ACAMS Cybersecurity Risk We All Face Jerry Craft| August 2017 - - PowerPoint PPT Presentation

acams
SMART_READER_LITE
LIVE PREVIEW

ACAMS Cybersecurity Risk We All Face Jerry Craft| August 2017 - - PowerPoint PPT Presentation

Nov 14, 2022 514 likes •930 views

ACAMS Cybersecurity Risk We All Face Jerry Craft| August 2017 About Your Speaker About Nth Generation Computing Ransomware Attacks & Extortion Hacking 101 Website Hacking 101 Phishing, Smishing and Lying Nation State Attacks

slide-1
SLIDE 1

ACAMS

Cybersecurity Risk We All Face

Jerry Craft| August 2017

slide-2
SLIDE 2

About Your Speaker About Nth Generation Computing Ransomware Attacks & Extortion Hacking 101 Website Hacking 101 Phishing, Smishing and Lying Nation State Attacks

slide-3
SLIDE 3

Cybersecurity

Jerry Craft – Nth Generation Computing

  • Senior Security Consultant, CISO and Ethical Hacker
  • Formerly Chief Information Security Officer for 6 billion dollar financial institution.
  • 25+ years of IT and Security experience.
  • Security author, instructor, and speaker
  • Certified Information Systems Security Professional (CISSP)
  • SANS Institute GIAC Security Professional (GSEC)
  • SANS Institute GIAC Penetration Tester and Ethical Hacker (GPEN)
  • SANS Institute GIAC Forensic Examiner (GCFE)
  • SANS Institute Instructor for SANS 560: Ethical Hacking and Penetration Testing
slide-4
SLIDE 4

Cybersecurity

Jerry Craft – Nth Generation Computing

  • Reviewed and secured the following business verticals
  • Finance, Healthcare, Government, Utility, Educational and Retail

environments.

  • Work with businesses and perform forensic understanding to hacking attacks.
  • Perform incident response on hacking incidents to help customers understand a

breach, and get law enforcement involved when necessary.

  • http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-

breaches-hacks/

slide-5
SLIDE 5

Nth Generation Computing, Inc.

About Nth

Nth Generation is a 26 year old solution provider that has access to the latest technology, and performs security engagements using highly skilled ethical hackers, and former CISO’s.

Founded in 1991 Southern-California focused Offices in San Diego (HQ) and Irvine HP Security Partner of the Year 2015 Cylance Security Partner of the Year 2017

slide-6
SLIDE 6

Nth Generation

Consulting Engagements

→ Ethical Hacking → Red Team (Physical Security) → Risk Assessments → Social Engineering → Security Roadmaps → Cloud Computing Assessments → Virtual CISO → Security Consulting

slide-7
SLIDE 7

Ransomware Attacks and Extortion

slide-8
SLIDE 8

Nth Generation

Ransomware 1989-2017 AIDS Trojan to Cryptolocker

slide-9
SLIDE 9

Nth Generation

Ransomware 1989-2017 AIDS Trojan to Cryptolocker

slide-10
SLIDE 10

Nth Generation

Ransomware 1989-2017 AIDS Trojan to Cryptolocker

  • Ransomware is a type of malware which is classified as a Trojan.
  • It restricts access to, or, damages the computer for the purpose of extorting

money from the victim.

  • It also has the capability to encrypt a users files, display different threat

messages, and force the user to pay ransom via an online payment system.

  • There have been more than 700,000 ransomware attempts between 2015-

2016.

  • Most companies simply restore the data, or pay the ransom.
slide-11
SLIDE 11

Nth Generation

Ransomware 1989-2017 AIDS Trojan to Cryptolocker

  • 1. Ransomware will become just another tool in the hacker utility belt.
  • 2. We’ll see more attacks designed to publicly shame the victims.
  • 3. More examples of ransomware using no executable as a means of evading detection.
  • 4. If there is a decline in ransomware it will be because of law enforcement action.

https://en.wikipedia.org/wiki/Ransomware

slide-12
SLIDE 12

Nth Generation

Ransomware 2017

https://www.fincen.gov/news/news-releases/fincen-fines-btc-e-virtual-currency- exchange-110-million-facilitating-ransomware

slide-13
SLIDE 13

Nth Generation

Ransomware 2017

Cryptolocker – Hollywood Presbyterian Medical Center Computer access was blocked and not restored until payment was made. http://www.latimes.com/business/technology/la-me-ln-hollywood-hospital-bitcoin- 20160217-story.html

slide-14
SLIDE 14

Nth Generation

Ransomware 2017

slide-15
SLIDE 15

Hacking 101

slide-16
SLIDE 16

Nth Generation

Virus/Worm 2008 -- Conficker

  • 1. Hacker developed vulnerability (MS08-067 Microsoft Windows)
  • 2. Fast spreading worm that targets vulnerability
  • 3. Blended threat that infects, disables security, backups, deletes data and opens a

connection to a remote computer

  • 4. Spreads by copying itself to folders, drives, etc.

https://en.wikipedia.org/wiki/Conficker

slide-17
SLIDE 17

Nth Generation

Attack / Ransomware -- EternalBlue

  • 1. NSA developed vulnerability (MS17-010 Microsoft Windows / AKA EternalBlue)
  • 2. Used by hackers worldwide for a WannaCry ransomware attack 5/12/2017.
  • 3. Used by hackers worldwide for a NotPetya cyberattack in 6/27/2017.

https://en.wikipedia.org/wiki/EternalBlue

slide-18
SLIDE 18

Nth Generation

What do hackers look for to find vulnerabilities?

What if I type HELO 1000 times?

slide-19
SLIDE 19

Nth Generation

Blue screen of death!

slide-20
SLIDE 20

Nth Generation

Computer memory for the win!

slide-21
SLIDE 21

Nth Generation

Blue screen of death!

Hacked for the win!

slide-22
SLIDE 22

Nth Generation

Attack / Ransomware -- EternalBlue

slide-23
SLIDE 23

Website Hacking

slide-24
SLIDE 24

Nth Generation

Website Compromises…

slide-25
SLIDE 25

Phishing / Smishing and Lying.

slide-26
SLIDE 26

Nth Generation

Phishing

slide-27
SLIDE 27

Nth Generation

Phishing

slide-28
SLIDE 28

Nth Generation

Whaling…

slide-29
SLIDE 29

Nth Generation

Whaling…

slide-30
SLIDE 30

Nth Generation

Catfishing

  • “Mia Ash” – April 2016 – persona befriended male employees of oil and

technology firms in Israel, Saudi Arabia, India, US and Iraq.

  • Hacking group in Iran is believed to be behind the accounts. – Secureworks.
  • Group named Cobalt Gypsy
  • Purpose : steal credentials from employees who would have access to their

companies computer networks.

  • LinkedIn is a great/successful way for hackers to target people because users are

inclined to trust others on the site. http://money.cnn.com/2017/07/27/technology/business/cobalt-gypsy-oilrig- linkedin-photographer/index.html?iid=ob_homepage_tech_pool

slide-31
SLIDE 31

Nth Generation

Whaling…

slide-32
SLIDE 32

State & Nation State Attacks

slide-33
SLIDE 33

Nth Generation

Who are the attackers?

slide-34
SLIDE 34

Nth Generation

Office of Personnel Management

  • Exposed 22 million current and former employees records compromised and stolen.
  • 1. Identify undercover officers
  • 2. Neutralize U.S. government officials
  • 3. Threaten overseas family members
  • 4. Harass clearance holders or their families in the United States
  • 5. Wire you for sound
  • 6. Figure out exactly what it takes to get a security clearance
  • 7. Publish the data
  • 8. Guess passwords
  • 9. Future Spear phish.
slide-35
SLIDE 35

Nth Generation

Who are the attackers?

  • Who is number 1: China, then North Korea, Russia
  • I have investigated these types of attacks.
  • Purpose was to take intellectual property
  • To destroy the business competition.
  • Improve the intellectual property for China to resell and win deals.
slide-36
SLIDE 36

Key Takeaways

slide-37
SLIDE 37

Nth Generation

What can be done?

slide-38
SLIDE 38

Nth Generation

What can be done?

slide-39
SLIDE 39

Nth Generation

What can be done?