Enjoy Safer Technology and Defeat Cyber Criminals

Stephen Cobb, CISSPSenior Security Researcher, ESET NA

Why do cyber criminals want your digital devices?

36 ways to abuse hacked devices• Spam zombie• DDoS extortion zombie• Click fraud zombie• Anonymization proxy• CAPTCHA solving zombie

• eBay/PayPal fake auctions• Online gaming credentials• Website FTP credentials• Skype/VoIP credentials• Encryption certificates

• Fake antivirus• Ransomware• Email account ransom• Webcam image extortion

• Bank account data• Credit card data• Stock and 401K accounts• Wire transfer data

• Phishing site• Malware download site• Warez piracy server• Child porn server• Spam site

• Harvest email contacts• Harvest associated accounts• Access to corporate email• Webmail spam• Stranded abroad scams

• Facebook• Twitter• LinkedIn • Google+

• Online gaming characters• Online gaming goods/$$$• PC game license keys• OS license key

Based on original work by Brian Krebs: krebsonsecurity.com

Webserver

Botnetactivity

Email attacks

Virtualgoods

Reputationhijacking

Financial credentials

Hostage attacks

Account credentials

IMPACTADVANTAGEMONEY

CREDENTIALS

What’s my motivation?

Verizon 2012 Data Breach Investigations Report

1 to 10

11 to 100

101 to 1,000

1,001 to 10,000

10,001 to 100,000

Over 100,000

0 100 200 300 400 500 600

720 breaches by size of organization (employees)

SMBs

The SMB sweet spot for the cyber-criminally inclined

Assets worthlooting

Level of protection

Big enterprise

SMB “sweet spot”

Consumers

How do they get to your devices?

1. Malware involved in 69% of breaches2. Hacking* used in 81% of breaches3. Deception

Verizon 2012 Data Breach Investigations Report

*80% of hacking is passwords: default, missing, guessed, stolen, cracked

Thriving markets for credentials

All driven by proven business strategies

Specialization Modularity

Division of labor Standards

Markets

Some good news: bad guys get caught

So how do you defend your devices?

Three main attacks …. and defenses

Scanning

Authentication

Malware

Hacking

AwarenessDeception

Scanning requires proper implementation

Scan devices while connected

Scan devices prior to connection

Require AV on mobile devices

0% 5% 10% 15% 20% 25% 30% 35% 40%

Measures in use at a sample of healthcare facilities

Ponemon Institute Third Annual Benchmark Study on Patient Privacy & Data Security

Authentication beyond passwords

Passwords exposed in 2012: 75,000,000Need to add a second factor to authenticationUsed by Facebook, Twitter, Google, SharpMore to come

Awareness: a powerful weapon

• Think before you click/open• If it sounds too good…• Just because your friend said…• Resources:

• Securing Our eCity• We Live Security• Podcasts and webinars• Social Media Scanner

Check your data:

Google yourselfGet your Facebook contentCheck your credit reportwww.annualcreditreport.comwww.aboutthedata.com

Protecting your card accounts

1. • Check accounts for suspicious activity2. • Ask for a new card3. • Check your credit report4. • Set activity alerts on accounts5. • Change card PINs and account passwords6. • Use stronger PINs and passwords7. • Use different PIN/password on each account8. • Password protect phones, tablets, laptops

Securing Our eCity

Security news, how-to, podcasts

Connections

• Securing Our eCity• www.securingourecity.org

• We Live Security• www.welivesecurity.com

• Webinars• www.brighttalk.com/channel/1718

• Social Media Scanner• my.eset.com