October 3, 2019 We go into the Dark Web, so you dont have to. - - PowerPoint PPT Presentation

october 3 2019
SMART_READER_LITE
LIVE PREVIEW

October 3, 2019 We go into the Dark Web, so you dont have to. - - PowerPoint PPT Presentation

Mar 10, 2024 156 likes •399 views

Are Your Companys Digital Credentials for Sale? Your Digital Identity October 3, 2019 We go into the Dark Web, so you dont have to. Volunteers? https://haveibeenpwned.com Top 10 Cybersecurity Tips 1) Create unique passwords and enforce

slide-1
SLIDE 1

We go into the Dark Web, so you don’t have to.

Are Your Company’s Digital Credentials for Sale? Your Digital Identity October 3, 2019

slide-2
SLIDE 2

Volunteers?

https://haveibeenpwned.com

slide-3
SLIDE 3
slide-4
SLIDE 4

Top 10 Cybersecurity Tips

1) Create unique passwords and enforce multi-factor authentication for all network users. 2) Install spam-filtering solutions with anti-phishing capabilities across your network. 3) Leverage web-filtering programs that block phishy websites. 4) Prepare for cryptojacking attacks. 5) Evaluate security suites that include Dark Web monitoring. 6) Involve all stakeholders in raising cybersecurity awareness across your organization. 7) Assess your organization’s information, protection, and access regularly. 8) Ensure that all third-parties have cybersecurity protocols and policies in place. 9) Build a cybersecurity incident response plan (CIRP) and democratize key information. 10) Partner up with experts to train your employees every month.

slide-5
SLIDE 5

Mike Pape Director of Sales RMM Solutions

20 years of experience in security

  • Application
  • Networking
  • Manufacturing and IoT
slide-6
SLIDE 6

Agenda

What is the Dark Web? 4 ways digital credentials are compromised What attackers can do with this information Real-world examples Layered security approach – steps you can take

slide-7
SLIDE 7

The Dark Web

Not indexed by search engines Accessible through Tor Recent study: 57% of sites host illicit material Commerce is flourishing

  • Bitcoin and the Dark Web
  • Login credentials to a BoA account: $500
  • $3,000 in counterfeit $20 bills for $600
  • Seven prepaid debit cards, each with a $2,500 balance,

for $500

  • Usernames and passwords: sold in bulk
slide-8
SLIDE 8

80% of hacking-related breaches leveraged either stolen passwords and/or weak or guessable passwords 85% of businesses with <1000 employees have been hacked, and most don’t even know 4.2 BILLION email account credentials and 85 MILLION stolen PII records (drivers license, SSN, DOB, etc.) for sale on the Dark Web

Cyber crime is on the rise

slide-9
SLIDE 9

Small business at great risk

“…data stolen from businesses ends up on the dark web where criminals buy and sell it to commit fraud, get fake identity documents, or fund their criminal

  • rganizations.”

“…information available for sale on the dark web is up to 20 times more likely to come from an entity whose breach wasn’t reported in the media. Many of these are smaller retailers, restaurant chains, medical practices, school districts, etc. In fact, most of the breaches the U.S. Secret Service investigates involve small businesses.” Federal Trade Commission, 2017

slide-10
SLIDE 10

1 in 4 Law Firms Breached

slide-11
SLIDE 11

The human factor is key

same e or same e root

  • t passw

sword

slide-12
SLIDE 12
slide-13
SLIDE 13
slide-14
SLIDE 14

Data is Sold at Auction

slide-15
SLIDE 15

Case Study: MyFitnessPal

February 2018: MyFitnessPal breach of 150M users March 25, 2018: Breach discovered by Under Armour March 29, 2018: Under Armour issues privacy statement and information related the breach: usernames, email addresses, and hashed passwords

  • “The company will be requiring MyFitnessPal users to change their passwords and is urging users to

do so immediately.”

February 2019: Data has been packaged up along with stolen credentials from 15 other websites to be sold on the Dark Web

  • The asking price? Less than $20,000 in Bitcoin
slide-16
SLIDE 16

Real World Examples in our Backyard

August July June

slide-17
SLIDE 17

Actionable Intelligence is Key

NIST Guidelines recommend changing passwords only when a compromise occurs. How will you know there is compromise unless a data breach results in theft? Monitoring for compromised credentials on the Dark Web has historically been expensive and complicated. 1. Digital credential information 2. PII breaches 3. Personal email breaches 4. Public IP monitoring

slide-18
SLIDE 18

Cyber Threat Overview Dashboard

slide-19
SLIDE 19

Organizational Compromises

slide-20
SLIDE 20

Contact me after this webinar:

  • 1. Get your free Dark Web scan
  • 2. Get added to my weekly “This Weak in Security” blog
  • 3. Consider a security assessment to improve your layered security approach and

evaluate your overall security posture

We Keep You Out of the Dark Web.

Small Bus Small Business inesses es Need Da Need Dark W k Web Monitoring f b Monitoring for

  • r

Today’s Cybersecurity Risk. Pr Protect y

  • tect your
  • ur busine

business ss and se and secur cure y e your

  • ur ass

assets. ets.

slide-21
SLIDE 21

Ques Questions? tions?

slide-22
SLIDE 22

Thank you!

Mike Pape Mike.pape@rmmsolutions.com 414-908-2203

slide-23
SLIDE 23