R U Hacked? You website has gone?Sumedt Jitpukdebodin Senior Security Researcher CompTIA Security+, LPIC-1 , NCLA, C|EHv6, eCPPT, eWPT, IWSS, CPTE, GIAC GPEN

Whoami

Name: Sumedt Jitpukdebodin

Jobs: Senior Security Researcher

Nonprofit jobs: OWASP Thailand - Leader Technical Part, admin of 2600Thailand

Hobby: Hacking stuff, Malware analysis, Python programming, read the security news, etc.

#redpill 2016

#redpill 2016

AgendaThe rise of cybersecurity

Internet of things

Ransomware

DDoS

Web Application Attack

Conclusion

The rise of cybersecurity

Trend of technology 2015Computing Everywhere

Internet of things

3D Printing

Advanced, Pervasive and Invisible Analytics

Context-Rich Systems

Smart Machines

Cloud/Client Computing

Software-Defined Applications and Infrastructure

Web-Scale IT

Risk-Based Security and Self-Protection • Reference:: http://www.itbusinessedge.com/slideshows/top-10-strategic-technology-trends-for-2015-02.html

Internet of things around the world

Internet of things in Thailand

More detail of Internet of Things

Easy to hack, right?

Ransomware

Well-known ransomware

TorrentLocker (CryptoLocker)

CryptoWall (Crowti)

CTB-Locker

Top 10 Ransomware By Microsoft

CryptoWall

CrytoLocker

Android/Lockerpin.A

iOS Ransomware

Why it’s so famous?

Attacking with Ransomware

Phishing Attack with attachment file

Website Attack (Exploit Kit)

(New) Mobile Application Attack

Demo for simple phishing

Demo with WINRAR exploit

What can I do about it?Backup your data

Show hidden file-extension

Filters EXE in email

Disable files running from AppData/LocalAppData folders

Use the CryptoLocker Prevention Kit(http://community.spiceworks.com/topic/396103-cryptolocker-prevention-kit-updated)

Disable RDP

Patch or update software

Use a AntiVirus

Scan the file with many online scanner (http://www.virustotal.com, https://malwr.com)

Use System Restore to get back to a known-clean state

Denial of Service (DoS)

By VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VOLUME 2, ISSUE 3 – 3RD QUARTER 2015

Attack Size BPS

By ATLAS Q2 2015 Global DDoS Attack Trends (http://www.slideshare.net/Arbor_Networks/atlas-q2-2015final)

Largest Attack Sizes Year on Year by Arbor

Top source of DDoS

DDoS in Thailand

Attacking with DDoS

Cybercrime-as-a-service

Zombie or Botnet

Tools

Cybercrime as a service

DDoS as a service

DDoS by Tool

DDoS by Tool (2)

Logstalgia Analysis

What can I do about it?Black-Holing

Firewall ACL

Intrusion Detection/Prevention Systems

Servers tuning

DDoS Mitigating Appliances + Scrubbing Centre

Buy more link

Web Application Attack

Web Application Attack

Hosting service Attack

When will you get hack?

Digital Ocean Incident

Try to attack the VPS after 10 minutes

Got root in 2 days

Use the host to be the botnet in 1 days after got root.

Brute forcing Log

Got root Log

Using VPS to be a DDoS Tool

Damage of website got hack

Defame the company [Defacement]

Stealing information

Stealing internal information

Use as DDoS Tool

Spread the malware

Web Application Defending

Secure Coding

Web Application Firewall

Penetration Testing

Conclusion

More awareness, more security

Don’t have anything secure 100%, we just want to closely 100%

Always think like an attacker perspective.

Risk Management

Question and answer time.