SlideShare a Scribd company logo

FTP Data Breach Incident Response - Eric Vanderburg

Download as PPT, PDF
Eric Vanderburg
Eric Vanderburg

FTP Data Breach Incident Response - Eric Vanderburg

Technology
1 of 7
FTP Data Breach Incident Response Eric Vanderburg June 19, 2008
Scenario • Private confidential data on an FTP server is accessed by an unauthorized individual • Incident: YES • Issues – Potential privacy notification is needed – More data could be viewed or stolen so the incident needs to be contained – Data needs to be replaced
Detection and Analysis • • • Determine access method – Stolen or sniffed password – Exploit in system Determine the scope of the incident – Find out if the incident has happened before an never discovered. – Find out which data was accessed and which stakeholders/clients are impacted by the disclosure Determine if the data obtained is in a form that would disclose private data, can be converted into a form that would disclose private data, or can be combined with data from another incident to disclose private data.
Containment Strategies • • • • • • Block IP or IP subnet from the firewall Shutdown FTP Change FTP passwords Move FTP to another server Change FTP ports Contact source and try to stop the distribution or use of the information
Recovery • Restore data from backup • Request that the client resend the data
Post-incident Activities • Attendees: – Management • CEO / Senior Partner • COO • Network Operations Manager • Litigation Support Manager – Public Relations Analyst – Sales Manager (Facilitator) – IT Staff • Senior Network Engineer • Network Engineer • Exchange Administrator • Network Analyst
Preventing Future Occurrences • • • • • Set timeout on FTP site Set alerts on FTP events Encrypt username and password or require VPN for FTP Set FTP server to only respond to specific IP addresses Configure Firewall rules for FTP ports to only allow traffic from specific pre-approved IP addresses or subnets.

Recommended

Incident response table top exercises
Incident response table top exercisesIncident response table top exercises
Incident response table top exercises
Eric Vanderburg
 
QA Fest 2017. Per Thorsheim.GDPR - An overview and its relevance for QA
QA Fest 2017. Per Thorsheim.GDPR - An overview and its relevance for QAQA Fest 2017. Per Thorsheim.GDPR - An overview and its relevance for QA
QA Fest 2017. Per Thorsheim.GDPR - An overview and its relevance for QA
QAFest
 
Basic principles to information privacy in data mining & data warehouse
Basic principles to information privacy in data mining & data warehouseBasic principles to information privacy in data mining & data warehouse
Basic principles to information privacy in data mining & data warehouse
Puja Dhakal
 
C. Gibbs MHA 690 week 1 discussion 2
C. Gibbs MHA 690 week 1 discussion 2C. Gibbs MHA 690 week 1 discussion 2
C. Gibbs MHA 690 week 1 discussion 2
CGibbs3121
 
Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgCorrect the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric Vanderburg
Eric Vanderburg
 
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgCountering malware threats - Eric Vanderburg
Countering malware threats - Eric Vanderburg
Eric Vanderburg
 
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemThe Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
Eric Vanderburg
 
Deconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgDeconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric Vanderburg
Eric Vanderburg
 

Recommended

Incident response table top exercises
Incident response table top exercisesIncident response table top exercises
Incident response table top exercises
Eric Vanderburg
 
QA Fest 2017. Per Thorsheim.GDPR - An overview and its relevance for QA
QA Fest 2017. Per Thorsheim.GDPR - An overview and its relevance for QAQA Fest 2017. Per Thorsheim.GDPR - An overview and its relevance for QA
QA Fest 2017. Per Thorsheim.GDPR - An overview and its relevance for QA
QAFest
 
Basic principles to information privacy in data mining & data warehouse
Basic principles to information privacy in data mining & data warehouseBasic principles to information privacy in data mining & data warehouse
Basic principles to information privacy in data mining & data warehouse
Puja Dhakal
 
C. Gibbs MHA 690 week 1 discussion 2
C. Gibbs MHA 690 week 1 discussion 2C. Gibbs MHA 690 week 1 discussion 2
C. Gibbs MHA 690 week 1 discussion 2
CGibbs3121
 
Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgCorrect the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric Vanderburg
Eric Vanderburg
 
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgCountering malware threats - Eric Vanderburg
Countering malware threats - Eric Vanderburg
Eric Vanderburg
 
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemThe Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
Eric Vanderburg
 
Deconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgDeconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric Vanderburg
Eric Vanderburg
 
Privacy: The New Software Development Dilemma
Privacy: The New Software Development DilemmaPrivacy: The New Software Development Dilemma
Privacy: The New Software Development Dilemma
Security Innovation
 
Learning about Security and Compliance in Office 365
Learning about Security and Compliance in Office 365Learning about Security and Compliance in Office 365
Learning about Security and Compliance in Office 365
Aptera Inc
 
Cyber Security - ASGFOA
Cyber Security - ASGFOACyber Security - ASGFOA
Cyber Security - ASGFOA
Peter Henley
 
Introduction to data protection
Introduction to data protectionIntroduction to data protection
Introduction to data protection
Rachel Aldighieri
 
Cyber security
Cyber securityCyber security
Cyber security
Peter Henley
 
Lecture Data Classification And Data Loss Prevention
Lecture Data Classification And Data Loss PreventionLecture Data Classification And Data Loss Prevention
Lecture Data Classification And Data Loss Prevention
Nicholas Davis
 
Data Classification And Loss Prevention
Data Classification And Loss PreventionData Classification And Loss Prevention
Data Classification And Loss Prevention
Nicholas Davis
 
Lecture data classification_and_data_loss_prevention
Lecture data classification_and_data_loss_preventionLecture data classification_and_data_loss_prevention
Lecture data classification_and_data_loss_prevention
Nicholas Davis
 
Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5
sabtolinux
 
Database monitoring - First and Last Line of Defense
Database monitoring - First and Last Line of Defense Database monitoring - First and Last Line of Defense
Database monitoring - First and Last Line of Defense
Imperva
 
CF.ppt
CF.pptCF.ppt
CF.ppt
KhusThakkar
 
CISSP - Chapter 2 - Asset Security
CISSP - Chapter 2 - Asset SecurityCISSP - Chapter 2 - Asset Security
CISSP - Chapter 2 - Asset Security
Karthikeyan Dhayalan
 
CNIT 152: 6 Scoping & 7 Live Data Collection
CNIT 152: 6 Scoping & 7 Live Data CollectionCNIT 152: 6 Scoping & 7 Live Data Collection
CNIT 152: 6 Scoping & 7 Live Data Collection
Sam Bowne
 
Legal and data protection update
Legal and data protection updateLegal and data protection update
Legal and data protection update
Rachel Aldighieri
 
Hiperstation Application Audit: Privileged User or Insider Risk
Hiperstation Application Audit: Privileged User or Insider RiskHiperstation Application Audit: Privileged User or Insider Risk
Hiperstation Application Audit: Privileged User or Insider Risk
Compuware
 
An introduction to data protection - Edinburgh
An introduction to data protection - EdinburghAn introduction to data protection - Edinburgh
An introduction to data protection - Edinburgh
Rachel Aldighieri
 
Data Privatisation, Data Anonymisation, Data Pseudonymisation and Differentia...
Data Privatisation, Data Anonymisation, Data Pseudonymisation and Differentia...Data Privatisation, Data Anonymisation, Data Pseudonymisation and Differentia...
Data Privatisation, Data Anonymisation, Data Pseudonymisation and Differentia...
Alan McSweeney
 
Computer Forensic
Computer ForensicComputer Forensic
Computer Forensic
Tawhidur Rahman
 
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf
Gnanavi2
 
CNIT 121: 6 Discovering the Scope of the Incident & 7 Live Data Collection
CNIT 121: 6 Discovering the Scope of the Incident & 7 Live Data CollectionCNIT 121: 6 Discovering the Scope of the Incident & 7 Live Data Collection
CNIT 121: 6 Discovering the Scope of the Incident & 7 Live Data Collection
Sam Bowne
 
GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT Symposium
Eric Vanderburg
 
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveModern Security the way Equifax Should Have
Modern Security the way Equifax Should Have
Eric Vanderburg
 

More Related Content

Similar to FTP Data Breach Incident Response - Eric Vanderburg

Lecture Data Classification And Data Loss Prevention
Lecture Data Classification And Data Loss PreventionLecture Data Classification And Data Loss Prevention
Lecture Data Classification And Data Loss Prevention
Nicholas Davis
 
Data Classification And Loss Prevention
Data Classification And Loss PreventionData Classification And Loss Prevention
Data Classification And Loss Prevention
Nicholas Davis
 
Lecture data classification_and_data_loss_prevention
Lecture data classification_and_data_loss_preventionLecture data classification_and_data_loss_prevention
Lecture data classification_and_data_loss_prevention
Nicholas Davis
 
Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5
sabtolinux
 
Hiperstation Application Audit: Privileged User or Insider Risk
Hiperstation Application Audit: Privileged User or Insider RiskHiperstation Application Audit: Privileged User or Insider Risk
Hiperstation Application Audit: Privileged User or Insider Risk
Compuware
 
Data Privatisation, Data Anonymisation, Data Pseudonymisation and Differentia...
Data Privatisation, Data Anonymisation, Data Pseudonymisation and Differentia...Data Privatisation, Data Anonymisation, Data Pseudonymisation and Differentia...
Data Privatisation, Data Anonymisation, Data Pseudonymisation and Differentia...
Alan McSweeney
 
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf
Gnanavi2
 

Similar to FTP Data Breach Incident Response - Eric Vanderburg (20)

Privacy: The New Software Development Dilemma
Privacy: The New Software Development DilemmaPrivacy: The New Software Development Dilemma
Privacy: The New Software Development Dilemma
 
Learning about Security and Compliance in Office 365
Learning about Security and Compliance in Office 365Learning about Security and Compliance in Office 365
Learning about Security and Compliance in Office 365
 
Cyber Security - ASGFOA
Cyber Security - ASGFOACyber Security - ASGFOA
Cyber Security - ASGFOA
 
Introduction to data protection
Introduction to data protectionIntroduction to data protection
Introduction to data protection
 
Cyber security
Cyber securityCyber security
Cyber security
 
Lecture Data Classification And Data Loss Prevention
Lecture Data Classification And Data Loss PreventionLecture Data Classification And Data Loss Prevention
Lecture Data Classification And Data Loss Prevention
 
Data Classification And Loss Prevention
Data Classification And Loss PreventionData Classification And Loss Prevention
Data Classification And Loss Prevention
 
Lecture data classification_and_data_loss_prevention
Lecture data classification_and_data_loss_preventionLecture data classification_and_data_loss_prevention
Lecture data classification_and_data_loss_prevention
 
Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5
 
Database monitoring - First and Last Line of Defense
Database monitoring - First and Last Line of Defense Database monitoring - First and Last Line of Defense
Database monitoring - First and Last Line of Defense
 
CF.ppt
CF.pptCF.ppt
CF.ppt
 
CISSP - Chapter 2 - Asset Security
CISSP - Chapter 2 - Asset SecurityCISSP - Chapter 2 - Asset Security
CISSP - Chapter 2 - Asset Security
 
CNIT 152: 6 Scoping & 7 Live Data Collection
CNIT 152: 6 Scoping & 7 Live Data CollectionCNIT 152: 6 Scoping & 7 Live Data Collection
CNIT 152: 6 Scoping & 7 Live Data Collection
 
Legal and data protection update
Legal and data protection updateLegal and data protection update
Legal and data protection update
 
Hiperstation Application Audit: Privileged User or Insider Risk
Hiperstation Application Audit: Privileged User or Insider RiskHiperstation Application Audit: Privileged User or Insider Risk
Hiperstation Application Audit: Privileged User or Insider Risk
 
An introduction to data protection - Edinburgh
An introduction to data protection - EdinburghAn introduction to data protection - Edinburgh
An introduction to data protection - Edinburgh
 
Data Privatisation, Data Anonymisation, Data Pseudonymisation and Differentia...
Data Privatisation, Data Anonymisation, Data Pseudonymisation and Differentia...Data Privatisation, Data Anonymisation, Data Pseudonymisation and Differentia...
Data Privatisation, Data Anonymisation, Data Pseudonymisation and Differentia...
 
Computer Forensic
Computer ForensicComputer Forensic
Computer Forensic
 
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf
644205e3-8f85-43da-95ac-e4cbb6a7a406-150917105917-lva1-app6892.pdf
 
CNIT 121: 6 Discovering the Scope of the Incident & 7 Live Data Collection
CNIT 121: 6 Discovering the Scope of the Incident & 7 Live Data CollectionCNIT 121: 6 Discovering the Scope of the Incident & 7 Live Data Collection
CNIT 121: 6 Discovering the Scope of the Incident & 7 Live Data Collection
 

More from Eric Vanderburg

More from Eric Vanderburg (20)

GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT Symposium
 
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveModern Security the way Equifax Should Have
Modern Security the way Equifax Should Have
 
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgCybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
 
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
 
Mobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityMobile Forensics and Cybersecurity
Mobile Forensics and Cybersecurity
 
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
 
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatRansomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware Threat
 
Emerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEmerging Technologies: Japan’s Position
Emerging Technologies: Japan’s Position
 
Principles of technology management
Principles of technology managementPrinciples of technology management
Principles of technology management
 
Japanese railway technology
Japanese railway technologyJapanese railway technology
Japanese railway technology
 
Evaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEvaluating japanese technological competitiveness
Evaluating japanese technological competitiveness
 
Japanese current and future technology management challenges
Japanese current and future technology management challengesJapanese current and future technology management challenges
Japanese current and future technology management challenges
 
Technology management in Japan: Robotics
Technology management in Japan: RoboticsTechnology management in Japan: Robotics
Technology management in Japan: Robotics
 
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance Challenges
 
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsHacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and Threats
 
Preventing Fraud from Top to Bottom - Vanderburg, Gaddamanugu - Information S...
Preventing Fraud from Top to Bottom - Vanderburg, Gaddamanugu - Information S...Preventing Fraud from Top to Bottom - Vanderburg, Gaddamanugu - Information S...
Preventing Fraud from Top to Bottom - Vanderburg, Gaddamanugu - Information S...
 
Untangled Conference - November 8, 2014 - Security Awareness
Untangled Conference - November 8, 2014 - Security AwarenessUntangled Conference - November 8, 2014 - Security Awareness
Untangled Conference - November 8, 2014 - Security Awareness
 
Physical security primer - JURINNOV - Eric Vanderburg
Physical security primer - JURINNOV - Eric VanderburgPhysical security primer - JURINNOV - Eric Vanderburg
Physical security primer - JURINNOV - Eric Vanderburg
 
Security Governance Primer - Eric Vanderburg - JURINNOV
Security Governance Primer - Eric Vanderburg - JURINNOVSecurity Governance Primer - Eric Vanderburg - JURINNOV
Security Governance Primer - Eric Vanderburg - JURINNOV
 
A Guide to Secure Remote Access - Eric Vanderburg
A Guide to Secure Remote Access - Eric VanderburgA Guide to Secure Remote Access - Eric Vanderburg
A Guide to Secure Remote Access - Eric Vanderburg
 

Recently uploaded

Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 

Recently uploaded (20)

Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 

FTP Data Breach Incident Response - Eric Vanderburg

  • 1. FTP Data Breach Incident Response Eric Vanderburg June 19, 2008
  • 2. Scenario • Private confidential data on an FTP server is accessed by an unauthorized individual • Incident: YES • Issues – Potential privacy notification is needed – More data could be viewed or stolen so the incident needs to be contained – Data needs to be replaced
  • 3. Detection and Analysis • • • Determine access method – Stolen or sniffed password – Exploit in system Determine the scope of the incident – Find out if the incident has happened before an never discovered. – Find out which data was accessed and which stakeholders/clients are impacted by the disclosure Determine if the data obtained is in a form that would disclose private data, can be converted into a form that would disclose private data, or can be combined with data from another incident to disclose private data.
  • 4. Containment Strategies • • • • • • Block IP or IP subnet from the firewall Shutdown FTP Change FTP passwords Move FTP to another server Change FTP ports Contact source and try to stop the distribution or use of the information
  • 5. Recovery • Restore data from backup • Request that the client resend the data
  • 6. Post-incident Activities • Attendees: – Management • CEO / Senior Partner • COO • Network Operations Manager • Litigation Support Manager – Public Relations Analyst – Sales Manager (Facilitator) – IT Staff • Senior Network Engineer • Network Engineer • Exchange Administrator • Network Analyst
  • 7. Preventing Future Occurrences • • • • • Set timeout on FTP site Set alerts on FTP events Encrypt username and password or require VPN for FTP Set FTP server to only respond to specific IP addresses Configure Firewall rules for FTP ports to only allow traffic from specific pre-approved IP addresses or subnets.