Professional Documents
Culture Documents
Chase Cunningham
Chief of Cyber Analytics
Social Engineering Trickery or deception for the purpose of information gathering, fraud, or computer system access.
Social Engineering
Accepting LinkedIn invite with bogus HTML tag
From: "Ian Rainey" <xeniatw46@linkedin.com> Subject: [dm] LinkedIn Notification Date: May 14, 2012 12:42:31 PM EDT To: icannalerts@daqus.com LinkedIn REMINDERS Invitation notifications: From Colton Alston (Your co-worker) PENDING MESSAGES There are a total of 3 messages awaiting your response. Visit your InBox now. Don't want to receive email notifications? Adjust your message settings. LinkedIn values your privacy. At no time has LinkedIn made your email address available to any other LinkedIn user without your permission. ) 2010, LinkedIn Corporation.
Social Engineering
Dumpster Diving
Social Engineering
Acting like a superior on the phone
Social Engineering
Phishing: Acquiring information such as usernames, passwords, SSN, accounts, by masquerading as a trustworthy entity.
Hello Dear , I am Miss Gloria Uzoka. A computer scientist with central bank of Nigeria. I am 26 years old, just started work with C.B.N. I came across your file which was marked X and your released disk painted RED, I took time to study it and found out that you have paid VIRTUALLY all fees and certificate but the fund has not been release to you
Social Engineering
Spearphishing A form of phishing targeting specific users. Trojans Sneak in under the networks security posture.
Malware/Exploit Software that is written to cause harm, damage, or covert action against a network by exploiting the algorithms and operations of the system itself.
Malware/Exploit
Zero-day: An exploit for a vulnerability for which there is no remedy either due to its new discovery of lack of industry understanding.
Zero-day
Malware/Exploit
Worm: Program designed to replicate and crawl through the network.
Malware/Exploit
DNS Cache Poisoning: Changing a servers Domain Name System (DNS) settings which leads to an exploited page or compromise.
Malware/Exploit
Botnet: Group of host computers used as zombies to accomplish any action.
Insider Threats
Internal spy sending out company secrets to competitors, nation states, criminals. Former employees hacking and selling information. Hactivism. Good employees making errors.
Defend
Firewall: A device or software that blocks internet connections based on a set of rules.
Firewalls a device (hardware or software) that blocks connections per a set
Defend
Darknet: Routed, allocated IP space in which no active services or servers reside.
Defend
Honey Pot: A system or data that appears to be part of a network, but is isolated and monitored. Often appears to contain information or a resource of value to attackers.
Defend
Access Control: Allowing or denying modification of items based on a set of rules. External Security: Anything else used to defend or protect the network via outside agents.
Defeat
1. 2. 3. 4. 5. Identify activity outside baseline norms Isolate the action/program Quarantine Remove & Destroy (Hack Back?) Research the intrusion and its origin. Where the traffic was being directed? 6. Set up future defense 7. Train users or victims (if applicable)
IM NOT A REPORTER
Closing Thoughts
Espionage anyone?
Look Familiar?
Understanding the Invisible Internet Cyber Threats Simplified CHASE CUNNINGHAM CHIEF OF CYBER ANALYTICS DECISIVE ANALYTICS CORPORATION (703) 682-0620 CHASE.CUNNINGHAM@DAC.US