leo cyber security · 2017-11-17 · 1 tour of the darknet leo cyber security heath c renfrow,...
TRANSCRIPT
![Page 1: LEO CYBER SECURITY · 2017-11-17 · 1 TOUR OF THE DARKNET LEO CYBER SECURITY Heath C Renfrow, CISO, LEO Cyber Security +1.210.551.1340 heath.renfrow@leocybersecurity.com @LEOCyberSec](https://reader034.vdocuments.us/reader034/viewer/2022042622/5fa21133ced130467371db1d/html5/thumbnails/1.jpg)
www.leocybersecurity.com1
TOUR OF THE DARKNET
LEO CYBER SECURITY
Heath C Renfrow, CISO, LEO Cyber Security
+1.210.551.1340
www.leocybersecurity.com
@LEOCyberSec
![Page 2: LEO CYBER SECURITY · 2017-11-17 · 1 TOUR OF THE DARKNET LEO CYBER SECURITY Heath C Renfrow, CISO, LEO Cyber Security +1.210.551.1340 heath.renfrow@leocybersecurity.com @LEOCyberSec](https://reader034.vdocuments.us/reader034/viewer/2022042622/5fa21133ced130467371db1d/html5/thumbnails/2.jpg)
www.leocybersecurity.com2
Agenda
Darknet basics
What does it cost to get your stuff?
Dangers of Public WiFi
What’s your stuff worth?
![Page 3: LEO CYBER SECURITY · 2017-11-17 · 1 TOUR OF THE DARKNET LEO CYBER SECURITY Heath C Renfrow, CISO, LEO Cyber Security +1.210.551.1340 heath.renfrow@leocybersecurity.com @LEOCyberSec](https://reader034.vdocuments.us/reader034/viewer/2022042622/5fa21133ced130467371db1d/html5/thumbnails/3.jpg)
www.leocybersecurity.com3
The Digital World
![Page 4: LEO CYBER SECURITY · 2017-11-17 · 1 TOUR OF THE DARKNET LEO CYBER SECURITY Heath C Renfrow, CISO, LEO Cyber Security +1.210.551.1340 heath.renfrow@leocybersecurity.com @LEOCyberSec](https://reader034.vdocuments.us/reader034/viewer/2022042622/5fa21133ced130467371db1d/html5/thumbnails/4.jpg)
www.leocybersecurity.com4
Our Disclaimer Slide
![Page 5: LEO CYBER SECURITY · 2017-11-17 · 1 TOUR OF THE DARKNET LEO CYBER SECURITY Heath C Renfrow, CISO, LEO Cyber Security +1.210.551.1340 heath.renfrow@leocybersecurity.com @LEOCyberSec](https://reader034.vdocuments.us/reader034/viewer/2022042622/5fa21133ced130467371db1d/html5/thumbnails/5.jpg)
www.leocybersecurity.com5
•Valuation of company assets•Monitoring of threat vectors•Identifying new targets•Understanding trends•Identifying breaches
Why Do We Care?
![Page 6: LEO CYBER SECURITY · 2017-11-17 · 1 TOUR OF THE DARKNET LEO CYBER SECURITY Heath C Renfrow, CISO, LEO Cyber Security +1.210.551.1340 heath.renfrow@leocybersecurity.com @LEOCyberSec](https://reader034.vdocuments.us/reader034/viewer/2022042622/5fa21133ced130467371db1d/html5/thumbnails/6.jpg)
www.leocybersecurity.com6
•Conventional browsing runs through a number of commercial entities that can monitor activity.•Marketing•Law enforcement•Throttling
How is the Darknet Different?
![Page 7: LEO CYBER SECURITY · 2017-11-17 · 1 TOUR OF THE DARKNET LEO CYBER SECURITY Heath C Renfrow, CISO, LEO Cyber Security +1.210.551.1340 heath.renfrow@leocybersecurity.com @LEOCyberSec](https://reader034.vdocuments.us/reader034/viewer/2022042622/5fa21133ced130467371db1d/html5/thumbnails/7.jpg)
www.leocybersecurity.com7
• Connecting to the Tor network
• How is data hid from the ISP?
How Does the Darknet Work?
![Page 8: LEO CYBER SECURITY · 2017-11-17 · 1 TOUR OF THE DARKNET LEO CYBER SECURITY Heath C Renfrow, CISO, LEO Cyber Security +1.210.551.1340 heath.renfrow@leocybersecurity.com @LEOCyberSec](https://reader034.vdocuments.us/reader034/viewer/2022042622/5fa21133ced130467371db1d/html5/thumbnails/8.jpg)
www.leocybersecurity.com8
•A “candy” store of various goods
•The E-Bay of Darknet•Reviews•Ranking•Customer support•Gurantees
What is a Marketplace?
![Page 9: LEO CYBER SECURITY · 2017-11-17 · 1 TOUR OF THE DARKNET LEO CYBER SECURITY Heath C Renfrow, CISO, LEO Cyber Security +1.210.551.1340 heath.renfrow@leocybersecurity.com @LEOCyberSec](https://reader034.vdocuments.us/reader034/viewer/2022042622/5fa21133ced130467371db1d/html5/thumbnails/9.jpg)
www.leocybersecurity.com9
•Credit cards•Online•Encoded on plastic
•Credentials•Social Security Numbers•Protected Health Information•Credit information•Social engineering information•Social media account
•Trojans•Key logger•Malicious spam•DDOS•Malware installation•WiFi cracker
ValuationValue of your stuff? Price to get your stuff?
![Page 10: LEO CYBER SECURITY · 2017-11-17 · 1 TOUR OF THE DARKNET LEO CYBER SECURITY Heath C Renfrow, CISO, LEO Cyber Security +1.210.551.1340 heath.renfrow@leocybersecurity.com @LEOCyberSec](https://reader034.vdocuments.us/reader034/viewer/2022042622/5fa21133ced130467371db1d/html5/thumbnails/10.jpg)
www.leocybersecurity.com10
What’s it Worth?
![Page 11: LEO CYBER SECURITY · 2017-11-17 · 1 TOUR OF THE DARKNET LEO CYBER SECURITY Heath C Renfrow, CISO, LEO Cyber Security +1.210.551.1340 heath.renfrow@leocybersecurity.com @LEOCyberSec](https://reader034.vdocuments.us/reader034/viewer/2022042622/5fa21133ced130467371db1d/html5/thumbnails/11.jpg)
www.leocybersecurity.com11
Credit Cards
![Page 12: LEO CYBER SECURITY · 2017-11-17 · 1 TOUR OF THE DARKNET LEO CYBER SECURITY Heath C Renfrow, CISO, LEO Cyber Security +1.210.551.1340 heath.renfrow@leocybersecurity.com @LEOCyberSec](https://reader034.vdocuments.us/reader034/viewer/2022042622/5fa21133ced130467371db1d/html5/thumbnails/12.jpg)
www.leocybersecurity.com12
Email/Social Media
![Page 13: LEO CYBER SECURITY · 2017-11-17 · 1 TOUR OF THE DARKNET LEO CYBER SECURITY Heath C Renfrow, CISO, LEO Cyber Security +1.210.551.1340 heath.renfrow@leocybersecurity.com @LEOCyberSec](https://reader034.vdocuments.us/reader034/viewer/2022042622/5fa21133ced130467371db1d/html5/thumbnails/13.jpg)
www.leocybersecurity.com13
ID or Company Badge
![Page 14: LEO CYBER SECURITY · 2017-11-17 · 1 TOUR OF THE DARKNET LEO CYBER SECURITY Heath C Renfrow, CISO, LEO Cyber Security +1.210.551.1340 heath.renfrow@leocybersecurity.com @LEOCyberSec](https://reader034.vdocuments.us/reader034/viewer/2022042622/5fa21133ced130467371db1d/html5/thumbnails/14.jpg)
www.leocybersecurity.com14
Social Security Numbers
![Page 15: LEO CYBER SECURITY · 2017-11-17 · 1 TOUR OF THE DARKNET LEO CYBER SECURITY Heath C Renfrow, CISO, LEO Cyber Security +1.210.551.1340 heath.renfrow@leocybersecurity.com @LEOCyberSec](https://reader034.vdocuments.us/reader034/viewer/2022042622/5fa21133ced130467371db1d/html5/thumbnails/15.jpg)
www.leocybersecurity.com15
Medical Records
![Page 16: LEO CYBER SECURITY · 2017-11-17 · 1 TOUR OF THE DARKNET LEO CYBER SECURITY Heath C Renfrow, CISO, LEO Cyber Security +1.210.551.1340 heath.renfrow@leocybersecurity.com @LEOCyberSec](https://reader034.vdocuments.us/reader034/viewer/2022042622/5fa21133ced130467371db1d/html5/thumbnails/16.jpg)
www.leocybersecurity.com16
Tax Records
![Page 17: LEO CYBER SECURITY · 2017-11-17 · 1 TOUR OF THE DARKNET LEO CYBER SECURITY Heath C Renfrow, CISO, LEO Cyber Security +1.210.551.1340 heath.renfrow@leocybersecurity.com @LEOCyberSec](https://reader034.vdocuments.us/reader034/viewer/2022042622/5fa21133ced130467371db1d/html5/thumbnails/17.jpg)
www.leocybersecurity.com17
Full/Partial Databases
![Page 18: LEO CYBER SECURITY · 2017-11-17 · 1 TOUR OF THE DARKNET LEO CYBER SECURITY Heath C Renfrow, CISO, LEO Cyber Security +1.210.551.1340 heath.renfrow@leocybersecurity.com @LEOCyberSec](https://reader034.vdocuments.us/reader034/viewer/2022042622/5fa21133ced130467371db1d/html5/thumbnails/18.jpg)
www.leocybersecurity.com18
Cost to Attack
![Page 19: LEO CYBER SECURITY · 2017-11-17 · 1 TOUR OF THE DARKNET LEO CYBER SECURITY Heath C Renfrow, CISO, LEO Cyber Security +1.210.551.1340 heath.renfrow@leocybersecurity.com @LEOCyberSec](https://reader034.vdocuments.us/reader034/viewer/2022042622/5fa21133ced130467371db1d/html5/thumbnails/19.jpg)
www.leocybersecurity.com19
ATM Malware
![Page 20: LEO CYBER SECURITY · 2017-11-17 · 1 TOUR OF THE DARKNET LEO CYBER SECURITY Heath C Renfrow, CISO, LEO Cyber Security +1.210.551.1340 heath.renfrow@leocybersecurity.com @LEOCyberSec](https://reader034.vdocuments.us/reader034/viewer/2022042622/5fa21133ced130467371db1d/html5/thumbnails/20.jpg)
www.leocybersecurity.com20
Ransomware
![Page 21: LEO CYBER SECURITY · 2017-11-17 · 1 TOUR OF THE DARKNET LEO CYBER SECURITY Heath C Renfrow, CISO, LEO Cyber Security +1.210.551.1340 heath.renfrow@leocybersecurity.com @LEOCyberSec](https://reader034.vdocuments.us/reader034/viewer/2022042622/5fa21133ced130467371db1d/html5/thumbnails/21.jpg)
www.leocybersecurity.com21
Dangers of Public WiFi
![Page 22: LEO CYBER SECURITY · 2017-11-17 · 1 TOUR OF THE DARKNET LEO CYBER SECURITY Heath C Renfrow, CISO, LEO Cyber Security +1.210.551.1340 heath.renfrow@leocybersecurity.com @LEOCyberSec](https://reader034.vdocuments.us/reader034/viewer/2022042622/5fa21133ced130467371db1d/html5/thumbnails/22.jpg)
www.leocybersecurity.com22
First, the Scary
•Unsecured - No cracking•WEP - < 5 minutes•WPA - < 15 minutes•WPS - < 24 hours Reaver•WPA2 - Depends on length •KRACK - newest discovered vulnerability in WPA2•wpacracker.com•WiFi Pineapple•Rouge AP or EvilTwin Attack•Traffic Eavesdropping•Interception Manipulation
• Captive Portal Phishing for Company Computer Hostnames or Credentials
• Data Leakage over Insecure Protocols
• Leaking Shared Files and Folders on a Public Network
• Client Side attacks can lead to corporate network compromises
• Bluetooth and Ethernet Pivots• Bridging Air Gaps
![Page 23: LEO CYBER SECURITY · 2017-11-17 · 1 TOUR OF THE DARKNET LEO CYBER SECURITY Heath C Renfrow, CISO, LEO Cyber Security +1.210.551.1340 heath.renfrow@leocybersecurity.com @LEOCyberSec](https://reader034.vdocuments.us/reader034/viewer/2022042622/5fa21133ced130467371db1d/html5/thumbnails/23.jpg)
www.leocybersecurity.com23
•[FIPS 140-2]•DoD Directive 8500.0•NIST Standards•Wireless Supplicants•EAP-TLS•VPN for WiFi•No Perfect Forward Secrecy•WIDS/WIPS•Wireless Traffic Monitoring
Second, the RealismRisk Mitigations Strategies
• Asset inventory
• Change default ID and password
• Two Factor Authentication (2FA) when possible, if not a strong password
•15 characters minimum;•At least two number, two letter, and two capital letter; and•If allowed, at least two punctuation character.
• Practice a regular timely patch schedule and/or enable automatic updates
• Disable unnecessary remote administration and features (MANAGE).
• Do not allow unfiltered access to the device from the Internet.
• Do not enable universal plug and play on IoT devices.
• Use secure protocols where possible, like HTTPS and SSH for device communications.
• Include IoT devices in regular vulnerability management programs
![Page 24: LEO CYBER SECURITY · 2017-11-17 · 1 TOUR OF THE DARKNET LEO CYBER SECURITY Heath C Renfrow, CISO, LEO Cyber Security +1.210.551.1340 heath.renfrow@leocybersecurity.com @LEOCyberSec](https://reader034.vdocuments.us/reader034/viewer/2022042622/5fa21133ced130467371db1d/html5/thumbnails/24.jpg)
www.leocybersecurity.com24
Thank You
Questions?
www.leocybersecurity.com LEO Cyber Security
2000 McKinney Avenue, Suite 2125,
Dallas, TX 75201
+1.469.844.3608
www.leocybersecurity.com
Heath Renfow, CISO
LEO Cyber Security
+1 210 551 1340