SlideShare una empresa de Scribd logo

How to Keep Hackers Out of Your Organisation

IBM Danmark
IBM Danmark

v/ Martin Overton, Ethical Hacker, IBM Security Services

Tecnología
1 de 35
Descargar para leer sin conexión
1 Keeping Hackers Out of Your Organisation…. By Being Hacked! Martin Overton, EMEA ERS Lead and Senior Security Consultant, Cyber Security Intelligence and Response Team (CSIRT)
2 Agenda Threatscape Real World “Hacking” Examples and Customer Stories: – Networks – End-Points – Web Applications – The Human Solutions Questions?
3 Number of vulnerabilities increase radically with emergence of new business models and technologies. Mobility Employees, customers, contractors, outsourcers Bring your own IT Social business Cloud and virtualization 1 trillion connected objects (cars, appliances, cameras) 30 billion RFID1 tags (products, passports, buildings and animals) 1 billion workers will be remote or mobile 1 billion mobile Internet users 30 percent growth of 3G devices33 percent of all new business software spending will be Software as a Service Source: IBM X-Force® Trend Report, 2011 Exponentially growing and interconnected digital universe Adopting new business models and embracing new technologies
4 Motivation and Sophistication is Evolving Rapidly Attackers have more resources Off-the-shelf tools are available for sale They will keep trying until they get in
5 The new security landscape Sophisticated attackers are a primary concern Threat Profile Type Share of Incidents Attack Type Advanced threat / mercenary National governments Terrorist cells Crime Cartels 23% Espionage Intellectual property theft Systems disruption Financial Crime Malicious Insiders Employees Contractors Outsourcers 15% Financial Crime Intellectual Property Theft Unauthorized Access/ Hacktivist Social Activists 7% Systems disruption Web defacement Information Disclosure Opportunist Worm and virus writers “Script Kiddies” 49% Malware propagation Unauthorized Access Web defacement PotentialImpact Source: Government Accountability Office, Department of Homeland Security's Role in Critical Infrastructure Protection Cybersecurity, GAO-05-434; IBM CyberSecurity Intelligence & Response Team, September 2012
6 2,641,350 The Average Company Faces Per Week Security Attacks 1. Health & Social Services 2. Transportation 3. Hospitality 4. Finance & Insurance 5. Manufacturing 6. Real Estate 7. Mining, Oil & Gas Top 7 Most ATTACKED Industries 62Security Incidents The Average Company Experiences Per Week 1. End user didn’t think before clicking 2. Weak password / default password in use 3. Insecure configuration 4. Use of legacy hardware or software 5. Lack of basic network security protection or segmentation Top 5 reasons WHY attacks were possible Did you know... Malicious Code Sustained Probe or Scan Unauthorized Access Low-and-Slow Attack Access/Credentials Abuse Denial of Service What IBM Sees Categories of Attack
7 1. Double-clicking “on anything” 2. Disabling endpoint security settings 3. Using vulnerable, legacy software and hardware 4. Failing to install security patches 5. Failing to install anti-virus 6. Failing to report lost/stolen device 7. Connecting endpoint to a network from an insecure access point (i.e., Starbucks) 8. Using a second access point (i.e., AirCard) creating a bypass 9. Using weak/default passwords and/or using business passwords for personal use 10. Giving passwords over the phone Top Reasons WHY Compromises Occur end users/endpoints 1. Connecting systems/virtual images to the Internet before hardening them 2. Connecting test systems to the Internet with default accounts/passwords 3. Failing to update or patch systems/applications on a timely basis. 4. Failing to implement or update virus detection software 5. Using legacy/EOLed software and hardware 6. Running unnecessary services 7. Using insecure back end management software 8. Failing to remove old or unused accounts end user accounts. 9. Implementing firewalls with rules that don't stop malicious or dangerous traffic-incoming or outgoing. 10. Failing to segment network and/or adequately monitor/block malicious traffic with IDS/IPS infrastructure 80-90% of all security incidents can be easily avoided!
8 Screenshots from REAL Hacks, Customer Stories and a Video…
9 Network Hacked Step 1! Initial compromise was via a default Apache Tomcat manager user id and password…
10 Network Hacked Step 2! We then uploaded a special WAR file to allow us to gain a remote shell access….
11 Network Hacked Step 3! Using this we dumped password hashes from the system and created a user account which we then added to the local Administrator group….
12 Network Hacked Step 4! Then we could login using Microsoft Terminal Server Client…
13 Network Hacked Step 5! Which we then cracked to find the passwords… Including the Administrator! This same technique was used on another server
14 Network Hacked Final Step!
15 What Does The Previous Slide Mean? It means we have Domain Admin on the network. This means we now can access ANY system in the Domain. This means we can see ALL data on all systems in the Domain. In other words, we now own the network. We will tell you and do no harm, the bad guys work to other agendas!
16 Solution components: IBM penetration testing to identity and help correct exposure to the Internet Business challenge: Concerned about real hackers external attacks, they wanted to test exactly their systems and their monitoring and response infrastructure against a real hacker attacking from the internet Solution: IBM discovered a critical vuln in one of the extensions installed on the CMS powering the public extranet. By exploiting this vuln, IBM was able to take control over the hosting server, establish a tunnel (internet->DMZ) and project the attacker machine on the private DMZ segment. The encrypted tunnel nullified network security protections like FW and IPS. The hacker could attack any internal service gaining access to other hosts and sensitive documents/databases. Solution/Benefits: IBM provided detailed remediation recommendations to the customer and they were resolved quickly Customer Win Story (Penetration Test): A large French company owning several brands, decided to assess their systems performing External and Internal penetration testing with IBM.
17 Customer Win Story (Application Test): A large bank assessed the security risks of internet facing applications and infrastructure Business challenge: – As a part of regular security practice large European bank engaged IBM to verify security of their internet facing infrastructure and application. Solution: – IBM assessed infrastructure and found SQL injection flaw that might be used by unauthorized attacker to gain access to sensitive data – IBM also found SQL injection flaw in one of the application which enabled attacker full access to internal data Benefits: – IBM worked with the application developers to resolve the issues – Client re-coded as recommended and then IBM retested: all issues were confirmed fixed Vulnerabilities were found that allowed anybody to get access to confidential data
18 So Just How Easy is it to Hack a Web Application (Web Site)?
19 Social Engineering Testing This includes the following [1] – Workstation/Laptop Security – Tailgating – USB Sticks – Confidential Data – Phishing (Email and Web) – Phishing (Phone) – Customer Specific Tests [1] This is pick and mix solution and is often bespoke for the clients specific needs.
20 Definition:- Phishing The art of using social engineering to encourage the user to divulge information The user receives an email directing them to a website which looks official, but isn’t! The user is encouraged to enter account details, passwords etc. However, phishing can also be carried via VoIP, SMS or traditional Phones or Mobiles.
21 Spear Phishing Phishing scam targeting a single company or organisation – If your users received an email from “H.R.” asking them to confirm their username/password how many would? Attacks have a specific aim - to gain access to your internal systems Many so-called APT* or Targeted attacks use this as one of their main attack vectors. This is made easier by the vast amount of data most people give away via social media sites and services… *Advanced Persistent Threat
22 Phishing (Email and Web) This fake HSBC email contained a link to the fake HSBC website that was setup specifically for this test. The fake website was hosted at the following URL: http://hsbc.banking.services.http01.com/HSBC/ Below is a screenshot of the Phishing email sent to supplied addresses from a fake HSBC email account HSBC.Alert@post.com :
23 Phishing (Email and Web) This fake site was complete with a working password box that masked the input (as in real life) and also asked the victim to install a new SSL Certificate (really a renamed payload from the USB stick).
24 Phishing (Email and Web) One of the victims clicked on the link in the bogus email and then proceeded to supply their “real” business account details. The two redacted fields (between the | symbols after the 100000 entry) contained the real HSBC login id and password for the HSBC account for the victim.
25 Phishing (Phone) This part of social engineering testing requires phone calls to a pre-agreed number or numbers and pretend to be from the helpdesk, supplier, or a customer having problems with their account/service. The story is agreed with the customer before being used; often this will involve several stories and attacks from different vectors (customer, support, HR, etc.) Then there is Vishing and Smishing…
26 Solutions – Penetration Test Methodology •Security is a Journey, not a Destination… •Uses the same techniques and tools as the Bad Guys and Girls… •Lots of manual testing using very specialised skills… •A very detailed report with findings, including step by step details on exactly how we hacked systems or people… •Report includes a management summary, full technical findings, remediation instructions as well as prioritized recommendations…
27 The Value of Penetration Testing IBM penetration testing services can deliver: – An effective, affordable service that provides a “hacker’s-eye” view of a client’s security posture – The identification of security issues before they are exploited, providing organizations an opportunity to prevent threats before they can impact the business – Access to security experts and proven best practices and delivers a detailed action plan with remediation recommendations – Assistance in ensuring regulatory compliance and business continuity
28 Additional Offerings IBM Penetration Testing Can and Often Does Include: • Malware Defence Review • SCADA Penetration Test • Network Penetration Test • On-site Penetration Test • Application Assessment • Application Code Analysis (web, java, mobile, etc.) • Social Engineering (“Hacking the Human”) • Wireless Security Testing • Emergency Response and Incident Management
29 Team Skills…Beyond Penetration/Application Testing… Reverse Engineering Hardware/Firmware Hacking, including rooting and jail-breaking Knowledge of iOS, Java, Android as well as the usual suspects… Malware, Exploits and bypassing security technologies Coding in C, C++, C#, Java (and derivatives), Perl, Python, PHP, Basic, Assembler, Shell scripting, Pascal, REXX, etc.
30 ERS Hotline Have an emergency? Call IBM ERS 24x7x365 (US) 1-888-241-9812 (WW) 1-312-212-8034 Best Practices: Ensure you have access to the resources and tools needed to respond quickly to the inevitable incident Clients should consider retaining expert security consultants prior to an incident. This ensures guaranteed access to resources, knowledge of your environment, and predictable response times. As an example, IBM’s Emergency Response Service Subscription includes: • Initial one-day workshop for incident planning • 120 staff hours per year, which can be utilized remotely or on site at the client’s discretion for emergency response services or preventative services We can perform these preemptive incident preparation services at the beginning or any given time during the subscription: • Active threat assessment • Cyber Security Incident Response Program gap assessment • Incident response training and simulated exercise • Unlimited emergency declarations • Two seats on the X-Force Threat Analysis Service • Quarterly check point, remote support, and update on threat landscape
31 Customer Win Story (ERS): An international defence contractor… Business challenge: – The FBI contacted the customer to inform them that they had been hacked and that the attackers were stealing data from them as well as “bugging” key executives laptops. They also suggested that they get help in finding and removing the malcode. Solution: – IBM identified the new (unknown) malware installed (and how it was hidden) – IBM identified how and to which remote systems the data was being “exfiltrated” to. Benefits: – IBM identified the new malware and identified how it installed, what it did, etc. – IBM created a “bespoke” detection and removal script for the customer. This “killed” the malware in memory and then deleted the malware from the system. It also sent reports of infections found and cleaned to the security manager. – Client was delighted with our speed of action and the complete removal of the malware. APT was found that allowed attackers to get access to confidential data including weapons systems code and blueprints as well as record executive meetings!
32 What can you do now? Be aware. Do security testing (penetration, application, process and procedures, etc.) for visibility and prioritization for proper risk management strategy Be proactive. Manage against vulnerabilities and carry out log analysis as well as baseline your “normal” network data flows for real- time detection and protection against sophisticated attacks Be prepared. Have an incident response plan in place to quickly respond and remediate against a breach, but don’t forget to test it… When you do suffer a breach (and you will), who are you going to call?
33 Contact details….. Martin Overton Security Consultant, Ethical Hacker, Malware Specialist, Forensics, etc. IBM ISS X-Force – EMEA CSIRT E-Mail: overtonm@uk.ibm.com Telephone: +44 (0)239 2563442 Mobile: +44 (0)776 4666939
34 Questions?
35 Who I am, my background, skills, etc. My name is Martin Overton and I’m a hacker… Sun Alliance / Royal and SunAlliance – Joined 1988 – Commissioning PCs, Strategy (hardware and software) – Responsible for Malware Research/Prevention (10 years), Ethical Hacker (2.5 years) Outsourced April 2002 – Joined EMEA IGS Security June 2002 as Malware/Anti-Malware SME – Moved to MSSD (EMEA) June 2004 to set up EMEA Virus CERT, Member of Global Virus CERT – Moved to ISS X-Force Professional Security Services April 2008 – Also doing ethical hacking, computer forensics and application assessments as well as malware related work. – Now the EMEA lead for ERS (but still doing the ethical hacking, etc.) Other – Helped set up Independent ISS UK User Group – WildList reporter, Charter member of AVIEN – Regular lecturer at University of Warwick (amongst others) – Lots of published papers and presented at many international conferences, such as CompSec, EICAR and Virus Bulletin – 25+ Years of knowledge on malware and related security threats – 10+ Years of knowledge in ethical hacking, forensics and application testing

Recomendados

Follow the Money, Follow the Crime
Follow the Money, Follow the CrimeFollow the Money, Follow the Crime
Follow the Money, Follow the CrimeIBM Security
 
How to Hack a Cryptographic Key
How to Hack a Cryptographic KeyHow to Hack a Cryptographic Key
How to Hack a Cryptographic KeyIBM Security
 
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest LinkSecuring Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest LinkIBM Security
 
IRJET - Cyber Security Threats and Measures in Context with IoT
IRJET - Cyber Security Threats and Measures in Context with IoTIRJET - Cyber Security Threats and Measures in Context with IoT
IRJET - Cyber Security Threats and Measures in Context with IoTIRJET Journal
 
Uncover What's Inside the Mind of a Hacker
Uncover What's Inside the Mind of a HackerUncover What's Inside the Mind of a Hacker
Uncover What's Inside the Mind of a HackerIBM Security
 
What is Penetration Testing?
What is Penetration Testing?What is Penetration Testing?
What is Penetration Testing?Rapid7
 
Malware on Smartphones and Tablets: The Inconvenient Truth
Malware on Smartphones and Tablets: The Inconvenient TruthMalware on Smartphones and Tablets: The Inconvenient Truth
Malware on Smartphones and Tablets: The Inconvenient TruthIBM Security
 
Attack Autopsy: A Study of the Dynamic Attack Chain
Attack Autopsy: A Study of the Dynamic Attack ChainAttack Autopsy: A Study of the Dynamic Attack Chain
Attack Autopsy: A Study of the Dynamic Attack ChainIBM Security
 

Recomendados

Follow the Money, Follow the Crime
Follow the Money, Follow the CrimeFollow the Money, Follow the Crime
Follow the Money, Follow the CrimeIBM Security
 
How to Hack a Cryptographic Key
How to Hack a Cryptographic KeyHow to Hack a Cryptographic Key
How to Hack a Cryptographic KeyIBM Security
 
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest LinkSecuring Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest LinkIBM Security
 
IRJET - Cyber Security Threats and Measures in Context with IoT
IRJET - Cyber Security Threats and Measures in Context with IoTIRJET - Cyber Security Threats and Measures in Context with IoT
IRJET - Cyber Security Threats and Measures in Context with IoTIRJET Journal
 
Uncover What's Inside the Mind of a Hacker
Uncover What's Inside the Mind of a HackerUncover What's Inside the Mind of a Hacker
Uncover What's Inside the Mind of a HackerIBM Security
 
What is Penetration Testing?
What is Penetration Testing?What is Penetration Testing?
What is Penetration Testing?Rapid7
 
Malware on Smartphones and Tablets: The Inconvenient Truth
Malware on Smartphones and Tablets: The Inconvenient TruthMalware on Smartphones and Tablets: The Inconvenient Truth
Malware on Smartphones and Tablets: The Inconvenient TruthIBM Security
 
Attack Autopsy: A Study of the Dynamic Attack Chain
Attack Autopsy: A Study of the Dynamic Attack ChainAttack Autopsy: A Study of the Dynamic Attack Chain
Attack Autopsy: A Study of the Dynamic Attack ChainIBM Security
 
ISACA CACS 2012 - Mobile Device Security and Privacy
ISACA CACS 2012 - Mobile Device Security and PrivacyISACA CACS 2012 - Mobile Device Security and Privacy
ISACA CACS 2012 - Mobile Device Security and PrivacyMichael Davis
 
E-Commerce Security Workable Attacks Againest E-Commerce
E-Commerce Security Workable Attacks Againest E-CommerceE-Commerce Security Workable Attacks Againest E-Commerce
E-Commerce Security Workable Attacks Againest E-Commerceabe8512000
 
Web Application Hacking 2004
Web Application Hacking 2004Web Application Hacking 2004
Web Application Hacking 2004Mike Spaulding
 
04-1 E-commerce Security slides
04-1 E-commerce Security slides04-1 E-commerce Security slides
04-1 E-commerce Security slidesmonchai sopitka
 
Ecommerce Security
Ecommerce SecurityEcommerce Security
Ecommerce SecurityRebecca Jones
 
Take your SOC Beyond SIEM
Take your SOC Beyond SIEMTake your SOC Beyond SIEM
Take your SOC Beyond SIEMThomas Springer
 
BETTER- Threat Whitepaper- PoS
BETTER- Threat Whitepaper- PoSBETTER- Threat Whitepaper- PoS
BETTER- Threat Whitepaper- PoSPurna Bhat
 
e-Commerce: Chapter 6
e-Commerce: Chapter 6e-Commerce: Chapter 6
e-Commerce: Chapter 6annwhyjay
 
IRJET- Minimize Phishing Attacks: Securing Spear Attacks
IRJET- Minimize Phishing Attacks: Securing Spear AttacksIRJET- Minimize Phishing Attacks: Securing Spear Attacks
IRJET- Minimize Phishing Attacks: Securing Spear AttacksIRJET Journal
 
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection SuiteThe Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection SuiteIBM Security
 
Module 4 (enumeration)
Module 4 (enumeration)Module 4 (enumeration)
Module 4 (enumeration)Wail Hassan
 
VAPT- A Service on Eucalyptus Cloud
VAPT- A Service on Eucalyptus CloudVAPT- A Service on Eucalyptus Cloud
VAPT- A Service on Eucalyptus CloudSwapna Shetye
 
E-commerce Security and Threats
E-commerce Security and ThreatsE-commerce Security and Threats
E-commerce Security and ThreatsBPalmer13
 
Module 3 (scanning)
Module 3 (scanning)Module 3 (scanning)
Module 3 (scanning)Wail Hassan
 
Module 2 (footprinting)
Module 2 (footprinting)Module 2 (footprinting)
Module 2 (footprinting)Wail Hassan
 
Module 5 (system hacking)
Module 5 (system hacking)Module 5 (system hacking)
Module 5 (system hacking)Wail Hassan
 
Presentación AMIB Los Cabos
Presentación AMIB Los CabosPresentación AMIB Los Cabos
Presentación AMIB Los CabosJuan Carlos Carrillo
 
Failed Ransom: How IBM XGS Defeated Ransomware
Failed Ransom: How IBM XGS Defeated RansomwareFailed Ransom: How IBM XGS Defeated Ransomware
Failed Ransom: How IBM XGS Defeated RansomwareIBM Security
 
Network monitoring white paper
Network monitoring white paperNetwork monitoring white paper
Network monitoring white paperImaging Network Technology, LLC
 
Winning the war on cybercrime keys to holistic fraud prevention
Winning the war on cybercrime keys to holistic fraud prevention Winning the war on cybercrime keys to holistic fraud prevention
Winning the war on cybercrime keys to holistic fraud prevention CMR WORLD TECH
 
India's Inflation Review for July 2014
India's Inflation Review for July 2014India's Inflation Review for July 2014
India's Inflation Review for July 2014Jhunjhunwalas
 
Ppm wp-10 critical
Ppm wp-10 criticalPpm wp-10 critical
Ppm wp-10 criticalReferendo Org
 

Más contenido relacionado

La actualidad más candente

ISACA CACS 2012 - Mobile Device Security and Privacy
ISACA CACS 2012 - Mobile Device Security and PrivacyISACA CACS 2012 - Mobile Device Security and Privacy
ISACA CACS 2012 - Mobile Device Security and PrivacyMichael Davis
 
E-Commerce Security Workable Attacks Againest E-Commerce
E-Commerce Security Workable Attacks Againest E-CommerceE-Commerce Security Workable Attacks Againest E-Commerce
E-Commerce Security Workable Attacks Againest E-Commerceabe8512000
 
Web Application Hacking 2004
Web Application Hacking 2004Web Application Hacking 2004
Web Application Hacking 2004Mike Spaulding
 
04-1 E-commerce Security slides
04-1 E-commerce Security slides04-1 E-commerce Security slides
04-1 E-commerce Security slidesmonchai sopitka
 
Take your SOC Beyond SIEM
Take your SOC Beyond SIEMTake your SOC Beyond SIEM
Take your SOC Beyond SIEMThomas Springer
 
BETTER- Threat Whitepaper- PoS
BETTER- Threat Whitepaper- PoSBETTER- Threat Whitepaper- PoS
BETTER- Threat Whitepaper- PoSPurna Bhat
 
e-Commerce: Chapter 6
e-Commerce: Chapter 6e-Commerce: Chapter 6
e-Commerce: Chapter 6annwhyjay
 
IRJET- Minimize Phishing Attacks: Securing Spear Attacks
IRJET- Minimize Phishing Attacks: Securing Spear AttacksIRJET- Minimize Phishing Attacks: Securing Spear Attacks
IRJET- Minimize Phishing Attacks: Securing Spear AttacksIRJET Journal
 
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection SuiteThe Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection SuiteIBM Security
 
Module 4 (enumeration)
Module 4 (enumeration)Module 4 (enumeration)
Module 4 (enumeration)Wail Hassan
 
VAPT- A Service on Eucalyptus Cloud
VAPT- A Service on Eucalyptus CloudVAPT- A Service on Eucalyptus Cloud
VAPT- A Service on Eucalyptus CloudSwapna Shetye
 
E-commerce Security and Threats
E-commerce Security and ThreatsE-commerce Security and Threats
E-commerce Security and ThreatsBPalmer13
 
Module 3 (scanning)
Module 3 (scanning)Module 3 (scanning)
Module 3 (scanning)Wail Hassan
 
Module 2 (footprinting)
Module 2 (footprinting)Module 2 (footprinting)
Module 2 (footprinting)Wail Hassan
 
Module 5 (system hacking)
Module 5 (system hacking)Module 5 (system hacking)
Module 5 (system hacking)Wail Hassan
 
Failed Ransom: How IBM XGS Defeated Ransomware
Failed Ransom: How IBM XGS Defeated RansomwareFailed Ransom: How IBM XGS Defeated Ransomware
Failed Ransom: How IBM XGS Defeated RansomwareIBM Security
 
Winning the war on cybercrime keys to holistic fraud prevention
Winning the war on cybercrime keys to holistic fraud prevention Winning the war on cybercrime keys to holistic fraud prevention
Winning the war on cybercrime keys to holistic fraud prevention CMR WORLD TECH
 

La actualidad más candente (20)

ISACA CACS 2012 - Mobile Device Security and Privacy
ISACA CACS 2012 - Mobile Device Security and PrivacyISACA CACS 2012 - Mobile Device Security and Privacy
ISACA CACS 2012 - Mobile Device Security and Privacy
 
E-Commerce Security Workable Attacks Againest E-Commerce
E-Commerce Security Workable Attacks Againest E-CommerceE-Commerce Security Workable Attacks Againest E-Commerce
E-Commerce Security Workable Attacks Againest E-Commerce
 
Web Application Hacking 2004
Web Application Hacking 2004Web Application Hacking 2004
Web Application Hacking 2004
 
04-1 E-commerce Security slides
04-1 E-commerce Security slides04-1 E-commerce Security slides
04-1 E-commerce Security slides
 
Ecommerce Security
Ecommerce SecurityEcommerce Security
Ecommerce Security
 
Take your SOC Beyond SIEM
Take your SOC Beyond SIEMTake your SOC Beyond SIEM
Take your SOC Beyond SIEM
 
BETTER- Threat Whitepaper- PoS
BETTER- Threat Whitepaper- PoSBETTER- Threat Whitepaper- PoS
BETTER- Threat Whitepaper- PoS
 
e-Commerce: Chapter 6
e-Commerce: Chapter 6e-Commerce: Chapter 6
e-Commerce: Chapter 6
 
IRJET- Minimize Phishing Attacks: Securing Spear Attacks
IRJET- Minimize Phishing Attacks: Securing Spear AttacksIRJET- Minimize Phishing Attacks: Securing Spear Attacks
IRJET- Minimize Phishing Attacks: Securing Spear Attacks
 
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection SuiteThe Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
 
Module 4 (enumeration)
Module 4 (enumeration)Module 4 (enumeration)
Module 4 (enumeration)
 
VAPT- A Service on Eucalyptus Cloud
VAPT- A Service on Eucalyptus CloudVAPT- A Service on Eucalyptus Cloud
VAPT- A Service on Eucalyptus Cloud
 
E-commerce Security and Threats
E-commerce Security and ThreatsE-commerce Security and Threats
E-commerce Security and Threats
 
Module 3 (scanning)
Module 3 (scanning)Module 3 (scanning)
Module 3 (scanning)
 
Module 2 (footprinting)
Module 2 (footprinting)Module 2 (footprinting)
Module 2 (footprinting)
 
Module 5 (system hacking)
Module 5 (system hacking)Module 5 (system hacking)
Module 5 (system hacking)
 
Presentación AMIB Los Cabos
Presentación AMIB Los CabosPresentación AMIB Los Cabos
Presentación AMIB Los Cabos
 
Failed Ransom: How IBM XGS Defeated Ransomware
Failed Ransom: How IBM XGS Defeated RansomwareFailed Ransom: How IBM XGS Defeated Ransomware
Failed Ransom: How IBM XGS Defeated Ransomware
 
Network monitoring white paper
Network monitoring white paperNetwork monitoring white paper
Network monitoring white paper
 
Winning the war on cybercrime keys to holistic fraud prevention
Winning the war on cybercrime keys to holistic fraud prevention Winning the war on cybercrime keys to holistic fraud prevention
Winning the war on cybercrime keys to holistic fraud prevention
 

Destacado

India's Inflation Review for July 2014
India's Inflation Review for July 2014India's Inflation Review for July 2014
India's Inflation Review for July 2014Jhunjhunwalas
 
Portfolio management
Portfolio managementPortfolio management
Portfolio managementReferendo Org
 
As long as there is someone to protect me
As long as there is someone to protect meAs long as there is someone to protect me
As long as there is someone to protect meAmy Seah
 
The Unusual Suspect: Layouts for sleeker KDE applications
The Unusual Suspect: Layouts for sleeker KDE applicationsThe Unusual Suspect: Layouts for sleeker KDE applications
The Unusual Suspect: Layouts for sleeker KDE applicationsOpenBossa
 

Destacado (6)

India's Inflation Review for July 2014
India's Inflation Review for July 2014India's Inflation Review for July 2014
India's Inflation Review for July 2014
 
Ppm wp-10 critical
Ppm wp-10 criticalPpm wp-10 critical
Ppm wp-10 critical
 
Epmo wp-closing
Epmo wp-closingEpmo wp-closing
Epmo wp-closing
 
Portfolio management
Portfolio managementPortfolio management
Portfolio management
 
As long as there is someone to protect me
As long as there is someone to protect meAs long as there is someone to protect me
As long as there is someone to protect me
 
The Unusual Suspect: Layouts for sleeker KDE applications
The Unusual Suspect: Layouts for sleeker KDE applicationsThe Unusual Suspect: Layouts for sleeker KDE applications
The Unusual Suspect: Layouts for sleeker KDE applications
 

Similar a How to Keep Hackers Out of Your Organisation

ITSolutions|Currie Network Security Seminar
ITSolutions|Currie Network Security SeminarITSolutions|Currie Network Security Seminar
ITSolutions|Currie Network Security SeminarDaniel Versola
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxAkshayKhade21
 
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...IBM Security
 
Cyber security.docx
Cyber security.docxCyber security.docx
Cyber security.docxsaivarun91
 
PCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red HatPCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red HatPCM
 
E commerce security 4
E commerce security 4E commerce security 4
E commerce security 4Anne ndolo
 
Rishabhcyber security.pptx
Rishabhcyber security.pptxRishabhcyber security.pptx
Rishabhcyber security.pptxRishabhDwivedi70
 
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...IBM Security
 
Bordless Breaches and Migrating Malware
Bordless Breaches and Migrating MalwareBordless Breaches and Migrating Malware
Bordless Breaches and Migrating MalwareSarah Freemantle
 
DEVSECOPS_the_beginning.ppt
DEVSECOPS_the_beginning.pptDEVSECOPS_the_beginning.ppt
DEVSECOPS_the_beginning.pptschwarz10
 
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONSE-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONSrausdeen anfas
 
Mobile Payments: Protecting Apps and Data from Emerging Risks
Mobile Payments: Protecting Apps and Data from Emerging RisksMobile Payments: Protecting Apps and Data from Emerging Risks
Mobile Payments: Protecting Apps and Data from Emerging RisksIBM Security
 
Cybersecurity - Poland.pdf
Cybersecurity - Poland.pdfCybersecurity - Poland.pdf
Cybersecurity - Poland.pdfPavelVtek3
 

Similar a How to Keep Hackers Out of Your Organisation (20)

ITSolutions|Currie Network Security Seminar
ITSolutions|Currie Network Security SeminarITSolutions|Currie Network Security Seminar
ITSolutions|Currie Network Security Seminar
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
 
Cyber security.docx
Cyber security.docxCyber security.docx
Cyber security.docx
 
Security & Compliance for Startups
Security & Compliance for StartupsSecurity & Compliance for Startups
Security & Compliance for Startups
 
PCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red HatPCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red Hat
 
E commerce security 4
E commerce security 4E commerce security 4
E commerce security 4
 
Rishabhcyber security.pptx
Rishabhcyber security.pptxRishabhcyber security.pptx
Rishabhcyber security.pptx
 
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
 
Bordless Breaches and Migrating Malware
Bordless Breaches and Migrating MalwareBordless Breaches and Migrating Malware
Bordless Breaches and Migrating Malware
 
DEVSECOPS_the_beginning.ppt
DEVSECOPS_the_beginning.pptDEVSECOPS_the_beginning.ppt
DEVSECOPS_the_beginning.ppt
 
Module 10 e security-en
Module 10 e security-enModule 10 e security-en
Module 10 e security-en
 
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONSE-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
 
CYBER51-FYLER
CYBER51-FYLERCYBER51-FYLER
CYBER51-FYLER
 
Mobile Payments: Protecting Apps and Data from Emerging Risks
Mobile Payments: Protecting Apps and Data from Emerging RisksMobile Payments: Protecting Apps and Data from Emerging Risks
Mobile Payments: Protecting Apps and Data from Emerging Risks
 
Lecture 2.pptx
Lecture 2.pptxLecture 2.pptx
Lecture 2.pptx
 
ProjectReport_Finalversion
ProjectReport_FinalversionProjectReport_Finalversion
ProjectReport_Finalversion
 
Lecture 2.pptx
Lecture 2.pptxLecture 2.pptx
Lecture 2.pptx
 
Cybersecurity - Poland.pdf
Cybersecurity - Poland.pdfCybersecurity - Poland.pdf
Cybersecurity - Poland.pdf
 

Más de IBM Danmark

DevOps, Development and Operations, Tina McGinley
DevOps, Development and Operations, Tina McGinleyDevOps, Development and Operations, Tina McGinley
DevOps, Development and Operations, Tina McGinleyIBM Danmark
 
Velkomst, Universitetssporet 2013, Pia Rønhøj
Velkomst, Universitetssporet 2013, Pia RønhøjVelkomst, Universitetssporet 2013, Pia Rønhøj
Velkomst, Universitetssporet 2013, Pia RønhøjIBM Danmark
 
Smarter Commerce, Salg og Marketing, Thomas Steglich-Andersen
Smarter Commerce, Salg og Marketing, Thomas Steglich-AndersenSmarter Commerce, Salg og Marketing, Thomas Steglich-Andersen
Smarter Commerce, Salg og Marketing, Thomas Steglich-AndersenIBM Danmark
 
Mobile, Philip Nyborg
Mobile, Philip NyborgMobile, Philip Nyborg
Mobile, Philip NyborgIBM Danmark
 
IT innovation, Kim Escherich
IT innovation, Kim EscherichIT innovation, Kim Escherich
IT innovation, Kim EscherichIBM Danmark
 
Echo.IT, Stefan K. Madsen
Echo.IT, Stefan K. MadsenEcho.IT, Stefan K. Madsen
Echo.IT, Stefan K. MadsenIBM Danmark
 
Big Data & Analytics, Peter Jönsson
Big Data & Analytics, Peter JönssonBig Data & Analytics, Peter Jönsson
Big Data & Analytics, Peter JönssonIBM Danmark
 
Social Business, Alice Bayer
Social Business, Alice BayerSocial Business, Alice Bayer
Social Business, Alice BayerIBM Danmark
 
Numascale Product IBM
Numascale Product IBMNumascale Product IBM
Numascale Product IBMIBM Danmark
 
Intel HPC Update
Intel HPC UpdateIntel HPC Update
Intel HPC UpdateIBM Danmark
 
IBM general parallel file system - introduction
IBM general parallel file system - introductionIBM general parallel file system - introduction
IBM general parallel file system - introductionIBM Danmark
 
NeXtScale HPC seminar
NeXtScale HPC seminarNeXtScale HPC seminar
NeXtScale HPC seminarIBM Danmark
 
Future of Power: PowerLinux - Jan Kristian Nielsen
Future of Power: PowerLinux - Jan Kristian NielsenFuture of Power: PowerLinux - Jan Kristian Nielsen
Future of Power: PowerLinux - Jan Kristian NielsenIBM Danmark
 
Future of Power: Power Strategy and Offerings for Denmark - Steve Sibley
Future of Power: Power Strategy and Offerings for Denmark - Steve SibleyFuture of Power: Power Strategy and Offerings for Denmark - Steve Sibley
Future of Power: Power Strategy and Offerings for Denmark - Steve SibleyIBM Danmark
 
Future of Power: Big Data - Søren Ravn
Future of Power: Big Data - Søren RavnFuture of Power: Big Data - Søren Ravn
Future of Power: Big Data - Søren RavnIBM Danmark
 
Future of Power: IBM PureFlex - Kim Mortensen
Future of Power: IBM PureFlex - Kim MortensenFuture of Power: IBM PureFlex - Kim Mortensen
Future of Power: IBM PureFlex - Kim MortensenIBM Danmark
 
Future of Power: IBM Trends & Directions - Erik Rex
Future of Power: IBM Trends & Directions - Erik RexFuture of Power: IBM Trends & Directions - Erik Rex
Future of Power: IBM Trends & Directions - Erik RexIBM Danmark
 
Future of Power: Håndtering af nye teknologier - Kim Escherich
Future of Power: Håndtering af nye teknologier - Kim EscherichFuture of Power: Håndtering af nye teknologier - Kim Escherich
Future of Power: Håndtering af nye teknologier - Kim EscherichIBM Danmark
 
Future of Power - Lars Mikkelgaard-Jensen
Future of Power - Lars Mikkelgaard-JensenFuture of Power - Lars Mikkelgaard-Jensen
Future of Power - Lars Mikkelgaard-JensenIBM Danmark
 

Más de IBM Danmark (20)

DevOps, Development and Operations, Tina McGinley
DevOps, Development and Operations, Tina McGinleyDevOps, Development and Operations, Tina McGinley
DevOps, Development and Operations, Tina McGinley
 
Velkomst, Universitetssporet 2013, Pia Rønhøj
Velkomst, Universitetssporet 2013, Pia RønhøjVelkomst, Universitetssporet 2013, Pia Rønhøj
Velkomst, Universitetssporet 2013, Pia Rønhøj
 
Smarter Commerce, Salg og Marketing, Thomas Steglich-Andersen
Smarter Commerce, Salg og Marketing, Thomas Steglich-AndersenSmarter Commerce, Salg og Marketing, Thomas Steglich-Andersen
Smarter Commerce, Salg og Marketing, Thomas Steglich-Andersen
 
Mobile, Philip Nyborg
Mobile, Philip NyborgMobile, Philip Nyborg
Mobile, Philip Nyborg
 
IT innovation, Kim Escherich
IT innovation, Kim EscherichIT innovation, Kim Escherich
IT innovation, Kim Escherich
 
Echo.IT, Stefan K. Madsen
Echo.IT, Stefan K. MadsenEcho.IT, Stefan K. Madsen
Echo.IT, Stefan K. Madsen
 
Big Data & Analytics, Peter Jönsson
Big Data & Analytics, Peter JönssonBig Data & Analytics, Peter Jönsson
Big Data & Analytics, Peter Jönsson
 
Social Business, Alice Bayer
Social Business, Alice BayerSocial Business, Alice Bayer
Social Business, Alice Bayer
 
Numascale Product IBM
Numascale Product IBMNumascale Product IBM
Numascale Product IBM
 
Mellanox IBM
Mellanox IBMMellanox IBM
Mellanox IBM
 
Intel HPC Update
Intel HPC UpdateIntel HPC Update
Intel HPC Update
 
IBM general parallel file system - introduction
IBM general parallel file system - introductionIBM general parallel file system - introduction
IBM general parallel file system - introduction
 
NeXtScale HPC seminar
NeXtScale HPC seminarNeXtScale HPC seminar
NeXtScale HPC seminar
 
Future of Power: PowerLinux - Jan Kristian Nielsen
Future of Power: PowerLinux - Jan Kristian NielsenFuture of Power: PowerLinux - Jan Kristian Nielsen
Future of Power: PowerLinux - Jan Kristian Nielsen
 
Future of Power: Power Strategy and Offerings for Denmark - Steve Sibley
Future of Power: Power Strategy and Offerings for Denmark - Steve SibleyFuture of Power: Power Strategy and Offerings for Denmark - Steve Sibley
Future of Power: Power Strategy and Offerings for Denmark - Steve Sibley
 
Future of Power: Big Data - Søren Ravn
Future of Power: Big Data - Søren RavnFuture of Power: Big Data - Søren Ravn
Future of Power: Big Data - Søren Ravn
 
Future of Power: IBM PureFlex - Kim Mortensen
Future of Power: IBM PureFlex - Kim MortensenFuture of Power: IBM PureFlex - Kim Mortensen
Future of Power: IBM PureFlex - Kim Mortensen
 
Future of Power: IBM Trends & Directions - Erik Rex
Future of Power: IBM Trends & Directions - Erik RexFuture of Power: IBM Trends & Directions - Erik Rex
Future of Power: IBM Trends & Directions - Erik Rex
 
Future of Power: Håndtering af nye teknologier - Kim Escherich
Future of Power: Håndtering af nye teknologier - Kim EscherichFuture of Power: Håndtering af nye teknologier - Kim Escherich
Future of Power: Håndtering af nye teknologier - Kim Escherich
 
Future of Power - Lars Mikkelgaard-Jensen
Future of Power - Lars Mikkelgaard-JensenFuture of Power - Lars Mikkelgaard-Jensen
Future of Power - Lars Mikkelgaard-Jensen
 

Último

HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 

Último (20)

HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 

How to Keep Hackers Out of Your Organisation

  • 1. 1 Keeping Hackers Out of Your Organisation…. By Being Hacked! Martin Overton, EMEA ERS Lead and Senior Security Consultant, Cyber Security Intelligence and Response Team (CSIRT)
  • 2. 2 Agenda Threatscape Real World “Hacking” Examples and Customer Stories: – Networks – End-Points – Web Applications – The Human Solutions Questions?
  • 3. 3 Number of vulnerabilities increase radically with emergence of new business models and technologies. Mobility Employees, customers, contractors, outsourcers Bring your own IT Social business Cloud and virtualization 1 trillion connected objects (cars, appliances, cameras) 30 billion RFID1 tags (products, passports, buildings and animals) 1 billion workers will be remote or mobile 1 billion mobile Internet users 30 percent growth of 3G devices33 percent of all new business software spending will be Software as a Service Source: IBM X-Force® Trend Report, 2011 Exponentially growing and interconnected digital universe Adopting new business models and embracing new technologies
  • 4. 4 Motivation and Sophistication is Evolving Rapidly Attackers have more resources Off-the-shelf tools are available for sale They will keep trying until they get in
  • 5. 5 The new security landscape Sophisticated attackers are a primary concern Threat Profile Type Share of Incidents Attack Type Advanced threat / mercenary National governments Terrorist cells Crime Cartels 23% Espionage Intellectual property theft Systems disruption Financial Crime Malicious Insiders Employees Contractors Outsourcers 15% Financial Crime Intellectual Property Theft Unauthorized Access/ Hacktivist Social Activists 7% Systems disruption Web defacement Information Disclosure Opportunist Worm and virus writers “Script Kiddies” 49% Malware propagation Unauthorized Access Web defacement PotentialImpact Source: Government Accountability Office, Department of Homeland Security's Role in Critical Infrastructure Protection Cybersecurity, GAO-05-434; IBM CyberSecurity Intelligence & Response Team, September 2012
  • 6. 6 2,641,350 The Average Company Faces Per Week Security Attacks 1. Health & Social Services 2. Transportation 3. Hospitality 4. Finance & Insurance 5. Manufacturing 6. Real Estate 7. Mining, Oil & Gas Top 7 Most ATTACKED Industries 62Security Incidents The Average Company Experiences Per Week 1. End user didn’t think before clicking 2. Weak password / default password in use 3. Insecure configuration 4. Use of legacy hardware or software 5. Lack of basic network security protection or segmentation Top 5 reasons WHY attacks were possible Did you know... Malicious Code Sustained Probe or Scan Unauthorized Access Low-and-Slow Attack Access/Credentials Abuse Denial of Service What IBM Sees Categories of Attack
  • 7. 7 1. Double-clicking “on anything” 2. Disabling endpoint security settings 3. Using vulnerable, legacy software and hardware 4. Failing to install security patches 5. Failing to install anti-virus 6. Failing to report lost/stolen device 7. Connecting endpoint to a network from an insecure access point (i.e., Starbucks) 8. Using a second access point (i.e., AirCard) creating a bypass 9. Using weak/default passwords and/or using business passwords for personal use 10. Giving passwords over the phone Top Reasons WHY Compromises Occur end users/endpoints 1. Connecting systems/virtual images to the Internet before hardening them 2. Connecting test systems to the Internet with default accounts/passwords 3. Failing to update or patch systems/applications on a timely basis. 4. Failing to implement or update virus detection software 5. Using legacy/EOLed software and hardware 6. Running unnecessary services 7. Using insecure back end management software 8. Failing to remove old or unused accounts end user accounts. 9. Implementing firewalls with rules that don't stop malicious or dangerous traffic-incoming or outgoing. 10. Failing to segment network and/or adequately monitor/block malicious traffic with IDS/IPS infrastructure 80-90% of all security incidents can be easily avoided!
  • 8. 8 Screenshots from REAL Hacks, Customer Stories and a Video…
  • 9. 9 Network Hacked Step 1! Initial compromise was via a default Apache Tomcat manager user id and password…
  • 10. 10 Network Hacked Step 2! We then uploaded a special WAR file to allow us to gain a remote shell access….
  • 11. 11 Network Hacked Step 3! Using this we dumped password hashes from the system and created a user account which we then added to the local Administrator group….
  • 12. 12 Network Hacked Step 4! Then we could login using Microsoft Terminal Server Client…
  • 13. 13 Network Hacked Step 5! Which we then cracked to find the passwords… Including the Administrator! This same technique was used on another server
  • 15. 15 What Does The Previous Slide Mean? It means we have Domain Admin on the network. This means we now can access ANY system in the Domain. This means we can see ALL data on all systems in the Domain. In other words, we now own the network. We will tell you and do no harm, the bad guys work to other agendas!
  • 16. 16 Solution components: IBM penetration testing to identity and help correct exposure to the Internet Business challenge: Concerned about real hackers external attacks, they wanted to test exactly their systems and their monitoring and response infrastructure against a real hacker attacking from the internet Solution: IBM discovered a critical vuln in one of the extensions installed on the CMS powering the public extranet. By exploiting this vuln, IBM was able to take control over the hosting server, establish a tunnel (internet->DMZ) and project the attacker machine on the private DMZ segment. The encrypted tunnel nullified network security protections like FW and IPS. The hacker could attack any internal service gaining access to other hosts and sensitive documents/databases. Solution/Benefits: IBM provided detailed remediation recommendations to the customer and they were resolved quickly Customer Win Story (Penetration Test): A large French company owning several brands, decided to assess their systems performing External and Internal penetration testing with IBM.
  • 17. 17 Customer Win Story (Application Test): A large bank assessed the security risks of internet facing applications and infrastructure Business challenge: – As a part of regular security practice large European bank engaged IBM to verify security of their internet facing infrastructure and application. Solution: – IBM assessed infrastructure and found SQL injection flaw that might be used by unauthorized attacker to gain access to sensitive data – IBM also found SQL injection flaw in one of the application which enabled attacker full access to internal data Benefits: – IBM worked with the application developers to resolve the issues – Client re-coded as recommended and then IBM retested: all issues were confirmed fixed Vulnerabilities were found that allowed anybody to get access to confidential data
  • 18. 18 So Just How Easy is it to Hack a Web Application (Web Site)?
  • 19. 19 Social Engineering Testing This includes the following [1] – Workstation/Laptop Security – Tailgating – USB Sticks – Confidential Data – Phishing (Email and Web) – Phishing (Phone) – Customer Specific Tests [1] This is pick and mix solution and is often bespoke for the clients specific needs.
  • 20. 20 Definition:- Phishing The art of using social engineering to encourage the user to divulge information The user receives an email directing them to a website which looks official, but isn’t! The user is encouraged to enter account details, passwords etc. However, phishing can also be carried via VoIP, SMS or traditional Phones or Mobiles.
  • 21. 21 Spear Phishing Phishing scam targeting a single company or organisation – If your users received an email from “H.R.” asking them to confirm their username/password how many would? Attacks have a specific aim - to gain access to your internal systems Many so-called APT* or Targeted attacks use this as one of their main attack vectors. This is made easier by the vast amount of data most people give away via social media sites and services… *Advanced Persistent Threat
  • 22. 22 Phishing (Email and Web) This fake HSBC email contained a link to the fake HSBC website that was setup specifically for this test. The fake website was hosted at the following URL: http://hsbc.banking.services.http01.com/HSBC/ Below is a screenshot of the Phishing email sent to supplied addresses from a fake HSBC email account HSBC.Alert@post.com :
  • 23. 23 Phishing (Email and Web) This fake site was complete with a working password box that masked the input (as in real life) and also asked the victim to install a new SSL Certificate (really a renamed payload from the USB stick).
  • 24. 24 Phishing (Email and Web) One of the victims clicked on the link in the bogus email and then proceeded to supply their “real” business account details. The two redacted fields (between the | symbols after the 100000 entry) contained the real HSBC login id and password for the HSBC account for the victim.
  • 25. 25 Phishing (Phone) This part of social engineering testing requires phone calls to a pre-agreed number or numbers and pretend to be from the helpdesk, supplier, or a customer having problems with their account/service. The story is agreed with the customer before being used; often this will involve several stories and attacks from different vectors (customer, support, HR, etc.) Then there is Vishing and Smishing…
  • 26. 26 Solutions – Penetration Test Methodology •Security is a Journey, not a Destination… •Uses the same techniques and tools as the Bad Guys and Girls… •Lots of manual testing using very specialised skills… •A very detailed report with findings, including step by step details on exactly how we hacked systems or people… •Report includes a management summary, full technical findings, remediation instructions as well as prioritized recommendations…
  • 27. 27 The Value of Penetration Testing IBM penetration testing services can deliver: – An effective, affordable service that provides a “hacker’s-eye” view of a client’s security posture – The identification of security issues before they are exploited, providing organizations an opportunity to prevent threats before they can impact the business – Access to security experts and proven best practices and delivers a detailed action plan with remediation recommendations – Assistance in ensuring regulatory compliance and business continuity
  • 28. 28 Additional Offerings IBM Penetration Testing Can and Often Does Include: • Malware Defence Review • SCADA Penetration Test • Network Penetration Test • On-site Penetration Test • Application Assessment • Application Code Analysis (web, java, mobile, etc.) • Social Engineering (“Hacking the Human”) • Wireless Security Testing • Emergency Response and Incident Management
  • 29. 29 Team Skills…Beyond Penetration/Application Testing… Reverse Engineering Hardware/Firmware Hacking, including rooting and jail-breaking Knowledge of iOS, Java, Android as well as the usual suspects… Malware, Exploits and bypassing security technologies Coding in C, C++, C#, Java (and derivatives), Perl, Python, PHP, Basic, Assembler, Shell scripting, Pascal, REXX, etc.
  • 30. 30 ERS Hotline Have an emergency? Call IBM ERS 24x7x365 (US) 1-888-241-9812 (WW) 1-312-212-8034 Best Practices: Ensure you have access to the resources and tools needed to respond quickly to the inevitable incident Clients should consider retaining expert security consultants prior to an incident. This ensures guaranteed access to resources, knowledge of your environment, and predictable response times. As an example, IBM’s Emergency Response Service Subscription includes: • Initial one-day workshop for incident planning • 120 staff hours per year, which can be utilized remotely or on site at the client’s discretion for emergency response services or preventative services We can perform these preemptive incident preparation services at the beginning or any given time during the subscription: • Active threat assessment • Cyber Security Incident Response Program gap assessment • Incident response training and simulated exercise • Unlimited emergency declarations • Two seats on the X-Force Threat Analysis Service • Quarterly check point, remote support, and update on threat landscape
  • 31. 31 Customer Win Story (ERS): An international defence contractor… Business challenge: – The FBI contacted the customer to inform them that they had been hacked and that the attackers were stealing data from them as well as “bugging” key executives laptops. They also suggested that they get help in finding and removing the malcode. Solution: – IBM identified the new (unknown) malware installed (and how it was hidden) – IBM identified how and to which remote systems the data was being “exfiltrated” to. Benefits: – IBM identified the new malware and identified how it installed, what it did, etc. – IBM created a “bespoke” detection and removal script for the customer. This “killed” the malware in memory and then deleted the malware from the system. It also sent reports of infections found and cleaned to the security manager. – Client was delighted with our speed of action and the complete removal of the malware. APT was found that allowed attackers to get access to confidential data including weapons systems code and blueprints as well as record executive meetings!
  • 32. 32 What can you do now? Be aware. Do security testing (penetration, application, process and procedures, etc.) for visibility and prioritization for proper risk management strategy Be proactive. Manage against vulnerabilities and carry out log analysis as well as baseline your “normal” network data flows for real- time detection and protection against sophisticated attacks Be prepared. Have an incident response plan in place to quickly respond and remediate against a breach, but don’t forget to test it… When you do suffer a breach (and you will), who are you going to call?
  • 33. 33 Contact details….. Martin Overton Security Consultant, Ethical Hacker, Malware Specialist, Forensics, etc. IBM ISS X-Force – EMEA CSIRT E-Mail: overtonm@uk.ibm.com Telephone: +44 (0)239 2563442 Mobile: +44 (0)776 4666939
  • 35. 35 Who I am, my background, skills, etc. My name is Martin Overton and I’m a hacker… Sun Alliance / Royal and SunAlliance – Joined 1988 – Commissioning PCs, Strategy (hardware and software) – Responsible for Malware Research/Prevention (10 years), Ethical Hacker (2.5 years) Outsourced April 2002 – Joined EMEA IGS Security June 2002 as Malware/Anti-Malware SME – Moved to MSSD (EMEA) June 2004 to set up EMEA Virus CERT, Member of Global Virus CERT – Moved to ISS X-Force Professional Security Services April 2008 – Also doing ethical hacking, computer forensics and application assessments as well as malware related work. – Now the EMEA lead for ERS (but still doing the ethical hacking, etc.) Other – Helped set up Independent ISS UK User Group – WildList reporter, Charter member of AVIEN – Regular lecturer at University of Warwick (amongst others) – Lots of published papers and presented at many international conferences, such as CompSec, EICAR and Virus Bulletin – 25+ Years of knowledge on malware and related security threats – 10+ Years of knowledge in ethical hacking, forensics and application testing