
Common sense security by Fortium PartnersCommon sense security by Fortium Partners
Common sense security by Fortium PartnersDAVID BERGH
 

Similaire à IESBGA 2014 Cybercrime Seminar by John Bambenek (20)

Forthright Security Lunch and Learn - Ransomware Focus 2
Forthright Security Lunch and Learn - Ransomware Focus 2Forthright Security Lunch and Learn - Ransomware Focus 2
Forthright Security Lunch and Learn - Ransomware Focus 2
 
IT-Risks-for-Non-profits-September-18SEPT17.pptx
IT-Risks-for-Non-profits-September-18SEPT17.pptxIT-Risks-for-Non-profits-September-18SEPT17.pptx
IT-Risks-for-Non-profits-September-18SEPT17.pptx
 
The Human Side of Security
The Human Side of SecurityThe Human Side of Security
The Human Side of Security
 
Cyber Security & User's Privacy Invasion
Cyber Security & User's Privacy InvasionCyber Security & User's Privacy Invasion
Cyber Security & User's Privacy Invasion
 
War Against Terrorism - CIO's Role
War Against Terrorism - CIO's RoleWar Against Terrorism - CIO's Role
War Against Terrorism - CIO's Role
 
What is Cybercrime and How to Prevent Cybercrime?
What is Cybercrime and How to Prevent Cybercrime?What is Cybercrime and How to Prevent Cybercrime?
What is Cybercrime and How to Prevent Cybercrime?
 
APT or not - does it make a difference if you are compromised?
APT or not - does it make a difference if you are compromised?APT or not - does it make a difference if you are compromised?
APT or not - does it make a difference if you are compromised?
 
11 19-2015 - iasaca membership conference - the state of security
11 19-2015 - iasaca membership conference - the state of security11 19-2015 - iasaca membership conference - the state of security
11 19-2015 - iasaca membership conference - the state of security
 
Cyber security with ai
Cyber security with aiCyber security with ai
Cyber security with ai
 
140707_Cyber-Security
140707_Cyber-Security140707_Cyber-Security
140707_Cyber-Security
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Information Security
Information SecurityInformation Security
Information Security
 
Cybersecurity awareness.pdf
Cybersecurity awareness.pdfCybersecurity awareness.pdf
Cybersecurity awareness.pdf
 
Security Awareness Program
Security Awareness ProgramSecurity Awareness Program
Security Awareness Program
 
Top 6 things_small_businesses_q12015
Top 6 things_small_businesses_q12015Top 6 things_small_businesses_q12015
Top 6 things_small_businesses_q12015
 
Robust Software Solutions.pptx
Robust Software Solutions.pptxRobust Software Solutions.pptx
Robust Software Solutions.pptx
 
computer and society impact of Computer in society
computer and society impact of Computer in society computer and society impact of Computer in society
computer and society impact of Computer in society
 
How Data Loss Prevention End-Point Agents Use HPE IDOL’s Comprehensive Data C...
How Data Loss Prevention End-Point Agents Use HPE IDOL’s Comprehensive Data C...How Data Loss Prevention End-Point Agents Use HPE IDOL’s Comprehensive Data C...
How Data Loss Prevention End-Point Agents Use HPE IDOL’s Comprehensive Data C...
 
New business opportunities in smart societies and industry 4.0
New business opportunities in smart societies and industry 4.0New business opportunities in smart societies and industry 4.0
New business opportunities in smart societies and industry 4.0
 
Common sense security by Fortium Partners
Common sense security by Fortium PartnersCommon sense security by Fortium Partners
Common sense security by Fortium Partners
 

Plus de John Bambenek

THOTCON - The War over your DNS Queries
THOTCON - The War over your DNS QueriesTHOTCON - The War over your DNS Queries
THOTCON - The War over your DNS QueriesJohn Bambenek
 
SANSFIRE18: War Stories on Using Automated Threat Intelligence for Defense
SANSFIRE18: War Stories on Using Automated Threat Intelligence for DefenseSANSFIRE18: War Stories on Using Automated Threat Intelligence for Defense
SANSFIRE18: War Stories on Using Automated Threat Intelligence for DefenseJohn Bambenek
 
I'm All Up in Your Blockchain - Hunting Down the Nazis
I'm All Up in Your Blockchain - Hunting Down the NazisI'm All Up in Your Blockchain - Hunting Down the Nazis
I'm All Up in Your Blockchain - Hunting Down the NazisJohn Bambenek
 
HITCON 2017: Building a Public RPZ Service to Protect the World's Consumers
HITCON 2017: Building a Public RPZ Service to Protect the World's ConsumersHITCON 2017: Building a Public RPZ Service to Protect the World's Consumers
HITCON 2017: Building a Public RPZ Service to Protect the World's ConsumersJohn Bambenek
 
MISP Summit 2018: Barncat: Using MISP for Bulk Malware Surveillance
MISP Summit 2018: Barncat: Using MISP for Bulk Malware SurveillanceMISP Summit 2018: Barncat: Using MISP for Bulk Malware Surveillance
MISP Summit 2018: Barncat: Using MISP for Bulk Malware SurveillanceJohn Bambenek
 
SANSFIRE - Elections, Deceptions and Political Breaches
SANSFIRE - Elections, Deceptions and Political BreachesSANSFIRE - Elections, Deceptions and Political Breaches
SANSFIRE - Elections, Deceptions and Political BreachesJohn Bambenek
 
Tracking Exploit Kits - Virus Bulletin 2016
Tracking Exploit Kits - Virus Bulletin 2016Tracking Exploit Kits - Virus Bulletin 2016
Tracking Exploit Kits - Virus Bulletin 2016John Bambenek
 
Defcon Crypto Village - OPSEC Concerns in Using Crypto
Defcon Crypto Village - OPSEC Concerns in Using CryptoDefcon Crypto Village - OPSEC Concerns in Using Crypto
Defcon Crypto Village - OPSEC Concerns in Using CryptoJohn Bambenek
 
Corporate Espionage without the Hassle of Committing Felonies
Corporate Espionage without the Hassle of Committing FeloniesCorporate Espionage without the Hassle of Committing Felonies
Corporate Espionage without the Hassle of Committing FeloniesJohn Bambenek
 
HITCON 2015 - DGAs, DNS and Threat Intelligence
HITCON 2015 - DGAs, DNS and Threat IntelligenceHITCON 2015 - DGAs, DNS and Threat Intelligence
HITCON 2015 - DGAs, DNS and Threat IntelligenceJohn Bambenek
 
ANALYZE'15 - Bulk Malware Analysis at Scale
ANALYZE'15 - Bulk Malware Analysis at ScaleANALYZE'15 - Bulk Malware Analysis at Scale
ANALYZE'15 - Bulk Malware Analysis at ScaleJohn Bambenek
 
PHDAYS: DGAs and Threat Intelligence
PHDAYS: DGAs and Threat IntelligencePHDAYS: DGAs and Threat Intelligence
PHDAYS: DGAs and Threat IntelligenceJohn Bambenek
 
THOTCON 0x6: Going Kinetic on Electronic Crime Networks
THOTCON 0x6: Going Kinetic on Electronic Crime NetworksTHOTCON 0x6: Going Kinetic on Electronic Crime Networks
THOTCON 0x6: Going Kinetic on Electronic Crime NetworksJohn Bambenek
 
Blackhat USA 2014 - The New Scourge of Ransomware
Blackhat USA 2014 - The New Scourge of RansomwareBlackhat USA 2014 - The New Scourge of Ransomware
Blackhat USA 2014 - The New Scourge of RansomwareJohn Bambenek
 
Thotcon 0x5 - Retroactive Wiretapping VPN over DNS
Thotcon 0x5 - Retroactive Wiretapping VPN over DNSThotcon 0x5 - Retroactive Wiretapping VPN over DNS
Thotcon 0x5 - Retroactive Wiretapping VPN over DNSJohn Bambenek
 
Cybercrime and Computer Forensics Seminar - Chicago Bar Association CLE May 2...
Cybercrime and Computer Forensics Seminar - Chicago Bar Association CLE May 2...Cybercrime and Computer Forensics Seminar - Chicago Bar Association CLE May 2...
Cybercrime and Computer Forensics Seminar - Chicago Bar Association CLE May 2...John Bambenek
 
Cybercrime & Computer Forensics - ISBA Master Series CLE, Nov 18, 2011
Cybercrime & Computer Forensics - ISBA Master Series CLE, Nov 18, 2011Cybercrime & Computer Forensics - ISBA Master Series CLE, Nov 18, 2011
Cybercrime & Computer Forensics - ISBA Master Series CLE, Nov 18, 2011John Bambenek
 
Introduction to Computer Crime - John Bambenek talk to Champaign Seniors Poli...
Introduction to Computer Crime - John Bambenek talk to Champaign Seniors Poli...Introduction to Computer Crime - John Bambenek talk to Champaign Seniors Poli...
Introduction to Computer Crime - John Bambenek talk to Champaign Seniors Poli...John Bambenek
 

Plus de John Bambenek (18)

THOTCON - The War over your DNS Queries
THOTCON - The War over your DNS QueriesTHOTCON - The War over your DNS Queries
THOTCON - The War over your DNS Queries
 
SANSFIRE18: War Stories on Using Automated Threat Intelligence for Defense
SANSFIRE18: War Stories on Using Automated Threat Intelligence for DefenseSANSFIRE18: War Stories on Using Automated Threat Intelligence for Defense
SANSFIRE18: War Stories on Using Automated Threat Intelligence for Defense
 
I'm All Up in Your Blockchain - Hunting Down the Nazis
I'm All Up in Your Blockchain - Hunting Down the NazisI'm All Up in Your Blockchain - Hunting Down the Nazis
I'm All Up in Your Blockchain - Hunting Down the Nazis
 
HITCON 2017: Building a Public RPZ Service to Protect the World's Consumers
HITCON 2017: Building a Public RPZ Service to Protect the World's ConsumersHITCON 2017: Building a Public RPZ Service to Protect the World's Consumers
HITCON 2017: Building a Public RPZ Service to Protect the World's Consumers
 
MISP Summit 2018: Barncat: Using MISP for Bulk Malware Surveillance
MISP Summit 2018: Barncat: Using MISP for Bulk Malware SurveillanceMISP Summit 2018: Barncat: Using MISP for Bulk Malware Surveillance
MISP Summit 2018: Barncat: Using MISP for Bulk Malware Surveillance
 
SANSFIRE - Elections, Deceptions and Political Breaches
SANSFIRE - Elections, Deceptions and Political BreachesSANSFIRE - Elections, Deceptions and Political Breaches
SANSFIRE - Elections, Deceptions and Political Breaches
 
Tracking Exploit Kits - Virus Bulletin 2016
Tracking Exploit Kits - Virus Bulletin 2016Tracking Exploit Kits - Virus Bulletin 2016
Tracking Exploit Kits - Virus Bulletin 2016
 
Defcon Crypto Village - OPSEC Concerns in Using Crypto
Defcon Crypto Village - OPSEC Concerns in Using CryptoDefcon Crypto Village - OPSEC Concerns in Using Crypto
Defcon Crypto Village - OPSEC Concerns in Using Crypto
 
Corporate Espionage without the Hassle of Committing Felonies
Corporate Espionage without the Hassle of Committing FeloniesCorporate Espionage without the Hassle of Committing Felonies
Corporate Espionage without the Hassle of Committing Felonies
 
HITCON 2015 - DGAs, DNS and Threat Intelligence
HITCON 2015 - DGAs, DNS and Threat IntelligenceHITCON 2015 - DGAs, DNS and Threat Intelligence
HITCON 2015 - DGAs, DNS and Threat Intelligence
 
ANALYZE'15 - Bulk Malware Analysis at Scale
ANALYZE'15 - Bulk Malware Analysis at ScaleANALYZE'15 - Bulk Malware Analysis at Scale
ANALYZE'15 - Bulk Malware Analysis at Scale
 
PHDAYS: DGAs and Threat Intelligence
PHDAYS: DGAs and Threat IntelligencePHDAYS: DGAs and Threat Intelligence
PHDAYS: DGAs and Threat Intelligence
 
THOTCON 0x6: Going Kinetic on Electronic Crime Networks
THOTCON 0x6: Going Kinetic on Electronic Crime NetworksTHOTCON 0x6: Going Kinetic on Electronic Crime Networks
THOTCON 0x6: Going Kinetic on Electronic Crime Networks
 
Blackhat USA 2014 - The New Scourge of Ransomware
Blackhat USA 2014 - The New Scourge of RansomwareBlackhat USA 2014 - The New Scourge of Ransomware
Blackhat USA 2014 - The New Scourge of Ransomware
 
Thotcon 0x5 - Retroactive Wiretapping VPN over DNS
Thotcon 0x5 - Retroactive Wiretapping VPN over DNSThotcon 0x5 - Retroactive Wiretapping VPN over DNS
Thotcon 0x5 - Retroactive Wiretapping VPN over DNS
 
Cybercrime and Computer Forensics Seminar - Chicago Bar Association CLE May 2...
Cybercrime and Computer Forensics Seminar - Chicago Bar Association CLE May 2...Cybercrime and Computer Forensics Seminar - Chicago Bar Association CLE May 2...
Cybercrime and Computer Forensics Seminar - Chicago Bar Association CLE May 2...
 
Cybercrime & Computer Forensics - ISBA Master Series CLE, Nov 18, 2011
Cybercrime & Computer Forensics - ISBA Master Series CLE, Nov 18, 2011Cybercrime & Computer Forensics - ISBA Master Series CLE, Nov 18, 2011
Cybercrime & Computer Forensics - ISBA Master Series CLE, Nov 18, 2011
 
Introduction to Computer Crime - John Bambenek talk to Champaign Seniors Poli...
Introduction to Computer Crime - John Bambenek talk to Champaign Seniors Poli...Introduction to Computer Crime - John Bambenek talk to Champaign Seniors Poli...
Introduction to Computer Crime - John Bambenek talk to Champaign Seniors Poli...
 

Dernier

About Entrepreneur ELON MUSK .pptx...
About Entrepreneur ELON MUSK .pptx...About Entrepreneur ELON MUSK .pptx...
About Entrepreneur ELON MUSK .pptx...lahiruherath654
 
Guwahati Call Girls 7001305949 WhatsApp Number 24x7 Best Services
Guwahati Call Girls 7001305949 WhatsApp Number 24x7 Best ServicesGuwahati Call Girls 7001305949 WhatsApp Number 24x7 Best Services
Guwahati Call Girls 7001305949 WhatsApp Number 24x7 Best Servicesnajka9823
 
Call Girls in Tilak Nagar (DELHI-) 8377877756 Call Girls Service
Call Girls in Tilak Nagar (DELHI-) 8377877756 Call Girls ServiceCall Girls in Tilak Nagar (DELHI-) 8377877756 Call Girls Service
Call Girls in Tilak Nagar (DELHI-) 8377877756 Call Girls Servicedollysharma2066
 
(8264348440) 🔝 Call Girls In Sriniwaspuri 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Sriniwaspuri 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Sriniwaspuri 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Sriniwaspuri 🔝 Delhi NCRsoniya singh
 
Delhi Munirka 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex call girl
Delhi Munirka 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex call girlDelhi Munirka 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex call girl
Delhi Munirka 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex call girlsoniya singh
 
Call Girls At-( Nearby )-Bhikaji Cama Place, Delhi | ⑧③77⓿⑧76⓿7
Call Girls At-( Nearby )-Bhikaji Cama Place, Delhi | ⑧③77⓿⑧76⓿7Call Girls At-( Nearby )-Bhikaji Cama Place, Delhi | ⑧③77⓿⑧76⓿7
Call Girls At-( Nearby )-Bhikaji Cama Place, Delhi | ⑧③77⓿⑧76⓿7dollysharma2066
 
Report about the AHIABGA-UnityNet UNDRIPDay / Earth-Day 2024 Gathering in Mar...
Report about the AHIABGA-UnityNet UNDRIPDay / Earth-Day 2024 Gathering in Mar...Report about the AHIABGA-UnityNet UNDRIPDay / Earth-Day 2024 Gathering in Mar...
Report about the AHIABGA-UnityNet UNDRIPDay / Earth-Day 2024 Gathering in Mar...LHelferty
 
(8264348440) 🔝 Call Girls In Safdarjung Enclave 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Safdarjung Enclave 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Safdarjung Enclave 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Safdarjung Enclave 🔝 Delhi NCRsoniya singh
 
(8264348440) 🔝 Call Girls In Green Park 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Green Park 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Green Park 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Green Park 🔝 Delhi NCRsoniya singh
 
CATALOGO MF 650 COMPLETO COM PEÇAS DE TRANSMISSAO
CATALOGO MF 650 COMPLETO COM PEÇAS DE TRANSMISSAOCATALOGO MF 650 COMPLETO COM PEÇAS DE TRANSMISSAO
CATALOGO MF 650 COMPLETO COM PEÇAS DE TRANSMISSAOTMTerraplanagem
 
Gurgaon Rajiv Chowk 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex ...
Gurgaon Rajiv Chowk 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex ...Gurgaon Rajiv Chowk 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex ...
Gurgaon Rajiv Chowk 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex ...soniya singh
 
(8264348440) 🔝 Call Girls In Babarpur 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Babarpur 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Babarpur 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Babarpur 🔝 Delhi NCRsoniya singh
 
办昆士兰大学UQ毕业证书/成绩单GPA修改 - 留学买假毕业证
办昆士兰大学UQ毕业证书/成绩单GPA修改 - 留学买假毕业证办昆士兰大学UQ毕业证书/成绩单GPA修改 - 留学买假毕业证
办昆士兰大学UQ毕业证书/成绩单GPA修改 - 留学买假毕业证0622mpom
 
Model Call Girl in Bawana Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Bawana Delhi reach out to us at 🔝8264348440🔝Model Call Girl in Bawana Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Bawana Delhi reach out to us at 🔝8264348440🔝soniya singh
 
Viet Nam Inclusive Business Accreditation System
Viet Nam Inclusive Business Accreditation SystemViet Nam Inclusive Business Accreditation System
Viet Nam Inclusive Business Accreditation SystemTri Dung, Tran
 
Smart Traffic Management System presentation
Smart Traffic Management System presentationSmart Traffic Management System presentation
Smart Traffic Management System presentationFareeyaFaisal
 
NEON LIGHT CITY pitch deck for AR PC GAME
NEON LIGHT CITY pitch deck for AR PC GAMENEON LIGHT CITY pitch deck for AR PC GAME
NEON LIGHT CITY pitch deck for AR PC GAMEtess51
 

Dernier (20)

About Entrepreneur ELON MUSK .pptx...
About Entrepreneur ELON MUSK .pptx...About Entrepreneur ELON MUSK .pptx...
About Entrepreneur ELON MUSK .pptx...
 
Guwahati Call Girls 7001305949 WhatsApp Number 24x7 Best Services
Guwahati Call Girls 7001305949 WhatsApp Number 24x7 Best ServicesGuwahati Call Girls 7001305949 WhatsApp Number 24x7 Best Services
Guwahati Call Girls 7001305949 WhatsApp Number 24x7 Best Services
 
Call Girls in Tilak Nagar (DELHI-) 8377877756 Call Girls Service
Call Girls in Tilak Nagar (DELHI-) 8377877756 Call Girls ServiceCall Girls in Tilak Nagar (DELHI-) 8377877756 Call Girls Service
Call Girls in Tilak Nagar (DELHI-) 8377877756 Call Girls Service
 
(8264348440) 🔝 Call Girls In Sriniwaspuri 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Sriniwaspuri 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Sriniwaspuri 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Sriniwaspuri 🔝 Delhi NCR
 
Delhi Munirka 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex call girl
Delhi Munirka 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex call girlDelhi Munirka 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex call girl
Delhi Munirka 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex call girl
 
Call Girls At-( Nearby )-Bhikaji Cama Place, Delhi | ⑧③77⓿⑧76⓿7
Call Girls At-( Nearby )-Bhikaji Cama Place, Delhi | ⑧③77⓿⑧76⓿7Call Girls At-( Nearby )-Bhikaji Cama Place, Delhi | ⑧③77⓿⑧76⓿7
Call Girls At-( Nearby )-Bhikaji Cama Place, Delhi | ⑧③77⓿⑧76⓿7
 
young call girls in kailash Nagar, 🔝 9953056974 🔝 escort Service
young call girls in kailash Nagar, 🔝 9953056974 🔝 escort Serviceyoung call girls in kailash Nagar, 🔝 9953056974 🔝 escort Service
young call girls in kailash Nagar, 🔝 9953056974 🔝 escort Service
 
Report about the AHIABGA-UnityNet UNDRIPDay / Earth-Day 2024 Gathering in Mar...
Report about the AHIABGA-UnityNet UNDRIPDay / Earth-Day 2024 Gathering in Mar...Report about the AHIABGA-UnityNet UNDRIPDay / Earth-Day 2024 Gathering in Mar...
Report about the AHIABGA-UnityNet UNDRIPDay / Earth-Day 2024 Gathering in Mar...
 
(8264348440) 🔝 Call Girls In Safdarjung Enclave 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Safdarjung Enclave 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Safdarjung Enclave 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Safdarjung Enclave 🔝 Delhi NCR
 
(8264348440) 🔝 Call Girls In Green Park 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Green Park 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Green Park 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Green Park 🔝 Delhi NCR
 
CATALOGO MF 650 COMPLETO COM PEÇAS DE TRANSMISSAO
CATALOGO MF 650 COMPLETO COM PEÇAS DE TRANSMISSAOCATALOGO MF 650 COMPLETO COM PEÇAS DE TRANSMISSAO
CATALOGO MF 650 COMPLETO COM PEÇAS DE TRANSMISSAO
 
Gurgaon Rajiv Chowk 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex ...
Gurgaon Rajiv Chowk 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex ...Gurgaon Rajiv Chowk 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex ...
Gurgaon Rajiv Chowk 🔝 Call Girls Service 🔝 ( 8264348440 ) unlimited hard sex ...
 
(8264348440) 🔝 Call Girls In Babarpur 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Babarpur 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Babarpur 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Babarpur 🔝 Delhi NCR
 
办昆士兰大学UQ毕业证书/成绩单GPA修改 - 留学买假毕业证
办昆士兰大学UQ毕业证书/成绩单GPA修改 - 留学买假毕业证办昆士兰大学UQ毕业证书/成绩单GPA修改 - 留学买假毕业证
办昆士兰大学UQ毕业证书/成绩单GPA修改 - 留学买假毕业证
 
Model Call Girl in Bawana Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Bawana Delhi reach out to us at 🔝8264348440🔝Model Call Girl in Bawana Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Bawana Delhi reach out to us at 🔝8264348440🔝
 
Viet Nam Inclusive Business Accreditation System
Viet Nam Inclusive Business Accreditation SystemViet Nam Inclusive Business Accreditation System
Viet Nam Inclusive Business Accreditation System
 
Smart Traffic Management System presentation
Smart Traffic Management System presentationSmart Traffic Management System presentation
Smart Traffic Management System presentation
 
Why Powderless DTF Printer is T-shirt Printing Game Changer.pptx
Why Powderless DTF Printer is T-shirt Printing Game Changer.pptxWhy Powderless DTF Printer is T-shirt Printing Game Changer.pptx
Why Powderless DTF Printer is T-shirt Printing Game Changer.pptx
 
NEON LIGHT CITY pitch deck for AR PC GAME
NEON LIGHT CITY pitch deck for AR PC GAMENEON LIGHT CITY pitch deck for AR PC GAME
NEON LIGHT CITY pitch deck for AR PC GAME
 
Hot Sexy call girls in Rajouri Garden🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rajouri Garden🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rajouri Garden🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rajouri Garden🔝 9953056974 🔝 Delhi escort Service
 

IESBGA 2014 Cybercrime Seminar by John Bambenek

  • 1. What Entrepreneurs & Small Businesses Need to Know about Cybercrime IESBGA 2014 John Bambenek - Bambenek Consulting
  • 2. About Me ●15 Years experience in cybercrime, in IT generally since I was a toddler ○ My first toy I remember was a TI-99 computer, I programmed on it when I was 6. I had an unusual childhood. ●Part-time Faculty in Computer Science at the University of Illinois and own my own firm ●Lecture and teach internationally on cybersecurity, forensics and threat intelligence. ●This conference’s theme is “Big Dreams for Small Business…”
  • 3. Spoilers ●Employ Risk Management and Be Skeptical ●Keep Software Up-to-Date ●Have Backups and a Plan When Things go Wrong ●Limit Access to Resources and Information ●Use Strong and Unique Passwords
  • 4. About You ●Small businesses (and those who counsel small businesses) aren’t flush with cash. ●Many don’t have high-tech operations, most don’t have in-house IT staff. ●Most don’t know where to start with security and many operate a component of their business online.
  • 5. Why this matters... ●Small businesses have real risks. ●You’ve heard about Target or any number of other major companies that had major breaches… ●Have you heard about Fazio Mechanical Services? ●Small business is less able to weather the liability of a major breach. ●Good news, the expectations are lower (but not non-existent) on smaller companies.
  • 6. Why bother? ●For most small businesses, security will only cost money, it won’t make money. ○ Not as true as you think it is, many companies now require their vendors to have a standard of security. ●Some industries have more stringent regulatory requirements. ●You may not be a prime beef target… ○ But you probably have a payroll account worth draining... ●Cryptolocker example.
  • 7. Don’t think you are affected by regulation? From Illinois Law: "Personal information" means an individual's first name or first initial and last name in combination with any one or more of the following data elements, when either the name or the data elements are not encrypted or redacted: (1) Social Security number. (2) Driver's license number or State identification (3) Account number or credit or debit card number, or an account number or credit card number in combination with any required security code, access code, or password that would permit access to an individual's financial account.
  • 8. Who pays when fraud happens? ●Generally, fraud against consumers is not liable to the consumer whether credit or debit cards. ●If funds are taken directly from a bank account, within reason most banks will protect the consumer from losses. ●Electronic commerce requires consumers to “trust” it, so banks and businesses have incentive to protect them from fraud losses.
  • 9. Who pays when a business is defrauded? ●If a business, large or small, has bank account emptied, credit cards defrauded the business pays. ○“You have means to protect yourself” ●If consumers are defrauded because of an incident in your environment, you pay. ○Credit cards cost $40-$50 to reissue. ●If your payroll account is emptied, your bank may help… by giving you a line of credit to make payroll. ●Can your business afford to eat that kind of loss?
  • 10. It gets worse... ●If you lose consumer records, the FTC (or other) penalties can be substantial. ●HIPAA fines can easily get into millions. ●Usually need to pay for credit monitoring for all victims. ●Intangible costs of bad publicity (though this is going down) ●But there are things that can be done, which is why you’re here today
  • 11. Item #1 - Risk Management & Skepticism ●Employ risk management. ●Be skeptical of what you see (e-mail / web). ●What secrets & confidential info do you have? ●What information could someone use for fraud if stolen? ●What information could a competitor use if stolen? ●You’re not paranoid if they really all are out to get you.
  • 12. A Brief Note on Who Our Attackers Are ●Generally cybercriminals can be broken down into these groups: ○Nation States ○Organized Crime ○Disorganized Crime ○Hacktivists ○Disgruntled Insiders ○Your Competitors ●Depending on the group will determine how, why and when they attack and at what skill level.
  • 14. How Much to Spend on Security? ●If you wanted, you could spend unlimited amounts of money on security… and you’d still get breached. ○Just ask the NSA. ●Security vendors will happily charge you lots of money to protect you against unknown threats that aren’t reasonable for you to worry about. ○Example: Nation states ●However, lots of ground can be covered by basic (and generally free) steps that follow.
  • 15. What is “reasonable” security? ●If laws or regulations require you to do it, it’s reasonable. ○The more laws and regulations, the harder it is for a small business to continue to exist. ●If contracts or other written agreements require you to do it, it’s reasonable. ●Beyond that, reasonable is what your peer companies do and what is reasonable based on “what bad could happen” if certain data got lost. ○Can vary wildly.
  • 16. Example: Nation States ●Nation states are constantly attacking either for national security-related material or industrial trade secrets. ●Actors are highly-trained, highly-funded and operative with overt (or tacit) state sanction. ●If they want to get in, they will have a plan and all the resources they need at their disposal to do so. ●Is it reasonable for a small business to fend off an entire industrialized nation?
  • 17. Example: Nation States ●Nation states are constantly attacking either for national security-related material or industrial trade secrets. ●Actors are highly-trained, highly-funded and operative with overt (or tacit) state sanction. ●If they want to get in, they will have a plan and all the resources they need at their disposal to do so. ●Is it reasonable for a small business to fend off an entire industrialized nation?
  • 18. Example: Disorganized Crime ●People send spam constantly that claims all sorts of dubious and outrageous things. Usually uses same content or infrastructure. ○Heard the one about the Nigerian general... ●Anti-spam solutions exist to prevent those messages from getting to you in the first place, some are even free. ●Commodity attacks are easily handled by commodity off-the-shelf tools. ●Is a $50 anti-virus package reasonable?
  • 19. Be Skeptical ●Most computer attacks rely on end-users doing something that puts them at risk. Usually this works by abusing their trust. ●E-mail, social media, text messages, webpages, and robocalls can be easily spoofed. ●Avoid blindly trusting what your technology is telling you. ●If something seems odd, verify it out-of-band (i.e. not using the same medium you just got message on).
  • 21. Be Skeptical ●Don’t give passwords on request to those who ask. ●Avoid clicking on links for sensitive transactions (i. e. type full URL instead). ●Be careful of typos when typing URLs (Whitehouse example). ●The more something seems to require immediate action, the more you should verify its authenticity. ●No legitimate person will object to you attempting to verify they are who they say they are.
  • 22. Takeaways ●Have some understanding of the threats you face. ●Make reasonable decision about protecting yourself without going broke. ●Take advantage of free things you can do. ●Be skeptical of what your technology tells you and verify when needed. ●Limit (or eliminate) the sensitive information you give someone on request.
  • 23. Item #2 - Stay Up-to-date ●Almost all modern major software has means to update itself for bugs and security vulnerabilities. ●Microsoft, for instance, releases updates on second Tuesday of every month (and occasionally at other times) ●Adobe Reader, Flash, Java all have their own updates. ●Anti-virus and security tools also need to be updated frequently to protect against the latest threats.
  • 25. Microsoft Updates - Key Points ●Update automatically. ●Include other Microsoft products in updates (i.e. Office) ●This doesn’t include other non-Microsoft products. Some may have pop-up reminders but make sure you know what the real one looks like. ●This is the one, single best thing you can do to prevent breaches. Don’t put it off.
  • 26. Old Versions ●Anyone still using Windows XP? ●After a product is out there long enough, software publishers will no longer support it with updates. ●Find a way to fit version updates into routine technology refreshes. Systems won’t tell you they are too old. ●What about applications that don’t tell you they need an update? ○Smartphones, for instance.
  • 27. Security Software ●Are you using a comprehensive security software solution on every machine? (Many banks and ISPs will give you this for free) ●They do more than block malware and are generally updated automatically. ○If this stops, you have a problem. ●Limitation: will only protect against already-known threats. ●If you have it make sure it’s updating. If you don’t have it see if someone will give it to you for free.
  • 28. One final point... ●Sometimes good computer hygiene can prevent headlines like this: “Russia Takes Cyber-Swipe at Illini” News-Gazette, 3/17/2014 ●Do to vulnerable and misconfigured servers, someone was able to reflect an attack on Russian infrastructure off of University servers. ●It’s all fun and games until someone causes an international incident with your network...
  • 29. Takeaways ●Have updates applied automatically where possible (and make sure it stays that way). ●When pop-ups ask for updates, make sure you apply them that day… ○But know what the real pop-up looks like. ●Be aware when old versions of software are no longer supported and replace them. ●Make sure security software is updated on a nightly basis.
  • 30. Item #3 - Regular Backups ●Remember cryptolocker? ●Sometimes computer failures happen, would you be able to recover your data? ○Forensic work is my high hourly billing item. ●What happens if your computer or server fails? ●What is critical for your business to run? What things are nice to have but you could live without? ●Some viruses will destroy a system or be impossible to remove without a full reinstall.
  • 31. Backups ●What is critical data? ○Your financial records? ○Your customer records? ○Your employee records? ○Your email address book? ●Any piece of data that if you lost forever would cause irreparable and significant harm. ●Just enumerating this is a useful business exercise.
  • 32. Backups ●A commercial solution is best (i.e. tapes) but there are free software packages out there and you can always just backup to external hard drives. ○Most important thing is to keep multiple backups and some of those off-site from the company. ●You could backup to cloud storage (Google Drive / OneDrive) but be sure to encrypt sensitive information. ○What if the cloud provider goes out of business?
  • 33. Disaster Recovery ●It is very easy to spend lots of money on this to protect against a wide variety of situations that aren’t relevant to you. ●Obvious situation is what to do if your systems fail and that failure can be malicious. ●If you have a server hosted by a third-party provider, what do you do if they fail? ○Hosting provider example. ●Best way to deal with an infected machine is to wipe and reinstall.
  • 34. Takeaways ●Failures happen, the difference between recovering and going out of business is planning and preparing. ●All critical information for a business should be identified and backed up with at least one backup being off-site (i.e. safe in home). ●Have a plan for system failures.
  • 35. Item #4 - Limit Access ●Sometimes basic attacks succeed, people make mistakes, someone’s kid uses the employee’s laptop to play games… ●That mistake shouldn’t give immediate and full access to everything. ●Sometimes disgruntled employees retaliate. ●Sometimes people just make a mistake and didn’t intend to erase an entire disk. ●Limit the foothold an attacker can get.
  • 36. Limiting File Access ●People tend to always want more access than they need. General practice should be to grant access based on need-to-know. ●Avoid giving people administrator access on their computers. ●If you have a server, does everybody need access to everything? (Answer: no) ●Cryptolocker example again.
  • 37. Limiting Stored Data ●First rule: create no evidence... ●Avoid storing passwords in your web browser. ●Avoid creating files with sensitive information. ●Absolutely limit what you put online that could be useful to attackers. ●Be careful with what you e-mail (it goes across the Internet in the clear). ○A simple press release from White House exposed the CIA’s Station Chief in Afghanistan
  • 38. Now to Pick on the NSA
  • 39. Still Picking on the NSA
  • 40. Limiting Access to Systems ●Do your employees have laptops they bring home? Do you? ○Avoid familial use ○Practice good physical security ●Recreational use of systems can lead to infections (i.e. malvertising). ●All machines should require logging in with a password to use and should lock after 15 minutes of inactivity. ●Control who has access to the building.
  • 41. Limiting Access to your Network ●Do you have a “guest” wireless network? Make it separate from internal business network. ●Wireless networks can be monitored from miles away, make sure yours is using WPA2 and passphrases at a minimum. ●Avoid having machines with direct internet access. Have them behind a firewall or router (most cable ISPs provide devices to do this already).
  • 42. Sensitive Systems ●Consider having separate computers for use ONLY for sensitive business transactions like payroll or high- dollar transfers. ●Recreational use of a computer can lead to infections. If that system processes payroll too now bad guys have your payroll... ●Those systems need to be updated and secured too. Access should be limited to those who need access to execute those functions. ●If relevant, consider throwaway computers for guests.
  • 43. Takeaways ●Limit access of employees to only what they need to know. ●Limit access to information from outside entities. ●Avoid familial use of computers. ●Have separate computers for sensitive business functions.
  • 44. Item #5 - Use Strong Passwords ●Usually, your password is the key to your digital identity. If that is captures, now that person is you. ●Simple passwords are cracked easily. Even 8 character passwords of random characters can be cracked without too much effort. ●Secure passwords should be at least 12 characters and include uppercase, lowercase, numbers and special characters. ●Avoid password reuse between sites.
  • 45. The 25 Worst Passwords of 2013 according to PCWorld 123456 iloveyou monkey password adobe123 shadow 12345678 123123 sunshine qwerty admin 12345 abc123 1234567890 password1 123456789 letmein princess 111111 photoshop azerty 1234567 1234 trustno1 000000
  • 46. Weak Passwords ●There are plenty of other weak passwords than what was on last slide. ●Anything that is a dictionary word (or similar to one) ●Anything that is all numbers ●Anything that can be easily derived from you ●Anything that can be easily derived from the business ●Anything that’s less than 12 characters ●Anything not changed within 90 days
  • 47. Password Re-Use ●One of the biggests causes of people having their accounts accessed is password re-use. ●Let’s say you comment on a blog, you register with your e-mail address and the password you use for everything. ●If a blog gets hacked, no one cares. But now they have your e-mail and a password, they try the password and are now in your e-mail. ●Your e-mail has everything you’ve signed up for, online banking, social media, perhaps work e-mail...
  • 48. Password Reset Features ●Almost everything has a password reset feature to recover lost passwords automatically. ●The questions can usually be easy to guess if you know the person. ○Sarah Palin example. ●Make sure password resets send some notification, hopefully out-of-band (i.e. text message). ●Consider putting fake information in for password recovery questions.
  • 49. How to Make a Strong Password Passwords should be long (more than 12 characters) and contain upper & lower case, numbers and special characters. Microsoft’s Advice: Create an acronym from an easy-to-remember piece of information. For example, pick a phrase that is meaningful to you, such as My son's birthday is 12 December, 2004. Using that phrase as your guide, you might use Msbi12/Dec,4 for your password. Substitute numbers, symbols, and misspellings for letters or words in an easy-to-remember phrase. For example, My son's birthday is 12 December, 2004 could become Mi$un's Brthd8iz 12124 (it's OK to use spaces in your password). Relate your password to a favorite hobby or sport. For example, I love to play badminton could become ILuv2PlayB@dm1nt()n.
  • 50. Use Unique Passwords ●If you don’t use the same password everywhere, one compromised account doesn’t compromise your entire digital identity. ●If ideal of unique password for everything in unmanageable, at least have 3: ○One for sensitive business use (i.e. payroll) ○One for general business use ○One as a throwaway (i.e. blogs, fantasy sports…) ●How to make strong, unique passwords: ○Msbi12/Dec,4### (where ### is some unique site identified)
  • 51. Never Share Your Password ●Avoid situations where you share your password with anyone, even coworkers. ●Try to have unique logins for each individual (can later be used to track if needed). ●How did Edward Snowder steal so much information? ○He asked coworkers for their passwords and used their access. ●Avoid shared accounts and escrow sensitive passwords in a safe.
  • 52. Two-Factor Authentication ●Where possible, sensitive applications should use two-factor authentication. ○Something you have (i.e. cell phone) and something you know (i.e. password) ●Most banks offer this for commercial accounts. ●Many other services (like Gmail, Twitter and Facebook) will send text messages before letting you fully log in. ●This notifies you that your password is stolen while still limiting what an attacker can access.
  • 53. Takeaways ●Have unique strong passwords for each application or site you use. ●Avoid password re-use and weak passwords. ●Everyone should have their own login. ●Use two-factor authentication for all sensitive business applications where possible.
  • 54. Last Point ●Basic computer maintenance goes a long way towards security. ●If someone isn’t assigned in your office to maintain computers, having general tech support handy can help security. ●Having someone in office with basic computer support skills can work, better to invest in people than technology when it comes to security.
  • 55. Remember these 5 things ●Employ Risk Management and Be Skeptical ●Keep Software Up-to-Date ●Have Backups and a Plan When Things go Wrong ●Limit Access to Resources and Information ●Use Strong and Unique Passwords
  • 56. These slides available at: http://tinyurl.com/jcbiesbga Questions? John Bambenek jcb@bambenekconsulting.com 217.493.0760