acams
play

ACAMS Cybersecurity Risk We All Face Jerry Craft| August 2017 - PowerPoint PPT Presentation

Nov 14, 2022 •514 likes •924 views

ACAMS Cybersecurity Risk We All Face Jerry Craft| August 2017 About Your Speaker About Nth Generation Computing Ransomware Attacks & Extortion Hacking 101 Website Hacking 101 Phishing, Smishing and Lying Nation State Attacks

  1. ACAMS Cybersecurity Risk We All Face Jerry Craft| August 2017

  2. About Your Speaker About Nth Generation Computing Ransomware Attacks & Extortion Hacking 101 Website Hacking 101 Phishing, Smishing and Lying Nation State Attacks

  3. Cybersecurity Jerry Craft – Nth Generation Computing Senior Security Consultant, CISO and Ethical Hacker • Formerly Chief Information Security Officer for 6 billion dollar financial institution. • 25+ years of IT and Security experience. • Security author, instructor, and speaker • Certified Information Systems Security Professional (CISSP) • SANS Institute GIAC Security Professional (GSEC) • SANS Institute GIAC Penetration Tester and Ethical Hacker (GPEN) • SANS Institute GIAC Forensic Examiner (GCFE) • SANS Institute Instructor for SANS 560: Ethical Hacking and Penetration Testing •

  4. Cybersecurity Jerry Craft – Nth Generation Computing Reviewed and secured the following business verticals • Finance, Healthcare, Government, Utility, Educational and Retail • environments. Work with businesses and perform forensic understanding to hacking attacks. • Perform incident response on hacking incidents to help customers understand a • breach, and get law enforcement involved when necessary. http://www.informationisbeautiful.net/visualizations/worlds-biggest-data- • breaches-hacks/

  5. Nth Generation Computing, Inc. About Nth Nth Generation is a 26 year old solution provider that has access to the latest technology, and performs security engagements using highly skilled ethical hackers, and former CISO’s. Founded in 1991 Southern-California focused Offices in San Diego (HQ) and Irvine HP Security Partner of the Year 2015 Cylance Security Partner of the Year 2017

  6. Nth Generation Consulting Engagements → Ethical Hacking → Red Team (Physical Security) → Risk Assessments → Social Engineering → Security Roadmaps → Cloud Computing Assessments → Virtual CISO → Security Consulting

  7. Ransomware Attacks and Extortion

  8. Nth Generation Ransomware 1989-2017 AIDS Trojan to Cryptolocker

  9. Nth Generation Ransomware 1989-2017 AIDS Trojan to Cryptolocker

  10. Nth Generation Ransomware 1989-2017 AIDS Trojan to Cryptolocker Ransomware is a type of malware which is classified as a Trojan. • It restricts access to, or, damages the computer for the purpose of extorting • money from the victim. It also has the capability to encrypt a users files, display different threat • messages, and force the user to pay ransom via an online payment system. There have been more than 700,000 ransomware attempts between 2015- • 2016. Most companies simply restore the data, or pay the ransom. •

  11. Nth Generation Ransomware 1989-2017 AIDS Trojan to Cryptolocker 1. Ransomware will become just another tool in the hacker utility belt. 2. We’ll see more attacks designed to publicly shame the victims. 3. More examples of ransomware using no executable as a means of evading detection. 4. If there is a decline in ransomware it will be because of law enforcement action. https://en.wikipedia.org/wiki/Ransomware

  12. Nth Generation Ransomware 2017 https://www.fincen.gov/news/news-releases/fincen-fines-btc-e-virtual-currency- exchange-110-million-facilitating-ransomware

  13. Nth Generation Ransomware 2017 Cryptolocker – Hollywood Presbyterian Medical Center Computer access was blocked and not restored until payment was made. http://www.latimes.com/business/technology/la-me-ln-hollywood-hospital-bitcoin- 20160217-story.html

  14. Nth Generation Ransomware 2017

  15. Hacking 101

  16. Nth Generation Virus/Worm 2008 -- Conficker 1. Hacker developed vulnerability ( MS08-067 Microsoft Windows) 2. Fast spreading worm that targets vulnerability 3. Blended threat that infects, disables security, backups, deletes data and opens a connection to a remote computer 4. Spreads by copying itself to folders, drives, etc. https://en.wikipedia.org/wiki/Conficker

  17. Nth Generation Attack / Ransomware -- EternalBlue 1. NSA developed vulnerability ( MS17-010 Microsoft Windows / AKA EternalBlue) 2. Used by hackers worldwide for a WannaCry ransomware attack 5/12/2017. 3. Used by hackers worldwide for a NotPetya cyberattack in 6/27/2017. https://en.wikipedia.org/wiki/EternalBlue

  18. Nth Generation What do hackers look for to find vulnerabilities? What if I type HELO 1000 times?

  19. Nth Generation Blue screen of death!

  20. Nth Generation Computer memory for the win!

  21. Nth Generation Blue screen of death! Hacked for the win!

  22. Nth Generation Attack / Ransomware -- EternalBlue

  23. Website Hacking

  24. Nth Generation Website Compromises…

  25. Phishing / Smishing and Lying.

  26. Nth Generation Phishing

  27. Nth Generation Phishing

  28. Nth Generation Whaling…

  29. Nth Generation Whaling…

  30. Nth Generation Catfishing “Mia Ash” – April 2016 – persona befriended male employees of oil and • technology firms in Israel, Saudi Arabia, India, US and Iraq. Hacking group in Iran is believed to be behind the accounts. – Secureworks. • Group named Cobalt Gypsy • Purpose : steal credentials from employees who would have access to their • companies computer networks. LinkedIn is a great/successful way for hackers to target people because users are • inclined to trust others on the site. http://money.cnn.com/2017/07/27/technology/business/cobalt-gypsy-oilrig- linkedin-photographer/index.html?iid=ob_homepage_tech_pool

  31. Nth Generation Whaling…

  32. State & Nation State Attacks

  33. Nth Generation Who are the attackers?

  34. Nth Generation Office of Personnel Management Exposed 22 million current and former employees records compromised and stolen. • 1. Identify undercover officers 2. Neutralize U.S. government officials 3. Threaten overseas family members 4. Harass clearance holders or their families in the United States 5. Wire you for sound 6. Figure out exactly what it takes to get a security clearance 7. Publish the data 8. Guess passwords 9. Future Spear phish.

  35. Nth Generation Who are the attackers? Who is number 1: China, then North Korea, Russia • I have investigated these types of attacks. • Purpose was to take intellectual property • To destroy the business competition. • Improve the intellectual property for China to resell and win deals. •

  36. Key Takeaways

  37. Nth Generation What can be done?

  38. Nth Generation What can be done?

  39. Nth Generation What can be done?

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

ACAMS Update John J. Byrne, Esq., CAMS Executive Vice President February 5, 2016 1 1 ACAMS

ACAMS Update John J. Byrne, Esq., CAMS Executive Vice President February 5, 2016 1 1 ACAMS

ACAMS Update John J. Byrne, Esq., CAMS Executive Vice President February 5, 2016 1 1 ACAMS Membership 2 ACAMS Certified Members 3 Chapter Membership *Chapters over 50 members 4 Advanced Certification Certifying excellence in the

994 views • 46 slides
13 October 2016 Samantha J Sheen AML Director - Europe, ACAMS Presentation Outline 1.

13 October 2016 Samantha J Sheen AML Director - Europe, ACAMS Presentation Outline 1.

Sanctions: A Practical Perspective Presentation to the ACAMS Cyprus Chapter 13 October 2016 Samantha J Sheen AML Director - Europe, ACAMS Presentation Outline 1. Introduction 2. Current Challenges 3. Mitigation of Sanctions Compliance

294 views • 25 slides
Landscape and Law Enforcements Perspective Carlton M. Greene Presentation to ACAMS Northern

Landscape and Law Enforcements Perspective Carlton M. Greene Presentation to ACAMS Northern

The Changing Sanctions Landscape and Law Enforcements Perspective Carlton M. Greene Presentation to ACAMS Northern California Chapter October 25, 2018 Crowell & Moring | 1 Sanctions Basics The Treasury Departments Office of

542 views • 18 slides
From Russia to Cuba A Complex Tale of Old Friends & Sanctions ACAMS NY Chapter Learning

From Russia to Cuba A Complex Tale of Old Friends & Sanctions ACAMS NY Chapter Learning

From Russia to Cuba A Complex Tale of Old Friends & Sanctions ACAMS NY Chapter Learning Event April 16, 2015 6:00 pm 8:00 pm Hosted by: 5 Times S quare New Y ork, NY 10036 Russia/Ukraine Related Sanctions What is Business as

231 views • 10 slides
Finance* Henry Balani, CAMS Head of Innovation ACAMS Northern California Chapter Meeting Nov 19

Finance* Henry Balani, CAMS Head of Innovation ACAMS Northern California Chapter Meeting Nov 19

Economic Sanction Screening in Trade Finance* Henry Balani, CAMS Head of Innovation ACAMS Northern California Chapter Meeting Nov 19 th 2015 * Also includes quick update on Iran Accuity ity focuse uses s on the needs of banks, s, financia

564 views • 43 slides
Spotting Red Flags of Elder Financial Exploitation in your Institution October 27, 2016 ACAMS

Spotting Red Flags of Elder Financial Exploitation in your Institution October 27, 2016 ACAMS

Spotting Red Flags of Elder Financial Exploitation in your Institution October 27, 2016 ACAMS Greater Philadelphia Chapter AGENDA Evolution of Elder Abuse/Financial Exploitation Recommendations Red Flags Case Scenarios

271 views • 16 slides
Presented by: Dennis Ansbro and Zoya Faynleyb ACAMS Greater Philadelphia Chapter December 10,2015

Presented by: Dennis Ansbro and Zoya Faynleyb ACAMS Greater Philadelphia Chapter December 10,2015

Presented by: Dennis Ansbro and Zoya Faynleyb ACAMS Greater Philadelphia Chapter December 10,2015 Sources and Types of Sanctions OFAC / HMT / EU / UN US Sanctions Key Concepts 2015 Recent Sanctions Developments SSI / Cuba /Iran

549 views • 29 slides
Australian Digital Currency Commerce Association ACAMS PRES ENTATION 30 S eptember 2014 1

Australian Digital Currency Commerce Association ACAMS PRES ENTATION 30 S eptember 2014 1

Australian Digital Currency Commerce Association ACAMS PRES ENTATION 30 S eptember 2014 1 Agenda 1. What is Bit coin? 2. How are Bit coins Used? 3. The Growing Digit al Currency Indust ry 4. Taxing Digit al Currencies 5. Bit coin as a

633 views • 50 slides
TARGETED FINANCIAL SANCTIONS REQUIREMENTS UNDER THE UNITED NATIONS SECURITY COUNCIL (UNSC)

TARGETED FINANCIAL SANCTIONS REQUIREMENTS UNDER THE UNITED NATIONS SECURITY COUNCIL (UNSC)

financial intelligence centre REPUBLIC OF SOUTH AFRICA TARGETED FINANCIAL SANCTIONS REQUIREMENTS UNDER THE UNITED NATIONS SECURITY COUNCIL (UNSC) FINANCIAL ACTION TASK FORCE (FATF) AND FIC AMENDMENT BILL (2016) 28 June 2016 ACAMS South

696 views • 40 slides
C o m m o n T h r e a t s 101110001010101001010 010101010100101010101 IT'S TIME TO

C o m m o n T h r e a t s 101110001010101001010 010101010100101010101 IT'S TIME TO

C o m m o n T h r e a t s 101110001010101001010 010101010100101010101 IT'S TIME TO TAKE WEB SECURITY SERIOUSLY G r a m m e n o s S t e f a n o s https://gr.linkedin.com/in/grammenos Y E S S S S S I ' V E

300 views • 14 slides
Stratosphere for Hadoop Users Potsdam, January 03, 2012 Arvid Heise Outline 2 1 Overview over

Stratosphere for Hadoop Users Potsdam, January 03, 2012 Arvid Heise Outline 2 1 Overview over

Stratosphere for Hadoop Users Potsdam, January 03, 2012 Arvid Heise Outline 2 1 Overview over Stratosphere 2 Dataflow Orientation 3 Tuple-based Data Model 4 Other Differences 5 Seminar Organization Arvid Heise | Scalable Data Analysis

482 views • 45 slides
CFRP Applications in Michigan & AASHTO Innovations Initiative Program 2015 AASHTO

CFRP Applications in Michigan & AASHTO Innovations Initiative Program 2015 AASHTO

CFRP Applications in Michigan & AASHTO Innovations Initiative Program 2015 AASHTO Subcommittee on Construction Mark Chaput - Bureau of Field Services August 11, 2015 CFRP Applications in Michigan In ternal Reinforcement and

394 views • 37 slides
Corporate Presentation Corporate Presentation Safe Harbor PAGE 2 Statements in this

Corporate Presentation Corporate Presentation Safe Harbor PAGE 2 Statements in this

PAGE 1 Corporate Presentation Corporate Presentation Safe Harbor PAGE 2 Statements in this presentation that are not descriptions of historical facts are forward-looking statements relating to future events, and as such all forward- looking

202 views • 16 slides
Dave McCurdy Executive Director, Internet Security Alliance President, Electronic Industries

Dave McCurdy Executive Director, Internet Security Alliance President, Electronic Industries

Dave McCurdy Executive Director, Internet Security Alliance President, Electronic Industries Alliance Electronic Industries Alliance The Whole is Greater Than the Sum of the Individual Parts Consumer Telecommunications Electronics

740 views • 48 slides
cyber defence capability: A practitioners perspective Luke Beeson, Vice President Security UK

cyber defence capability: A practitioners perspective Luke Beeson, Vice President Security UK

Building an effective and dynamic cyber defence capability: A practitioners perspective Luke Beeson, Vice President Security UK and GB&FM BT Security 1 BT Security 2 Our History Rethinking the Risk as a Trusted Security Partner BT

141 views • 10 slides
MARKET DESIGN FOR REFUGEES Will Jones (and Alex Teytelboym ) August 2016 Paper for HCEO Market

MARKET DESIGN FOR REFUGEES Will Jones (and Alex Teytelboym ) August 2016 Paper for HCEO Market

MARKET DESIGN FOR REFUGEES Will Jones (and Alex Teytelboym ) August 2016 Paper for HCEO Market Design Perspectives on Inequality, Chicago. The Global Refugee Crisis 65.3m displaced persons worldwide, highest recorded number ever 16.1m

342 views • 33 slides
Planning to Date July 21, 2020 0 OVERVIEW Re-opening Schools in Fall 2020 Mitigating

Planning to Date July 21, 2020 0 OVERVIEW Re-opening Schools in Fall 2020 Mitigating

Planning to Date July 21, 2020 0 OVERVIEW Re-opening Schools in Fall 2020 Mitigating COVID-19 Plan to Implement Safety Measures, Manage Change & Maintain High-Quality Learning 0 KMSD Goals SAFETY - Working with Waukesha

518 views • 41 slides
An investment in Knowledge pays the best interest. - Benjamin Franklin Executive

An investment in Knowledge pays the best interest. - Benjamin Franklin Executive

RELATIONSHIP ACCOUNTABILITY PRODUCT Funds Management Services An investment in Knowledge pays the best interest. - Benjamin Franklin Executive Summary Unifi Capital is a discretionary , long-only India centric fund manager;

759 views • 41 slides
FY 2009 Presidents Budget Presentation to EPAs Science Adv sory Board i Kevin Y. Teichman,

FY 2009 Presidents Budget Presentation to EPAs Science Adv sory Board i Kevin Y. Teichman,

FY 2009 Presidents Budget Presentation to EPAs Science Adv sory Board i Kevin Y. Teichman, Ph.D. Deputy Assistant Administrator for Science Office of Research and Development February 28 th , 2008 Presentation Overview Recent

528 views • 21 slides
PTSA Board Meeting McLean High School September 25, 2019 ENGAGEMENT ROLE OF SOSA TEACHER /

PTSA Board Meeting McLean High School September 25, 2019 ENGAGEMENT ROLE OF SOSA TEACHER /

PTSA Board Meeting McLean High School September 25, 2019 ENGAGEMENT ROLE OF SOSA TEACHER / STUDENT SURVEY ACADEMIC SUPPORTS Agenda RESULTS STUDENT LIFE MHS CLINICAL STUDENT QUESTIONS AND TEAM SERVICES ACTIVITIES CALENDAR Survey

328 views • 10 slides
Overview: Emotion & Health Communication Research in Cancer Control Media Effects Research

Overview: Emotion & Health Communication Research in Cancer Control Media Effects Research

The Role of Emotion in Health Communication Foundational Research and Future Directions Abby Prestin, Ph.D. Kelly D. Blake, Sc.D. Health Communication and Informatics Research Branch Behavioral Research Program Division of Cancer Control and

603 views • 12 slides
Arkansas Bankers Association Mega Conference September 26, 2018 Walter G. Wright, Jr. Mitchell

Arkansas Bankers Association Mega Conference September 26, 2018 Walter G. Wright, Jr. Mitchell

Arkansas Bankers Association Mega Conference September 26, 2018 Walter G. Wright, Jr. Mitchell Williams Law Firm (501) 688-8839 Little Rock, AR 72212 wwright@mwlaw.com 1 Three combined posts every business day addressing federal/Arkansas

732 views • 71 slides
UN Security Council Resolution 1540: Monitoring and Detecting Breaches in Biosecurity &

UN Security Council Resolution 1540: Monitoring and Detecting Breaches in Biosecurity &

UN Security Council Resolution 1540: Monitoring and Detecting Breaches in Biosecurity & Illicit Trafficking of BW-Related Materials Dana Perkins, PhD 1540 Committee Expert Biological Weapons Convention Meeting of States Parties Side event

490 views • 16 slides
Inter Interconn connecte ected S d Syst ystems ems Framew amewor ork k (IS (ISF): F):

Inter Interconn connecte ected S d Syst ystems ems Framew amewor ork k (IS (ISF): F):

Inter Interconn connecte ected S d Syst ystems ems Framew amewor ork k (IS (ISF): F): Sc School Mental hool Mental Health Health within within an MTSS an MTSS Framew amewor ork Kelcey Schmitz, MSEd, UW SMART Center and Northwest

787 views • 50 slides

More recommend