![Page 1: Adform - Tech Days'16- Beyond The Security Rainbow](https://reader035.vdocuments.us/reader035/viewer/2022070520/58f18a9d1a28ab6e398b4587/html5/thumbnails/1.jpg)
BEYOND THE SECURITY RAINBOWAndrius Januta, IT Security Analyst & Penetration Tester
2016-06-01
![Page 2: Adform - Tech Days'16- Beyond The Security Rainbow](https://reader035.vdocuments.us/reader035/viewer/2022070520/58f18a9d1a28ab6e398b4587/html5/thumbnails/2.jpg)
AGENDA
WhoamiLegacyWarningWe’ll start with something darkand end up with a light touch
![Page 3: Adform - Tech Days'16- Beyond The Security Rainbow](https://reader035.vdocuments.us/reader035/viewer/2022070520/58f18a9d1a28ab6e398b4587/html5/thumbnails/3.jpg)
:~ $ WHOAMI?
Andrius JanutaSecurity UnitIT Security Analyst & Penetration Tester
![Page 4: Adform - Tech Days'16- Beyond The Security Rainbow](https://reader035.vdocuments.us/reader035/viewer/2022070520/58f18a9d1a28ab6e398b4587/html5/thumbnails/4.jpg)
WARNING*TO PEOPLE WITH FEAR OF COLORS OR WITH PARANOIA*
![Page 5: Adform - Tech Days'16- Beyond The Security Rainbow](https://reader035.vdocuments.us/reader035/viewer/2022070520/58f18a9d1a28ab6e398b4587/html5/thumbnails/5.jpg)
rainbow
![Page 6: Adform - Tech Days'16- Beyond The Security Rainbow](https://reader035.vdocuments.us/reader035/viewer/2022070520/58f18a9d1a28ab6e398b4587/html5/thumbnails/6.jpg)
RAINBOW-HAT-O-METER
$cr1pt K1dd13s
Cyber Terrorists
State Sponsored Hackers
Suicide Hackers
Blue HatHacktivist
![Page 7: Adform - Tech Days'16- Beyond The Security Rainbow](https://reader035.vdocuments.us/reader035/viewer/2022070520/58f18a9d1a28ab6e398b4587/html5/thumbnails/7.jpg)
DARK SIDE
Lets take a walk…
![Page 8: Adform - Tech Days'16- Beyond The Security Rainbow](https://reader035.vdocuments.us/reader035/viewer/2022070520/58f18a9d1a28ab6e398b4587/html5/thumbnails/8.jpg)
WHERE SHALL I SHOP TODAY?
/r/darknetmarkets/Google, bing, Yandex etc.
Grams – the Deepwebs search engine for drugsCloudnine - Doxing siteWeBuyBitcoins – Exchanging Bitcoin for cash or electronic payments…
![Page 9: Adform - Tech Days'16- Beyond The Security Rainbow](https://reader035.vdocuments.us/reader035/viewer/2022070520/58f18a9d1a28ab6e398b4587/html5/thumbnails/9.jpg)
À LA CARTE
Source:http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-the-chinese-underground-in-2013.pdfhttp://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-the-chinese-underground-in-2013.pdf
![Page 10: Adform - Tech Days'16- Beyond The Security Rainbow](https://reader035.vdocuments.us/reader035/viewer/2022070520/58f18a9d1a28ab6e398b4587/html5/thumbnails/10.jpg)
I LIKE 3.14’S
The Internet
Deep Web
Dark Web
![Page 11: Adform - Tech Days'16- Beyond The Security Rainbow](https://reader035.vdocuments.us/reader035/viewer/2022070520/58f18a9d1a28ab6e398b4587/html5/thumbnails/11.jpg)
FRESH OR EXPIRED?
![Page 12: Adform - Tech Days'16- Beyond The Security Rainbow](https://reader035.vdocuments.us/reader035/viewer/2022070520/58f18a9d1a28ab6e398b4587/html5/thumbnails/12.jpg)
PLEASE BUYA
![Page 13: Adform - Tech Days'16- Beyond The Security Rainbow](https://reader035.vdocuments.us/reader035/viewer/2022070520/58f18a9d1a28ab6e398b4587/html5/thumbnails/13.jpg)
I HEARD YOU’RE LOOKING FOR A JOB
![Page 14: Adform - Tech Days'16- Beyond The Security Rainbow](https://reader035.vdocuments.us/reader035/viewer/2022070520/58f18a9d1a28ab6e398b4587/html5/thumbnails/14.jpg)
DELICIOUS MENU
![Page 15: Adform - Tech Days'16- Beyond The Security Rainbow](https://reader035.vdocuments.us/reader035/viewer/2022070520/58f18a9d1a28ab6e398b4587/html5/thumbnails/15.jpg)
ILLICIT CONTENT ON THE TOR DARKNET
Source: http://www.tandfonline.com/doi/full/10.1080/00396338.2016.1142085
![Page 16: Adform - Tech Days'16- Beyond The Security Rainbow](https://reader035.vdocuments.us/reader035/viewer/2022070520/58f18a9d1a28ab6e398b4587/html5/thumbnails/16.jpg)
The Undergroundfor the Underground
Source: http://fossbytes.com/welcome-to-the-darknet-the-underground-for-the-underground/
![Page 17: Adform - Tech Days'16- Beyond The Security Rainbow](https://reader035.vdocuments.us/reader035/viewer/2022070520/58f18a9d1a28ab6e398b4587/html5/thumbnails/17.jpg)
SEE IT IN ACTION
http://www.digitalattackmap.com/#
anim=1&color=3&country=SA&list=0&time=16866&view=
map
https://cybermap.kaspersky.com/
http://map.norsecorp.com/#/
![Page 18: Adform - Tech Days'16- Beyond The Security Rainbow](https://reader035.vdocuments.us/reader035/viewer/2022070520/58f18a9d1a28ab6e398b4587/html5/thumbnails/18.jpg)
LIGHT SIDE*SORT OF…*
![Page 19: Adform - Tech Days'16- Beyond The Security Rainbow](https://reader035.vdocuments.us/reader035/viewer/2022070520/58f18a9d1a28ab6e398b4587/html5/thumbnails/19.jpg)
LET ME REWIND A BIT
Project Strongbox https://projects.newyorker.com/strongbox/The Associated Whistleblowing Press (AWP) https://awp.is/DuckDuckGo https://duckduckgo.com/Sci-Hub http://sci-hub.ac/
![Page 20: Adform - Tech Days'16- Beyond The Security Rainbow](https://reader035.vdocuments.us/reader035/viewer/2022070520/58f18a9d1a28ab6e398b4587/html5/thumbnails/20.jpg)
And Let’s start with this
https://youtu.be/bjYhmX_OUQQ?t=4m45s
![Page 21: Adform - Tech Days'16- Beyond The Security Rainbow](https://reader035.vdocuments.us/reader035/viewer/2022070520/58f18a9d1a28ab6e398b4587/html5/thumbnails/21.jpg)
LET THAT SINK IN…
do you worry about trained martial artists
(OR angry guy wearing tracksuit) beating you up on the street?
![Page 22: Adform - Tech Days'16- Beyond The Security Rainbow](https://reader035.vdocuments.us/reader035/viewer/2022070520/58f18a9d1a28ab6e398b4587/html5/thumbnails/22.jpg)
![Page 23: Adform - Tech Days'16- Beyond The Security Rainbow](https://reader035.vdocuments.us/reader035/viewer/2022070520/58f18a9d1a28ab6e398b4587/html5/thumbnails/23.jpg)
While people can—and should—take basic steps to protect their digital security, most people probably
shouldn’t worry about being subjected to certain hacks
![Page 24: Adform - Tech Days'16- Beyond The Security Rainbow](https://reader035.vdocuments.us/reader035/viewer/2022070520/58f18a9d1a28ab6e398b4587/html5/thumbnails/24.jpg)
WHITE HAT HACKER
Who is the white hat hacker?
White Hat Hackers are those that are legal?
Sometimes, the law is wrong & must be broken
![Page 25: Adform - Tech Days'16- Beyond The Security Rainbow](https://reader035.vdocuments.us/reader035/viewer/2022070520/58f18a9d1a28ab6e398b4587/html5/thumbnails/25.jpg)
LEGENDARY QUOTE
the only thing that can stop a bad hacker with a script is a good hacker with a script.
![Page 26: Adform - Tech Days'16- Beyond The Security Rainbow](https://reader035.vdocuments.us/reader035/viewer/2022070520/58f18a9d1a28ab6e398b4587/html5/thumbnails/26.jpg)
Cyber attacks are listed first among global threatssuch as terrorism and weapons of mass destruction
““
Source: https://www.dni.gov/files/documents/Unclassified_2015_ATA_SFR_-_SASC_FINAL.pdf
![Page 27: Adform - Tech Days'16- Beyond The Security Rainbow](https://reader035.vdocuments.us/reader035/viewer/2022070520/58f18a9d1a28ab6e398b4587/html5/thumbnails/27.jpg)
PHASES OF HACKING
Phase 1 – ReconnaissancePhase 2 – ScanningPhase 3 – Gaining AccessPhase 4 – Marinating AccessPhase 5 – Covering Tracks
![Page 28: Adform - Tech Days'16- Beyond The Security Rainbow](https://reader035.vdocuments.us/reader035/viewer/2022070520/58f18a9d1a28ab6e398b4587/html5/thumbnails/28.jpg)
ATTACK SURFACE
Source: https://twitter.com/JohnLaTwC/status/701530986564046848
![Page 29: Adform - Tech Days'16- Beyond The Security Rainbow](https://reader035.vdocuments.us/reader035/viewer/2022070520/58f18a9d1a28ab6e398b4587/html5/thumbnails/29.jpg)
SECURITY LAYERS
Good, we are secure now
![Page 30: Adform - Tech Days'16- Beyond The Security Rainbow](https://reader035.vdocuments.us/reader035/viewer/2022070520/58f18a9d1a28ab6e398b4587/html5/thumbnails/30.jpg)
BE SAFE!
![Page 31: Adform - Tech Days'16- Beyond The Security Rainbow](https://reader035.vdocuments.us/reader035/viewer/2022070520/58f18a9d1a28ab6e398b4587/html5/thumbnails/31.jpg)
@adforminsider
andrius.janutasecurity @adform.com