SlideShare a Scribd company logo

LinkedIn to Your Network - The Social Engineering Threat

Lancope, Inc.
Lancope, Inc.

By nature, humans are inclined to trust. Unfortunately, attackers are often successful in breaching large enterprises by targeting specific individuals and utilizing social engineering to obtain confidential information. Once an adversary is able to gain enough data through social media or other channels, they can pose as an authentic user with valid credentials, bypassing traditional security measures. Join Lancope’s Joey Muniz, aka The Security Blogger, to hear about his successful, real-life experiments in using social engineering to easily compromise high-profile targets. Learn about: · The dangers of insider threats ·How attackers are leveraging social media to compromise targets · Best practices for defending network interiors from attackers with authentic credentials

TechnologyBusiness
1 of 22
Download to read offline
© Lancope 5/5/2013
This talk focuses on Facebook & LinkedIN HOWEVER these are not the only Social Engineering attack vectors • Fake Police Department for DOJ • Fake Emergency Responder To Gain Access • Scary  Take a job, gather info, leave Warning!
Who Are Your Cyber Friends?
Or Joseph ??? Josephine ???
People send 64 million tweets per day. Lady Gaga has more followers than the president. The Facts 1 in 5 Couples meet online. 1 in 5 also blame divorce on Facebook Facebook passed Google - most visited internet site. • 11% of world’s population has Facebook account. • More Facebook accounts than automobiles. • If Facebook were a country, it would be the 3rd largest in the world
What Is Your Digital Identity?
Robin Sage Fictional American cyber threat analyst created to abstract sensitive information. She graduated from MIT and had 10 years of experience despite she was 25 years old. Despite the fake profile, she was offered consulting work with notable companies such as Google and Lockheed Marti. She had friends in the FBI, CIA and even offered dinner invitations from male friends.
Emily Olivia Williams Fictional CSE created to abstract sensitive information from a specific target. She graduated from MIT and had 10 years of experience despite she was 28 years old. Despite the fake profile, she was offered sensitive information from our target’s AM and CSEs. She had friends in large partner vendors and even offered dinner invitations from male friends.
The Impact of Social Media 10 minutes: 20 Facebook connections 6 LinkedIn Connections 15 hours: 60 Facebook connections 55 LinkedIn Connections 24 hours: 3 job offers Total Connections: 170 Employees 71 Cisco; 22 NetApp; 10 EMC; 35 McAfee 300+ Facebook friends Endorsements: 22 LinkedIn Endorsements For Expertise and Experience From Partners and co-workers Offers: 4 job offers, Laptop and office equipment, network access.
What we Did What? Created fake FaceBook and LinkedIn profile to gain information using social media. How? Social engineering techniques that allowed us to participate as a New Hire What was captured? Salesforce Logins, Issued Laptops, Jobs offers, Endorsements, Meet up requests What was the real threat? Published a Christmas card on social networks that gave us remote access to anyone that clicked on the link. This gave us significant access to devices and data.
The Social Engineering Kill Chain Reconnaissance Gain Access through Facebook and learn lifestyles Privilege escalation Gain C Level friends through other friends Infiltrate • Post links to hide attacks, collect information and fingerprint target • Email rootkit / Trojan horse applications Establish Foothold • Build backdoors and map out target’s internal network • Compromise Authentication – Create Email and Admin account Own Remove sensitive data
What Does Emily Teach Us? • Identities are a very Valuable commodity • Humans are naturally trusting • People use the same passwords for everything! • Attractive women can bypass procedures in a male dominated industry (Yes I said it … and its true!) • Common security products do not protect your employees from Social Engineering • Social Engineering threats can impact your business. • There isn’t a silver bullet product that can protect you from a future Emily Williams
Emily Williams Good News Some people asked “Do I know you”? Some people on Facebook flagged suspicious activity
Emily Williams Bad News What do you leave on social networks that could be used against you? Some people pretended to know her after using data from their facebook page
Social Engineer Countermeasures • Question suspicious behavior • Forward any possible threats to HR • Be aware of what is public • Never share work intel on social networks • Protect your data with STRONG passwords. • Don’t share devices used for work.
Your Infrastructure Provides the Source... Interne t Atlant a San Jose New York ASR-1000 Cat6k UCS with Nexus 1000v ASA Cat6k 3925 ISR 3560-X 3750-X Stack(s) Cat4k Datacente r WAN DMZ Access NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlo w
StealthWatch for APTs StealthWatch delivers visibility and actionable insight throughout the kill chain 19© Lancope 5/5/2013 Recon Exploitation (Social Engineering?) Initial Infection Command and Control Internal Pivot Data Preparation and Exfiltration
Stop Problems Before They Become Crises ImpacttotheBusiness($) credit card data compromised attack identified vulnerability closed attack thwarted early warning attack identified vulnerability closed attack onset STEALTHWATCH REDUCES MTTK Company with StealthWatch Company with Legacy Monitoring Tools 21© 2013 Lancope, Inc. All rights reserved. ~70% of Incident Response is spent on MTTK “Worm outbreaks impact revenue by up to $250k / hour. StealthWatch pays for itself in 30 minutes.” F500 Media Conglomerate 259% ROI MTTK Time
Thank you www.lancope.com www.thesecurityblogger.com Cisco Cyber Threat Defense BTW Lady Ga Ga’s twitter is @ladygaga

Recommended

Social Media Security
Social Media SecuritySocial Media Security
Social Media Security
Del Belcher
 
Social Media Security 2011
Social Media Security 2011Social Media Security 2011
Social Media Security 2011
Donald E. Hester
 
Privacy Exposed: Ramifications of Social Media and Mobile Technology
Privacy Exposed: Ramifications of Social Media and Mobile TechnologyPrivacy Exposed: Ramifications of Social Media and Mobile Technology
Privacy Exposed: Ramifications of Social Media and Mobile Technology
Tom Eston
 
Online Safety Tips for Parents
Online Safety Tips for ParentsOnline Safety Tips for Parents
Online Safety Tips for Parents
Kristi Richburg
 
Online Social Networks: 5 threats and 5 ways to use them safely
Online Social Networks: 5 threats and 5 ways to use them safelyOnline Social Networks: 5 threats and 5 ways to use them safely
Online Social Networks: 5 threats and 5 ways to use them safely
Tom Eston
 
An Introduction To IT Security And Privacy for Librarians and Libraries
An Introduction To IT Security And Privacy for Librarians and LibrariesAn Introduction To IT Security And Privacy for Librarians and Libraries
An Introduction To IT Security And Privacy for Librarians and Libraries
Blake Carver
 
Social Zombies: Rise of the Mobile Dead
Social Zombies: Rise of the Mobile DeadSocial Zombies: Rise of the Mobile Dead
Social Zombies: Rise of the Mobile Dead
Tom Eston
 
Social & mobile security
Social & mobile securitySocial & mobile security
Social & mobile security
Ernest Staats
 

Recommended

Social Media Security
Social Media SecuritySocial Media Security
Social Media Security
Del Belcher
 
Social Media Security 2011
Social Media Security 2011Social Media Security 2011
Social Media Security 2011
Donald E. Hester
 
Privacy Exposed: Ramifications of Social Media and Mobile Technology
Privacy Exposed: Ramifications of Social Media and Mobile TechnologyPrivacy Exposed: Ramifications of Social Media and Mobile Technology
Privacy Exposed: Ramifications of Social Media and Mobile Technology
Tom Eston
 
Online Safety Tips for Parents
Online Safety Tips for ParentsOnline Safety Tips for Parents
Online Safety Tips for Parents
Kristi Richburg
 
Online Social Networks: 5 threats and 5 ways to use them safely
Online Social Networks: 5 threats and 5 ways to use them safelyOnline Social Networks: 5 threats and 5 ways to use them safely
Online Social Networks: 5 threats and 5 ways to use them safely
Tom Eston
 
An Introduction To IT Security And Privacy for Librarians and Libraries
An Introduction To IT Security And Privacy for Librarians and LibrariesAn Introduction To IT Security And Privacy for Librarians and Libraries
An Introduction To IT Security And Privacy for Librarians and Libraries
Blake Carver
 
Social Zombies: Rise of the Mobile Dead
Social Zombies: Rise of the Mobile DeadSocial Zombies: Rise of the Mobile Dead
Social Zombies: Rise of the Mobile Dead
Tom Eston
 
Social & mobile security
Social & mobile securitySocial & mobile security
Social & mobile security
Ernest Staats
 
Breakfast Briefings - February 2018
Breakfast Briefings - February 2018Breakfast Briefings - February 2018
Breakfast Briefings - February 2018
PKF Francis Clark
 
20160317 ARMA Wyoming Social Media Security Threats
20160317 ARMA Wyoming Social Media Security Threats20160317 ARMA Wyoming Social Media Security Threats
20160317 ARMA Wyoming Social Media Security Threats
Jesse Wilkins
 
Spiritual social media & mobile devices
Spiritual social media & mobile devicesSpiritual social media & mobile devices
Spiritual social media & mobile devices
Ernest Staats
 
Cybersafety overview
Cybersafety overviewCybersafety overview
Cybersafety overview
John Woodring
 
Stalking in the Cyberspace
Stalking in the CyberspaceStalking in the Cyberspace
Stalking in the Cyberspace
Emil Tan
 
UW School of Medicine Social Engineering and Phishing Awareness
UW School of Medicine Social Engineering and Phishing AwarenessUW School of Medicine Social Engineering and Phishing Awareness
UW School of Medicine Social Engineering and Phishing Awareness
Nicholas Davis
 
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
Casey Ellis
 
DeCA Tier One Training for Senior Leadership
DeCA Tier One Training for Senior Leadership DeCA Tier One Training for Senior Leadership
DeCA Tier One Training for Senior Leadership
Eric Schwartzman
 
OSAC: Personal Digital Security Presentation
OSAC: Personal Digital Security PresentationOSAC: Personal Digital Security Presentation
OSAC: Personal Digital Security Presentation
Dr. Lydia Kostopoulos
 
Does Twitter have a positive impact in the United States?
Does Twitter have a positive impact in the United States?Does Twitter have a positive impact in the United States?
Does Twitter have a positive impact in the United States?
TheRealEdwin
 
Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South Africa
Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South AfricaCyber Crime 101: The Impact of Cyber Crime on Higher Education in South Africa
Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South Africa
Jacqueline Fick
 
Internet Trends (C*), Search & Social
Internet Trends (C*), Search & SocialInternet Trends (C*), Search & Social
Internet Trends (C*), Search & Social
Buhwan Jeong
 
Social Media Manager's Workshop
Social Media Manager's WorkshopSocial Media Manager's Workshop
Social Media Manager's Workshop
Eric Schwartzman
 
IQMS Networking Day
IQMS Networking DayIQMS Networking Day
IQMS Networking Day
Eric Schwartzman
 
Inter-American Investment Corporation Keynote Presentation
Inter-American Investment Corporation Keynote PresentationInter-American Investment Corporation Keynote Presentation
Inter-American Investment Corporation Keynote Presentation
Eric Schwartzman
 
100812 internet security2.0
100812 internet security2.0100812 internet security2.0
100812 internet security2.0
dkp205
 
Cyber security-awareness-for-social-media-users - Devsena Mishra
Cyber security-awareness-for-social-media-users - Devsena MishraCyber security-awareness-for-social-media-users - Devsena Mishra
Cyber security-awareness-for-social-media-users - Devsena Mishra
Devsena Mishra
 
BSidesPGH - Never Surrender - Reducing Social Engineering Risk
BSidesPGH - Never Surrender - Reducing Social Engineering RiskBSidesPGH - Never Surrender - Reducing Social Engineering Risk
BSidesPGH - Never Surrender - Reducing Social Engineering Risk
Rob Ragan
 
Social engineering for security attacks
Social engineering for security attacksSocial engineering for security attacks
Social engineering for security attacks
masoud khademi
 
Cybersafety Presentation for Connecting Waters Charter School
Cybersafety Presentation for Connecting Waters Charter SchoolCybersafety Presentation for Connecting Waters Charter School
Cybersafety Presentation for Connecting Waters Charter School
Stanislaus County Office of Education
 
Facebook
FacebookFacebook
Facebook
Puni Hariaratnam
 
5 Technology Trends Construction Contractors Can't Afford To Ignore
5 Technology Trends Construction Contractors Can't Afford To Ignore5 Technology Trends Construction Contractors Can't Afford To Ignore
5 Technology Trends Construction Contractors Can't Afford To Ignore
Gross, Mendelsohn & Associates
 

More Related Content

What's hot

Spiritual social media & mobile devices
Spiritual social media & mobile devicesSpiritual social media & mobile devices
Spiritual social media & mobile devices
Ernest Staats
 
Social Media Manager's Workshop
Social Media Manager's WorkshopSocial Media Manager's Workshop
Social Media Manager's Workshop
Eric Schwartzman
 
BSidesPGH - Never Surrender - Reducing Social Engineering Risk
BSidesPGH - Never Surrender - Reducing Social Engineering RiskBSidesPGH - Never Surrender - Reducing Social Engineering Risk
BSidesPGH - Never Surrender - Reducing Social Engineering Risk
Rob Ragan
 

What's hot (20)

Breakfast Briefings - February 2018
Breakfast Briefings - February 2018Breakfast Briefings - February 2018
Breakfast Briefings - February 2018
 
20160317 ARMA Wyoming Social Media Security Threats
20160317 ARMA Wyoming Social Media Security Threats20160317 ARMA Wyoming Social Media Security Threats
20160317 ARMA Wyoming Social Media Security Threats
 
Spiritual social media & mobile devices
Spiritual social media & mobile devicesSpiritual social media & mobile devices
Spiritual social media & mobile devices
 
Cybersafety overview
Cybersafety overviewCybersafety overview
Cybersafety overview
 
Stalking in the Cyberspace
Stalking in the CyberspaceStalking in the Cyberspace
Stalking in the Cyberspace
 
UW School of Medicine Social Engineering and Phishing Awareness
UW School of Medicine Social Engineering and Phishing AwarenessUW School of Medicine Social Engineering and Phishing Awareness
UW School of Medicine Social Engineering and Phishing Awareness
 
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
 
DeCA Tier One Training for Senior Leadership
DeCA Tier One Training for Senior Leadership DeCA Tier One Training for Senior Leadership
DeCA Tier One Training for Senior Leadership
 
OSAC: Personal Digital Security Presentation
OSAC: Personal Digital Security PresentationOSAC: Personal Digital Security Presentation
OSAC: Personal Digital Security Presentation
 
Does Twitter have a positive impact in the United States?
Does Twitter have a positive impact in the United States?Does Twitter have a positive impact in the United States?
Does Twitter have a positive impact in the United States?
 
Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South Africa
Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South AfricaCyber Crime 101: The Impact of Cyber Crime on Higher Education in South Africa
Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South Africa
 
Internet Trends (C*), Search & Social
Internet Trends (C*), Search & SocialInternet Trends (C*), Search & Social
Internet Trends (C*), Search & Social
 
Social Media Manager's Workshop
Social Media Manager's WorkshopSocial Media Manager's Workshop
Social Media Manager's Workshop
 
IQMS Networking Day
IQMS Networking DayIQMS Networking Day
IQMS Networking Day
 
Inter-American Investment Corporation Keynote Presentation
Inter-American Investment Corporation Keynote PresentationInter-American Investment Corporation Keynote Presentation
Inter-American Investment Corporation Keynote Presentation
 
100812 internet security2.0
100812 internet security2.0100812 internet security2.0
100812 internet security2.0
 
Cyber security-awareness-for-social-media-users - Devsena Mishra
Cyber security-awareness-for-social-media-users - Devsena MishraCyber security-awareness-for-social-media-users - Devsena Mishra
Cyber security-awareness-for-social-media-users - Devsena Mishra
 
BSidesPGH - Never Surrender - Reducing Social Engineering Risk
BSidesPGH - Never Surrender - Reducing Social Engineering RiskBSidesPGH - Never Surrender - Reducing Social Engineering Risk
BSidesPGH - Never Surrender - Reducing Social Engineering Risk
 
Social engineering for security attacks
Social engineering for security attacksSocial engineering for security attacks
Social engineering for security attacks
 
Cybersafety Presentation for Connecting Waters Charter School
Cybersafety Presentation for Connecting Waters Charter SchoolCybersafety Presentation for Connecting Waters Charter School
Cybersafety Presentation for Connecting Waters Charter School
 

Similar to LinkedIn to Your Network - The Social Engineering Threat

Presentation 2SOCIAL MEDIA AND THE FUTURE OF PRIVACY & SECURITY
Presentation 2SOCIAL MEDIA AND THE FUTURE OF PRIVACY & SECURITYPresentation 2SOCIAL MEDIA AND THE FUTURE OF PRIVACY & SECURITY
Presentation 2SOCIAL MEDIA AND THE FUTURE OF PRIVACY & SECURITY
gailmowal
 
Data breach
Data breachData breach
Data breach
Burhan Ahmed
 
My Online Image
My Online ImageMy Online Image
My Online Image
aluthe
 
ImageQuest_Newsletter_July_Milton copy
ImageQuest_Newsletter_July_Milton copyImageQuest_Newsletter_July_Milton copy
ImageQuest_Newsletter_July_Milton copy
Alisa Alvich
 
Cybercrime and the Developer: How to Start Defending Against the Darker Side...
Cybercrime and the Developer: How to Start Defending Against the Darker Side... Cybercrime and the Developer: How to Start Defending Against the Darker Side...
Cybercrime and the Developer: How to Start Defending Against the Darker Side...
Steve Poole
 
Jax london2016 cybercrime-and-the-developer
Jax london2016 cybercrime-and-the-developerJax london2016 cybercrime-and-the-developer
Jax london2016 cybercrime-and-the-developer
Steve Poole
 
How To Use Social Networks As A Hr Tool
How To Use Social Networks As A Hr ToolHow To Use Social Networks As A Hr Tool
How To Use Social Networks As A Hr Tool
Jason P. Sullivan
 

Similar to LinkedIn to Your Network - The Social Engineering Threat (20)

Facebook
FacebookFacebook
Facebook
 
5 Technology Trends Construction Contractors Can't Afford To Ignore
5 Technology Trends Construction Contractors Can't Afford To Ignore5 Technology Trends Construction Contractors Can't Afford To Ignore
5 Technology Trends Construction Contractors Can't Afford To Ignore
 
Presentation 2SOCIAL MEDIA AND THE FUTURE OF PRIVACY & SECURITY
Presentation 2SOCIAL MEDIA AND THE FUTURE OF PRIVACY & SECURITYPresentation 2SOCIAL MEDIA AND THE FUTURE OF PRIVACY & SECURITY
Presentation 2SOCIAL MEDIA AND THE FUTURE OF PRIVACY & SECURITY
 
Data breach
Data breachData breach
Data breach
 
My Online Image
My Online ImageMy Online Image
My Online Image
 
ImageQuest_Newsletter_July_Milton copy
ImageQuest_Newsletter_July_Milton copyImageQuest_Newsletter_July_Milton copy
ImageQuest_Newsletter_July_Milton copy
 
Social Media and Privacy
Social Media and PrivacySocial Media and Privacy
Social Media and Privacy
 
SOCIAL NETWORK SECURITY
SOCIAL NETWORK SECURITYSOCIAL NETWORK SECURITY
SOCIAL NETWORK SECURITY
 
Introduction to Cybersecurity - Secondary School_0.pptx
Introduction to Cybersecurity - Secondary School_0.pptxIntroduction to Cybersecurity - Secondary School_0.pptx
Introduction to Cybersecurity - Secondary School_0.pptx
 
Cybercrime and the Developer: How to Start Defending Against the Darker Side...
Cybercrime and the Developer: How to Start Defending Against the Darker Side... Cybercrime and the Developer: How to Start Defending Against the Darker Side...
Cybercrime and the Developer: How to Start Defending Against the Darker Side...
 
The Internet is a dog-eat-dog world and your app is clad in Milk Bone underwear
The Internet is a dog-eat-dog world and your app is clad in Milk Bone underwearThe Internet is a dog-eat-dog world and your app is clad in Milk Bone underwear
The Internet is a dog-eat-dog world and your app is clad in Milk Bone underwear
 
Social groups for awareness
Social groups for awarenessSocial groups for awareness
Social groups for awareness
 
kiran.ppt
kiran.pptkiran.ppt
kiran.ppt
 
NENA 2017 Doxing and Social Engineering
NENA 2017 Doxing and Social EngineeringNENA 2017 Doxing and Social Engineering
NENA 2017 Doxing and Social Engineering
 
Info Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study JamsInfo Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study Jams
 
Jax london2016 cybercrime-and-the-developer
Jax london2016 cybercrime-and-the-developerJax london2016 cybercrime-and-the-developer
Jax london2016 cybercrime-and-the-developer
 
Business under cyberassault
Business under cyberassaultBusiness under cyberassault
Business under cyberassault
 
Cyber crime in pakistan by zubair
Cyber crime in pakistan by zubairCyber crime in pakistan by zubair
Cyber crime in pakistan by zubair
 
Cyber Threat Landscape
Cyber Threat LandscapeCyber Threat Landscape
Cyber Threat Landscape
 
How To Use Social Networks As A Hr Tool
How To Use Social Networks As A Hr ToolHow To Use Social Networks As A Hr Tool
How To Use Social Networks As A Hr Tool
 

More from Lancope, Inc.

Solving the Visibility Gap for Effective Security
Solving the Visibility Gap for Effective SecuritySolving the Visibility Gap for Effective Security
Solving the Visibility Gap for Effective Security
Lancope, Inc.
 
Network Security and Visibility through NetFlow
Network Security and Visibility through NetFlowNetwork Security and Visibility through NetFlow
Network Security and Visibility through NetFlow
Lancope, Inc.
 
The Internet of Everything is Here
The Internet of Everything is HereThe Internet of Everything is Here
The Internet of Everything is Here
Lancope, Inc.
 
Combating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutCombating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside Out
Lancope, Inc.
 
Combating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutCombating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside Out
Lancope, Inc.
 
5 Signs you have an Insider Threat
5 Signs you have an Insider Threat5 Signs you have an Insider Threat
5 Signs you have an Insider Threat
Lancope, Inc.
 
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
Lancope, Inc.
 
Detecting Threats: A Look at the Verizon DBIR and StealthWatch
Detecting Threats: A Look at the Verizon DBIR and StealthWatchDetecting Threats: A Look at the Verizon DBIR and StealthWatch
Detecting Threats: A Look at the Verizon DBIR and StealthWatch
Lancope, Inc.
 
So You Want a Threat Intelligence Function (But Were Afraid to Ask)
So You Want a Threat Intelligence Function (But Were Afraid to Ask)So You Want a Threat Intelligence Function (But Were Afraid to Ask)
So You Want a Threat Intelligence Function (But Were Afraid to Ask)
Lancope, Inc.
 
Extending Network Visibility: Down to the Endpoint
Extending Network Visibility: Down to the EndpointExtending Network Visibility: Down to the Endpoint
Extending Network Visibility: Down to the Endpoint
Lancope, Inc.
 
Save Your Network – Protecting Manufacturing Data from Deadly Breaches
Save Your Network – Protecting Manufacturing Data from Deadly BreachesSave Your Network – Protecting Manufacturing Data from Deadly Breaches
Save Your Network – Protecting Manufacturing Data from Deadly Breaches
Lancope, Inc.
 
The Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident ResponseThe Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident Response
Lancope, Inc.
 
Save Your Network – Protecting Healthcare Data from Deadly Breaches
Save Your Network – Protecting Healthcare Data from Deadly BreachesSave Your Network – Protecting Healthcare Data from Deadly Breaches
Save Your Network – Protecting Healthcare Data from Deadly Breaches
Lancope, Inc.
 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security
Lancope, Inc.
 
Insider threats webinar 01.28.15
Insider threats webinar 01.28.15Insider threats webinar 01.28.15
Insider threats webinar 01.28.15
Lancope, Inc.
 
Protecting the Crown Jewels from Devastating Data Breaches
Protecting the Crown Jewels from Devastating Data BreachesProtecting the Crown Jewels from Devastating Data Breaches
Protecting the Crown Jewels from Devastating Data Breaches
Lancope, Inc.
 
The Library of Sparta
The Library of SpartaThe Library of Sparta
The Library of Sparta
Lancope, Inc.
 
SCADA Security: The Five Stages of Cyber Grief
SCADA Security: The Five Stages of Cyber GriefSCADA Security: The Five Stages of Cyber Grief
SCADA Security: The Five Stages of Cyber Grief
Lancope, Inc.
 
Looking for the weird webinar 09.24.14
Looking for the weird webinar 09.24.14Looking for the weird webinar 09.24.14
Looking for the weird webinar 09.24.14
Lancope, Inc.
 
Cisco CSIRT Case Study: Forensic Investigations with NetFlow
Cisco CSIRT Case Study: Forensic Investigations with NetFlowCisco CSIRT Case Study: Forensic Investigations with NetFlow
Cisco CSIRT Case Study: Forensic Investigations with NetFlow
Lancope, Inc.
 

More from Lancope, Inc. (20)

Solving the Visibility Gap for Effective Security
Solving the Visibility Gap for Effective SecuritySolving the Visibility Gap for Effective Security
Solving the Visibility Gap for Effective Security
 
Network Security and Visibility through NetFlow
Network Security and Visibility through NetFlowNetwork Security and Visibility through NetFlow
Network Security and Visibility through NetFlow
 
The Internet of Everything is Here
The Internet of Everything is HereThe Internet of Everything is Here
The Internet of Everything is Here
 
Combating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutCombating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside Out
 
Combating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutCombating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside Out
 
5 Signs you have an Insider Threat
5 Signs you have an Insider Threat5 Signs you have an Insider Threat
5 Signs you have an Insider Threat
 
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
 
Detecting Threats: A Look at the Verizon DBIR and StealthWatch
Detecting Threats: A Look at the Verizon DBIR and StealthWatchDetecting Threats: A Look at the Verizon DBIR and StealthWatch
Detecting Threats: A Look at the Verizon DBIR and StealthWatch
 
So You Want a Threat Intelligence Function (But Were Afraid to Ask)
So You Want a Threat Intelligence Function (But Were Afraid to Ask)So You Want a Threat Intelligence Function (But Were Afraid to Ask)
So You Want a Threat Intelligence Function (But Were Afraid to Ask)
 
Extending Network Visibility: Down to the Endpoint
Extending Network Visibility: Down to the EndpointExtending Network Visibility: Down to the Endpoint
Extending Network Visibility: Down to the Endpoint
 
Save Your Network – Protecting Manufacturing Data from Deadly Breaches
Save Your Network – Protecting Manufacturing Data from Deadly BreachesSave Your Network – Protecting Manufacturing Data from Deadly Breaches
Save Your Network – Protecting Manufacturing Data from Deadly Breaches
 
The Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident ResponseThe Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident Response
 
Save Your Network – Protecting Healthcare Data from Deadly Breaches
Save Your Network – Protecting Healthcare Data from Deadly BreachesSave Your Network – Protecting Healthcare Data from Deadly Breaches
Save Your Network – Protecting Healthcare Data from Deadly Breaches
 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security
 
Insider threats webinar 01.28.15
Insider threats webinar 01.28.15Insider threats webinar 01.28.15
Insider threats webinar 01.28.15
 
Protecting the Crown Jewels from Devastating Data Breaches
Protecting the Crown Jewels from Devastating Data BreachesProtecting the Crown Jewels from Devastating Data Breaches
Protecting the Crown Jewels from Devastating Data Breaches
 
The Library of Sparta
The Library of SpartaThe Library of Sparta
The Library of Sparta
 
SCADA Security: The Five Stages of Cyber Grief
SCADA Security: The Five Stages of Cyber GriefSCADA Security: The Five Stages of Cyber Grief
SCADA Security: The Five Stages of Cyber Grief
 
Looking for the weird webinar 09.24.14
Looking for the weird webinar 09.24.14Looking for the weird webinar 09.24.14
Looking for the weird webinar 09.24.14
 
Cisco CSIRT Case Study: Forensic Investigations with NetFlow
Cisco CSIRT Case Study: Forensic Investigations with NetFlowCisco CSIRT Case Study: Forensic Investigations with NetFlow
Cisco CSIRT Case Study: Forensic Investigations with NetFlow
 

Recently uploaded

Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Recently uploaded (20)

Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 

LinkedIn to Your Network - The Social Engineering Threat

  • 2. This talk focuses on Facebook & LinkedIN HOWEVER these are not the only Social Engineering attack vectors • Fake Police Department for DOJ • Fake Emergency Responder To Gain Access • Scary  Take a job, gather info, leave Warning!
  • 3. Who Are Your Cyber Friends?
  • 5. People send 64 million tweets per day. Lady Gaga has more followers than the president. The Facts 1 in 5 Couples meet online. 1 in 5 also blame divorce on Facebook Facebook passed Google - most visited internet site. • 11% of world’s population has Facebook account. • More Facebook accounts than automobiles. • If Facebook were a country, it would be the 3rd largest in the world
  • 6. What Is Your Digital Identity?
  • 7. Robin Sage Fictional American cyber threat analyst created to abstract sensitive information. She graduated from MIT and had 10 years of experience despite she was 25 years old. Despite the fake profile, she was offered consulting work with notable companies such as Google and Lockheed Marti. She had friends in the FBI, CIA and even offered dinner invitations from male friends.
  • 8. Emily Olivia Williams Fictional CSE created to abstract sensitive information from a specific target. She graduated from MIT and had 10 years of experience despite she was 28 years old. Despite the fake profile, she was offered sensitive information from our target’s AM and CSEs. She had friends in large partner vendors and even offered dinner invitations from male friends.
  • 9. The Impact of Social Media 10 minutes: 20 Facebook connections 6 LinkedIn Connections 15 hours: 60 Facebook connections 55 LinkedIn Connections 24 hours: 3 job offers Total Connections: 170 Employees 71 Cisco; 22 NetApp; 10 EMC; 35 McAfee 300+ Facebook friends Endorsements: 22 LinkedIn Endorsements For Expertise and Experience From Partners and co-workers Offers: 4 job offers, Laptop and office equipment, network access.
  • 10.
  • 11. What we Did What? Created fake FaceBook and LinkedIn profile to gain information using social media. How? Social engineering techniques that allowed us to participate as a New Hire What was captured? Salesforce Logins, Issued Laptops, Jobs offers, Endorsements, Meet up requests What was the real threat? Published a Christmas card on social networks that gave us remote access to anyone that clicked on the link. This gave us significant access to devices and data.
  • 12.
  • 13. The Social Engineering Kill Chain Reconnaissance Gain Access through Facebook and learn lifestyles Privilege escalation Gain C Level friends through other friends Infiltrate • Post links to hide attacks, collect information and fingerprint target • Email rootkit / Trojan horse applications Establish Foothold • Build backdoors and map out target’s internal network • Compromise Authentication – Create Email and Admin account Own Remove sensitive data
  • 14. What Does Emily Teach Us? • Identities are a very Valuable commodity • Humans are naturally trusting • People use the same passwords for everything! • Attractive women can bypass procedures in a male dominated industry (Yes I said it … and its true!) • Common security products do not protect your employees from Social Engineering • Social Engineering threats can impact your business. • There isn’t a silver bullet product that can protect you from a future Emily Williams
  • 15. Emily Williams Good News Some people asked “Do I know you”? Some people on Facebook flagged suspicious activity
  • 16. Emily Williams Bad News What do you leave on social networks that could be used against you? Some people pretended to know her after using data from their facebook page
  • 17. Social Engineer Countermeasures • Question suspicious behavior • Forward any possible threats to HR • Be aware of what is public • Never share work intel on social networks • Protect your data with STRONG passwords. • Don’t share devices used for work.
  • 18. Your Infrastructure Provides the Source... Interne t Atlant a San Jose New York ASR-1000 Cat6k UCS with Nexus 1000v ASA Cat6k 3925 ISR 3560-X 3750-X Stack(s) Cat4k Datacente r WAN DMZ Access NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlo w
  • 19. StealthWatch for APTs StealthWatch delivers visibility and actionable insight throughout the kill chain 19© Lancope 5/5/2013 Recon Exploitation (Social Engineering?) Initial Infection Command and Control Internal Pivot Data Preparation and Exfiltration
  • 20.
  • 21. Stop Problems Before They Become Crises ImpacttotheBusiness($) credit card data compromised attack identified vulnerability closed attack thwarted early warning attack identified vulnerability closed attack onset STEALTHWATCH REDUCES MTTK Company with StealthWatch Company with Legacy Monitoring Tools 21© 2013 Lancope, Inc. All rights reserved. ~70% of Incident Response is spent on MTTK “Worm outbreaks impact revenue by up to $250k / hour. StealthWatch pays for itself in 30 minutes.” F500 Media Conglomerate 259% ROI MTTK Time
  • 22. Thank you www.lancope.com www.thesecurityblogger.com Cisco Cyber Threat Defense BTW Lady Ga Ga’s twitter is @ladygaga