an innovative and
play

An innovative and comprehensive framework for Social Driven - PowerPoint PPT Presentation

May 03, 2023 •216 likes •895 views

An innovative and comprehensive framework for Social Driven Vulnerability Assessment 20 November 2014 Who are we? Enrico o Frument nto Rober erto Puricelli lli (twitter: enricoff) (twitter: robywankenoby) ICT Security Specialist @

  1. An innovative and comprehensive framework for Social Driven Vulnerability Assessment 20 November 2014

  2. Who are we? Enrico o Frument nto Rober erto Puricelli lli (twitter: enricoff) (twitter: robywankenoby) ICT Security Specialist @ CEFRIEL ICT Security Consultant @ CEFRIEL Main Activities: unconventional security, Main Activities: Social-driven Vulnerability phreak, tweak, psychohistorian , … Assessment, Security research, passionate of technology … 2

  3. Who is cefriel Who is CEFRIEL? Bridging the gap between industries and academia to BOOST INNOVATION HIGH Industrial companies CEFRIE FRIEL L Unique Value e Pro ropos osition on CEFRIEL Academic universities LOW RESEARCH INNOVATION MARKET 3

  4. What will you get? Real numbers How vulnerable How are? companies What is SE react? today? …a lot of phun, but no beers

  5. What’s cybercrime today? From geek-driven to business-driven. 5

  6. What’s cybercrime today? Selling is selling! What do you need to sell cybercriminals products? Who’s the customer? 6

  7. What’s cybercrime today? BO BOTH TH TRIES TO TO ENTER , , TWEAKIN AT THE DOOR .. .. ING THE PERSON AT D OOR OOR -2- DOOR SELLER LER == == M ODERN AL - SELLE RN CYBERCRIMI RIMINAL ELLER 7

  8. What’s cybersecurity today? YES S A TOTALL LLY DIFFE FERENT RENT APPROACH, H, USING G THE SAME E TECHN HNIQU IQUES ES OF MARKETIN KETING. G.. V IRAL AL , ILLA , GUERRIL NAL , UNCONV NVENTIO NTIONA … AND OF RSE S OCIAL NEERING 2.0 OF COURS IAL ENGI GINEERING T? ANYTHING HING NEW?? W?? SO WHAT? 8

  9. What’s cybercrime today? ADVERTISING “ ADVERTISING ” … DEVELOPERS SOCIOLOGIST HCI EXPERTS PSYCHOLOGIST SELLERS MARKETING EXPERTS 9 SN INFLUENCERS

  10. What is the security team? Our team includes several competences • malware expert • web designer • web developer • psychologist • expert of HCI interaction • marketing expert • SN influencer • legal advisor 10

  11. SOCIAL ENGINEERING 2.0

  12. The Role of the Human Factor in Hacker Attacks 12

  13. Characteristics of SE 2.0 Automatic Social Malware Ecosystem 2.0 Engineering Attacks (ab)use of linked-data (ASE) (ab)use of psychology, personality profiling Chat-bot Mail attack vector systems and cognitive science models Economic Drivers 13

  14. Malware Ecosystem 2.0 SE became an important part of the malware 2.0 and the main infection strategy 14

  15. Automatic Social Engineering Attacks (ASE) Automation of SE attacks through information collection and mining and through the sentiment analysis from Social Networks 15

  16. (ab)use of linked-data The public bodies and anyone are moving toward the free circulation of data, to the web 3.0. This is the Linked-Open-Data or web-of-data . (ab)using LOD will facilitate the collection of data to fully contextualize attacks to targets. 16

  17. Chat-bot Diffused use of chat-bot , as in ASE attacks to start and maintain conversations with other social networks users and to balance the lack of a real social engineer ( mass social engineering attacks ) 17

  18. (Ab)use of Psychology and Cognitive Science Professional use of memetics and personality models of the attacked users, especially of models coming from theories of cognitive psychology 18

  19. Mail Attack Vector Massive use of mails - if compared to other attack vectors - since it doesn’t need talented hackers and it can reach lot of victims at a time (i.e. new forms of spam) 19

  20. Economic Drivers SE 2.0 is since the beginning an investment (no ways doing it for phun), all attacks have one common aim: making money . 20

  21. Characteristics of SE 2.0 vs vs 21

  22. Characteristics of SE 2.0 (ab)use of psychology and models of cognitive science Professional use of memetics and personality models of the attacked users, especially of models coming from theories of cognitive psychology (ab)use of Social Networks Social Networks are fantastic sources of information about victims, tastes, personalities, profiles, etc. The phase of information collection about the target in a crucial step for each attack. 22

  23. 23

  24. The first example… RSA THE case study… You probably know this email 24

  25. .. the latest one: Darkhotel attacks • More than 7 years • Target business executives • Drive-by download attack • Steal data and collect passwords What’s in common? Social Engineering at the beginning 25

  26. P ROBLEM : IT ’ S NOT ANYMORE SO ADVANCED . “A DVANCED ” ONLY MEANS THAT THE ATTACKERS HAVE A ( DEVILISH ) BUSINESS PLAN 26

  27. Advanced Persistent Threat Model An APT often begins with a Social Engineering attack • Email is the most used attack vector SE attack • How to build an effective attack? 27

  28. Advanced Persistent Threat Model Spear phishing is the new evil • A contextualized email is more effective Target SE selection attack • How to gather information? 28

  29. Advanced Persistent Threat Model Internet and Social Network allow to retrieve lots of information • Public information are already available • Also “active” attacks OSINT Target SE selection attack • What’s the result? 29

  30. Advanced Persistent Threat Model Technological attack can create a backdoor inside the company • Known vulnerabilities or zero-day attacks OSINT Target SE Ad-hoc selection attack tech attack • What’s next? 30

  31. Advanced Persistent Threat Model Inside the network, lateral movement Difficult to detect slow and punctual attacks OSINT Target SE Ad-hoc Attack selection attack tech expansion attack 31

  32. Advanced Persistent Threat Model OSINT Target SE Ad-hoc Attack Data selection attack tech expansion exfiltration attack How can we measure that risk? 32

  33. OUR FRAMEWORK

  34. Our Framework OSINT Target SE Ad-hoc Attack Data selection attack tech expansion exfiltration attack 34

  35. Our Framework Passive social information mining Spear phishing attack simulation Technological attack simulation OSINT SE Ad-hoc Target Attack Data attack tech selection expansion exfiltration attack 35

  36. Our Framework Setup Passive social information mining Framework Spear phishing attack simulation Technological attack simulation Awareness 36

  37. Setup Prior to start the assessment, it is necessary to provide a startup phase Since the activities is innovative stakeholders need to: • share objectives • define the boundaries Stakeholders of the company Security IT HR Innovation Legal 37

  38. People are the target of the assessment • A potential attacker has no constraints • Direct contact with the target (active) Don’t care about consequences • • During an assessment need to take care about the users • Ethical vs legal perspective Ethics Legal Only passive scanning Public sources Anonymous results 38

  39. Passive information mining The purpose is to find some evidence regarding the feasibility of the social engineering attack Focus on the company, not on the user Even if the source are public, lot of information retrieved… ..and it’s just the tip of the iceberg 39

  40. 40

  41. Source2 Source3 123 11 mail mail Source1 Source4 633 mail 103 mail Source5 emails initiatives 91 mail of employees related to possibily attacked company or employees templates evidence for building related to specific effective attack risks 41

  42. Spear Phishing Attack Simulation The purpose is to test the user behavior when stimulated with social engineering attack It begins with emails sent to employees Target is a sample of employees We evaluate two different type of risks: 1 1. The user click on the email • Expose to drive by-infection 2 1. The user also provides the requested credentials • Lose of a critical company asset 42

  43. Type of phishing: A SDVA Example An example of email for a SDVA test 43

  44. Type of phishing – Example of a website An example of the related phishing website Refers to the phishing campaign ACME� corpora on� established� a� partnership� ra on� to� established� a� partnership� to� propose� discount� to� all� the� employees� count� to� all� the� employees� Limited� offers� only� for� ACME� corpora on� employees.� Click� on� the� � ACME� link� below� corpora on� an employees.� Click� on� the� link� below� and� sign� � in� with� your� company� creden al� to� obtain� the� discounts� � pany� creden al� to� obtain� the� discounts� � 70%� 70%� DISCOUNT� DISCOUNT� T� Lots� of� discounts� nts� Limited� me� Company asset Only� for� Employees� SIGN� oyees� IN� SIGN� IN� SIGN� IN � SIGN� IN � Sign� in� with� your� company� creden als� ur� company� creden als� requested (credential) Both email and website contains clues that allow to identify the risk 44

  45. Collected information The assessment track user behaviors • Anonymity vs result analysis Visit website Sample data Report Insert credentials 45

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

YOUR IN INNOVATIVE SOLUTIONS Pro Drone Sys Provides high-quality, innovative and efficient

YOUR IN INNOVATIVE SOLUTIONS Pro Drone Sys Provides high-quality, innovative and efficient

YOUR IN INNOVATIVE SOLUTIONS Pro Drone Sys Provides high-quality, innovative and efficient products & customer-tailored solutions in precision farming. Our goal is to utilize all aspects of input, boost output and reduce pollution of

410 views • 9 slides
INNOVATIVE DESIGN IN SUSTAINABLE FUNCTION ABOUT When the most innovative designs are met with

INNOVATIVE DESIGN IN SUSTAINABLE FUNCTION ABOUT When the most innovative designs are met with

INNOVATIVE DESIGN IN SUSTAINABLE FUNCTION ABOUT When the most innovative designs are met with sustainable function, you get BioLouvres. From the brains and hands behind GRM Australia Biowood and Lofficina by Vincenzo, comes a louvre

526 views • 13 slides
Technology: Pathways for innovative and non-innovative Devices in Germany GTAI Market

Technology: Pathways for innovative and non-innovative Devices in Germany GTAI Market

Assessment in Medicine Reimbursement Strategies for Medical Technology: Pathways for innovative and non-innovative Devices in Germany GTAI Market Presentations & Topics MEDICA, Dsseldorf, November 14th, 2017 1.S.002 1.S.002 Pathways

219 views • 17 slides
NORTH CAROLINA INNOVATIVE SCHOOL DISTRICT Partnering with local communities to create innovative

NORTH CAROLINA INNOVATIVE SCHOOL DISTRICT Partnering with local communities to create innovative

NORTH CAROLINA INNOVATIVE SCHOOL DISTRICT Partnering with local communities to create innovative conditions for accelerating student growth and achievement SBE Updates for November 2019 Presenters Dr. James C. Ellerbe, ISD Superintendent

643 views • 24 slides
Triple M Innovative Expertise Innovative Expertise Expertise in Automated Valves

Triple M Innovative Expertise Innovative Expertise Expertise in Automated Valves

Triple M Innovative Expertise Innovative Expertise Expertise in Automated Valves International Actuators Suppliers Alliances Own adaptors and brackets design Own Engineering design and calculations Own test benches and Automated

809 views • 18 slides
Innovative Strategies for Innovative Strategies for Preventing and Managing Wage & Hour

Innovative Strategies for Innovative Strategies for Preventing and Managing Wage & Hour

Innovative Strategies for Innovative Strategies for Preventing and Managing Wage & Hour Risks Wage & Hour Risks September 30, 2009 Jason Guerrettaz Francisco Ochoa General Counsel Mayer Brown LLP Seccion Amarilla USA, LLC Los

683 views • 45 slides
New and Innovative Additives Innovative Extreme Pressure (EP) Additives & Solutions 2017

New and Innovative Additives Innovative Extreme Pressure (EP) Additives & Solutions 2017

New and Innovative Additives Innovative Extreme Pressure (EP) Additives & Solutions 2017 STLE Commercial Forum 2B May 22, 2017 at Atlanta, GA Phil Levy, V.P., Sales and Marketing Novitas Chem Solutions, LLC Novitas strives to provide

599 views • 17 slides
Innovative and Intelligent facades By Jeff Tsai Arup Building Envelope Design 1 Innovative

Innovative and Intelligent facades By Jeff Tsai Arup Building Envelope Design 1 Innovative

Innovative and Intelligent facades By Jeff Tsai Arup Building Envelope Design 1 Innovative facades around the world 1. Beijing 4. Hong Kong Six Selected Projects 2. Abu Dhabi 5. Hamburg 3. Tokyo 6. London / Europe 2

241 views • 23 slides
The Power of Dynamic Testing reliable reliable competent innovative innovative Center of

The Power of Dynamic Testing reliable reliable competent innovative innovative Center of

The Power of Dynamic Testing reliable reliable competent innovative innovative Center of Competence chassis connection connection technology Exhaust systems Internal bogie Stearing systems pressure springs connections bearings

546 views • 22 slides
Innovative Refrigeration Innovative Refrigeration Solutions for Every Store Solutions for Every

Innovative Refrigeration Innovative Refrigeration Solutions for Every Store Solutions for Every

Innovative Refrigeration Innovative Refrigeration Solutions for Every Store Solutions for Every Store About us Who we are? FREOR is an internationally operating manufacturer of commercial refrigeration equipment for any type of store,

577 views • 37 slides
Innovative. Adaptable. Grounded. www.solarfoundationsusa.com info@solarfoundationsusa.com (855)

Innovative. Adaptable. Grounded. www.solarfoundationsusa.com info@solarfoundationsusa.com (855)

Innovative. Adaptable. Grounded. www.solarfoundationsusa.com info@solarfoundationsusa.com (855) 738-7200 Innovative SFUSA is constantly developing new designs, engineering new racking solutions and patenting our product lines. We work hard to

652 views • 16 slides
New and Innovative Additives Innovative Extreme Pressure (EP) Additives & Solutions 2017 STLE

New and Innovative Additives Innovative Extreme Pressure (EP) Additives & Solutions 2017 STLE

New and Innovative Additives Innovative Extreme Pressure (EP) Additives & Solutions 2017 STLE Commercial Forum 2B May 22, 2017 at Atlanta, GA Phil Levy, V.P., Sales and Marketing Novitas Chem Solutions, LLC Novitas strives to provide

450 views • 17 slides
DEVELOPMENT Masterclass Tim Coburn Partner, Accelerance 11 th May 2016, London Innovative

DEVELOPMENT Masterclass Tim Coburn Partner, Accelerance 11 th May 2016, London Innovative

INNOVATIVE PRACTICES IN EXECUTIVE AND LEADERSHIP DEVELOPMENT Masterclass Tim Coburn Partner, Accelerance 11 th May 2016, London Innovative Practice in Leadership Development Masterclass Purpose Provide a forum to learn about innovative

415 views • 28 slides
Developing Innovative Peptides April 2020 ImmuPharma Listed on AIM (LSE:IMM) &

Developing Innovative Peptides April 2020 ImmuPharma Listed on AIM (LSE:IMM) &

plc Developing Innovative Peptides April 2020 ImmuPharma Listed on AIM (LSE:IMM) & Euronext Growth Brussels (ALIMM) Pipeline of innovative peptide products Portfolio from early to late stage Lupuzor - lead product

496 views • 15 slides
Admesy Company Introduction Our mission: We provide our customers with innovative T&M

Admesy Company Introduction Our mission: We provide our customers with innovative T&M

Admesy Company Introduction Our mission: We provide our customers with innovative T&M solutions tailored for colour and light measurement in production processes. ! ! Our products are innovative, compact, fast, user- friendly and robust. !

648 views • 23 slides
Innovative Technology- Innovative Technology- Smart Grid Application a pp a Yang Jin-Shih

Innovative Technology- Innovative Technology- Smart Grid Application a pp a Yang Jin-Shih

2011 Taipei SummitICT and Green Energy Applications in Green Architecture Innovative Technology- Innovative Technology- Smart Grid Application a pp a Yang Jin-Shih Yang Jin Shih Taiwan Power Company 100.10.27 1 Outline Outline

571 views • 30 slides
Security Psychology Topics Weve Covered Ethics XSS CSRF SQL injection

Security Psychology Topics Weve Covered Ethics XSS CSRF SQL injection

Security Psychology Topics Weve Covered Ethics XSS CSRF SQL injection Passwords Command injection Scanning Malware Most of these attacks are enabled by social engineering. Todays Class Pretexting

516 views • 26 slides
Alerting Husbandry Julien Goodwin jgoodwin@studio442.com.au @laptop006 Bad Alerts Obsolete

Alerting Husbandry Julien Goodwin jgoodwin@studio442.com.au @laptop006 Bad Alerts Obsolete

Alerting Husbandry Julien Goodwin jgoodwin@studio442.com.au @laptop006 Bad Alerts Obsolete Alerts $THING is down! Because we turned it down a year ago $THING has bug $FOO! Really? The vendor fixed it three years ago and we

288 views • 17 slides
A Priacy-Presering Scial-Aware Incentie System fr Wrd-f-Muth Adertisement

A Priacy-Presering Scial-Aware Incentie System fr Wrd-f-Muth Adertisement

A Priacy-Presering Scial-Aware Incentie System fr Wrd-f-Muth Adertisement Disseminatin n Smart Mbile Deices Wei Peng 1 Feng Li 1 Xukai Zu 1 Jie Wu 2 1 Indiana Uniersity-Purdue Uniersity Indianalis (IUPUI) 2

740 views • 63 slides
Machine learning system design Priori3zing what to work on:

Machine learning system design Priori3zing what to work on:

Machine learning system design Priori3zing what to work on: Spam classifica3on example Machine Learning Building a spam classifier From:

288 views • 18 slides
MITREATT&CK FOR RED TEAMING ABOUT ME Niklas Srkaari @ukk1sec Red Teamer

MITREATT&CK FOR RED TEAMING ABOUT ME Niklas Srkaari @ukk1sec Red Teamer

MITREATT&CK FOR RED TEAMING ABOUT ME Niklas Srkaari @ukk1sec Red Teamer (Senior Security Consultant) @ F-Secure MITREATT&CK Knowledge base of adversary tactics, techniques and procedures (TTPs) Develop skills for

778 views • 33 slides
Case-control studies and cybercrime Tyler Moore Computer Science & Engineering Department,

Case-control studies and cybercrime Tyler Moore Computer Science & Engineering Department,

Notes Case-control studies and cybercrime Tyler Moore Computer Science & Engineering Department, SMU, Dallas, TX Lecture 14 Guide to analyzing data Notes Type of Data Exploration Statistics RByEx ecdf(br$logbreach)

281 views • 3 slides
Dragon Advance Tech The Latest Cybersecurity Landscape in Hong Kong FinTech Security Conference

Dragon Advance Tech The Latest Cybersecurity Landscape in Hong Kong FinTech Security Conference

Dragon Advance Tech The Latest Cybersecurity Landscape in Hong Kong FinTech Security Conference - 2018 Frankie Li You heard a lot ... Like this But not from Hong Kong 2014-2015 7 2016: APT 3 targeted the organizations with

635 views • 42 slides
The Great Hotel Hack Adventures in attacking hospitality industry Etizaz Mohsin

The Great Hotel Hack Adventures in attacking hospitality industry Etizaz Mohsin

The Great Hotel Hack Adventures in attacking hospitality industry Etizaz Mohsin https://etizazmohsin.com Disclaimer No hotels were harmed during making of this presentation Do not try this at home! Images Courtesy: ANTlabs & INTSIGHTS

1.11k views • 90 slides

More recommend