enjoy safer technology and defeat cyber criminals
DESCRIPTION
I created "Enjoy Safer Technology and Defeat Cyber Criminals" to present these issues to the general public.TRANSCRIPT
![Page 1: Enjoy Safer Technology and Defeat Cyber Criminals](https://reader035.vdocuments.us/reader035/viewer/2022081414/54b65a044a7959fb188b46d5/html5/thumbnails/1.jpg)
Enjoy Safer Technology and Defeat Cyber Criminals
Stephen Cobb, CISSPSenior Security Researcher, ESET NA
![Page 2: Enjoy Safer Technology and Defeat Cyber Criminals](https://reader035.vdocuments.us/reader035/viewer/2022081414/54b65a044a7959fb188b46d5/html5/thumbnails/2.jpg)
Why do cyber criminals want your digital devices?
![Page 3: Enjoy Safer Technology and Defeat Cyber Criminals](https://reader035.vdocuments.us/reader035/viewer/2022081414/54b65a044a7959fb188b46d5/html5/thumbnails/3.jpg)
36 ways to abuse hacked devices• Spam zombie• DDoS extortion zombie• Click fraud zombie• Anonymization proxy• CAPTCHA solving zombie
• eBay/PayPal fake auctions• Online gaming credentials• Website FTP credentials• Skype/VoIP credentials• Encryption certificates
• Fake antivirus• Ransomware• Email account ransom• Webcam image extortion
• Bank account data• Credit card data• Stock and 401K accounts• Wire transfer data
• Phishing site• Malware download site• Warez piracy server• Child porn server• Spam site
• Harvest email contacts• Harvest associated accounts• Access to corporate email• Webmail spam• Stranded abroad scams
• Facebook• Twitter• LinkedIn • Google+
• Online gaming characters• Online gaming goods/$$$• PC game license keys• OS license key
Based on original work by Brian Krebs: krebsonsecurity.com
Webserver
Botnetactivity
Email attacks
Virtualgoods
Reputationhijacking
Financial credentials
Hostage attacks
Account credentials
![Page 4: Enjoy Safer Technology and Defeat Cyber Criminals](https://reader035.vdocuments.us/reader035/viewer/2022081414/54b65a044a7959fb188b46d5/html5/thumbnails/4.jpg)
IMPACTADVANTAGEMONEY
CREDENTIALS
What’s my motivation?
![Page 5: Enjoy Safer Technology and Defeat Cyber Criminals](https://reader035.vdocuments.us/reader035/viewer/2022081414/54b65a044a7959fb188b46d5/html5/thumbnails/5.jpg)
Verizon 2012 Data Breach Investigations Report
1 to 10
11 to 100
101 to 1,000
1,001 to 10,000
10,001 to 100,000
Over 100,000
0 100 200 300 400 500 600
720 breaches by size of organization (employees)
SMBs
![Page 6: Enjoy Safer Technology and Defeat Cyber Criminals](https://reader035.vdocuments.us/reader035/viewer/2022081414/54b65a044a7959fb188b46d5/html5/thumbnails/6.jpg)
The SMB sweet spot for the cyber-criminally inclined
Assets worthlooting
Level of protection
Big enterprise
SMB “sweet spot”
Consumers
![Page 7: Enjoy Safer Technology and Defeat Cyber Criminals](https://reader035.vdocuments.us/reader035/viewer/2022081414/54b65a044a7959fb188b46d5/html5/thumbnails/7.jpg)
How do they get to your devices?
1. Malware involved in 69% of breaches2. Hacking* used in 81% of breaches3. Deception
Verizon 2012 Data Breach Investigations Report
*80% of hacking is passwords: default, missing, guessed, stolen, cracked
![Page 8: Enjoy Safer Technology and Defeat Cyber Criminals](https://reader035.vdocuments.us/reader035/viewer/2022081414/54b65a044a7959fb188b46d5/html5/thumbnails/8.jpg)
![Page 9: Enjoy Safer Technology and Defeat Cyber Criminals](https://reader035.vdocuments.us/reader035/viewer/2022081414/54b65a044a7959fb188b46d5/html5/thumbnails/9.jpg)
![Page 10: Enjoy Safer Technology and Defeat Cyber Criminals](https://reader035.vdocuments.us/reader035/viewer/2022081414/54b65a044a7959fb188b46d5/html5/thumbnails/10.jpg)
![Page 11: Enjoy Safer Technology and Defeat Cyber Criminals](https://reader035.vdocuments.us/reader035/viewer/2022081414/54b65a044a7959fb188b46d5/html5/thumbnails/11.jpg)
Thriving markets for credentials
![Page 12: Enjoy Safer Technology and Defeat Cyber Criminals](https://reader035.vdocuments.us/reader035/viewer/2022081414/54b65a044a7959fb188b46d5/html5/thumbnails/12.jpg)
![Page 13: Enjoy Safer Technology and Defeat Cyber Criminals](https://reader035.vdocuments.us/reader035/viewer/2022081414/54b65a044a7959fb188b46d5/html5/thumbnails/13.jpg)
![Page 14: Enjoy Safer Technology and Defeat Cyber Criminals](https://reader035.vdocuments.us/reader035/viewer/2022081414/54b65a044a7959fb188b46d5/html5/thumbnails/14.jpg)
All driven by proven business strategies
Specialization Modularity
Division of labor Standards
Markets
![Page 15: Enjoy Safer Technology and Defeat Cyber Criminals](https://reader035.vdocuments.us/reader035/viewer/2022081414/54b65a044a7959fb188b46d5/html5/thumbnails/15.jpg)
Some good news: bad guys get caught
![Page 16: Enjoy Safer Technology and Defeat Cyber Criminals](https://reader035.vdocuments.us/reader035/viewer/2022081414/54b65a044a7959fb188b46d5/html5/thumbnails/16.jpg)
So how do you defend your devices?
Three main attacks …. and defenses
Scanning
Authentication
Malware
Hacking
AwarenessDeception
![Page 17: Enjoy Safer Technology and Defeat Cyber Criminals](https://reader035.vdocuments.us/reader035/viewer/2022081414/54b65a044a7959fb188b46d5/html5/thumbnails/17.jpg)
Scanning requires proper implementation
Scan devices while connected
Scan devices prior to connection
Require AV on mobile devices
0% 5% 10% 15% 20% 25% 30% 35% 40%
Measures in use at a sample of healthcare facilities
Ponemon Institute Third Annual Benchmark Study on Patient Privacy & Data Security
![Page 18: Enjoy Safer Technology and Defeat Cyber Criminals](https://reader035.vdocuments.us/reader035/viewer/2022081414/54b65a044a7959fb188b46d5/html5/thumbnails/18.jpg)
Authentication beyond passwords
Passwords exposed in 2012: 75,000,000Need to add a second factor to authenticationUsed by Facebook, Twitter, Google, SharpMore to come
![Page 19: Enjoy Safer Technology and Defeat Cyber Criminals](https://reader035.vdocuments.us/reader035/viewer/2022081414/54b65a044a7959fb188b46d5/html5/thumbnails/19.jpg)
Awareness: a powerful weapon
• Think before you click/open• If it sounds too good…• Just because your friend said…• Resources:
• Securing Our eCity• We Live Security• Podcasts and webinars• Social Media Scanner
![Page 20: Enjoy Safer Technology and Defeat Cyber Criminals](https://reader035.vdocuments.us/reader035/viewer/2022081414/54b65a044a7959fb188b46d5/html5/thumbnails/20.jpg)
Check your data:
Google yourselfGet your Facebook contentCheck your credit reportwww.annualcreditreport.comwww.aboutthedata.com
![Page 21: Enjoy Safer Technology and Defeat Cyber Criminals](https://reader035.vdocuments.us/reader035/viewer/2022081414/54b65a044a7959fb188b46d5/html5/thumbnails/21.jpg)
Protecting your card accounts
1. • Check accounts for suspicious activity2. • Ask for a new card3. • Check your credit report4. • Set activity alerts on accounts5. • Change card PINs and account passwords6. • Use stronger PINs and passwords7. • Use different PIN/password on each account8. • Password protect phones, tablets, laptops
![Page 22: Enjoy Safer Technology and Defeat Cyber Criminals](https://reader035.vdocuments.us/reader035/viewer/2022081414/54b65a044a7959fb188b46d5/html5/thumbnails/22.jpg)
Securing Our eCity
![Page 23: Enjoy Safer Technology and Defeat Cyber Criminals](https://reader035.vdocuments.us/reader035/viewer/2022081414/54b65a044a7959fb188b46d5/html5/thumbnails/23.jpg)
Security news, how-to, podcasts
![Page 24: Enjoy Safer Technology and Defeat Cyber Criminals](https://reader035.vdocuments.us/reader035/viewer/2022081414/54b65a044a7959fb188b46d5/html5/thumbnails/24.jpg)
Connections
• Securing Our eCity• www.securingourecity.org
• We Live Security• www.welivesecurity.com
• Webinars• www.brighttalk.com/channel/1718
• Social Media Scanner• my.eset.com