Upgrade to Pro — share decks privately, control downloads, hide ads and more …

LinkedIn Data Breach 2012 Case Study

Cecy C.
November 30, 2021
Technology
0
4.8k

LinkedIn Data Breach 2012 Case Study

Case Study presented for Beyond the Code: Cybersecurity in Context, UC Berkeley, MICS Fall 2021

Cecy C.

November 30, 2021
Tweet

More Decks by Cecy C.

See All by Cecy C.
Surviving Code Reviews & Tech Interviews
cecyc
0
82
Vulnerability True: Surviving Brutal Code Reviews and Tech Interviews
cecyc
0
140
The Joy of CSS: RailsConf 2019
cecyc
0
160
RubyConf 2018 Psychology of Fake News
cecyc
0
79
A Retro of Retros: How Sprint Retrospectives Can Be Both Fun and Productive
cecyc
0
140
MONKTOBERFEST 2018: Psychology of Fake News
cecyc
0
65
From Monolith to Microservice: Building APIs with gRPC & golang
cecyc
3
1.7k
Building APIs with GRPC, PHP, and Golang
cecyc
1
510
The Psychology of Fake News (And What Tech Can Do About It)
cecyc
1
57

Other Decks in Technology

See All in Technology
なぜCodeceptJSを選んだか
goataka
0
190
小学3年生夏休みの自由研究「夏休みに Copilot で遊んでみた」
taichinakamura
0
190
AWS re:Invent 2024 recap
hkoketsu
0
560
Oracle Cloudの生成AIサービスって実際どこまで使えるの? エンジニア目線で試してみた
minorun365
PRO
4
320
スケールし続ける事業とサービスを支える組織とアーキテクチャの生き残り戦略 / The survival strategy for Money Forward’s engineering.
moneyforward
0
140
株式会社ログラス − エンジニア向け会社説明資料 / Loglass Comapany Deck for Engineer
loglass2019
3
32k
マイクロサービスにおける容易なトランザクション管理に向けて
scalar
0
200
終了の危機にあった15年続くWebサービスを全力で存続させる - phpcon2024
yositosi
28
24k
20241218_マルチアカウント環境におけるIAM_Access_Analyzerによる権限管理.pdf
nrinetcom
PRO
3
130
20240513 - 框裡框外_文學院學生如何在AI世代安身立命 @ 淡江大學
dpys
0
400
事業貢献を考えるための技術改善の目標設計と改善実績 / Targeted design of technical improvements to consider business contribution and improvement performance
oomatomo
0
180
ネットワーク可視化の世界
likr
7
5.3k

Featured

See All Featured
Side Projects
sachag
452
42k
Writing Fast Ruby
sferik
628
61k
Building Better People: How to give real-time feedback that sticks.
wjessup
366
19k
Thoughts on Productivity
jonyablonski
68
4.4k
Put a Button on it: Removing Barriers to Going Fast.
kastner
59
3.6k
Making Projects Easy
brettharned
116
6k
StorybookのUI Testing Handbookを読んだ
zakiyama
28
5.4k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
507
140k
Why You Should Never Use an ORM
jnunemaker
PRO
54
9.1k
We Have a Design System, Now What?
morganepeng
51
7.3k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
28
2.1k
Bash Introduction
62gerente
609
210k

Transcript

  1. Cecy Correa // UC Berkeley MICS 2021 LINKEDIN 2012 DATA

    BREACH CASE STUDY

  2. 1. The Hack How it happened Tracing & attribution 2.

    Impact LinkedIn class action suit United States v. Nikulin 3. Current day Agenda

  3. Using LinkedIn to Hack LinkedIn A little social engineering

  4. 4

  5. 5 (dramatic re-enactment of hacking into a server)

  6. 3 months later... Hack is uncovered on a message forum

  7. 7

  8. Food for Thought A look back at Conficker

  9. Hackers always leave a trace Tracing & Attribution

  10. None

  11. Assessing impact Legal repercussions

  12. 6.5 million accounts

  13. 100+ million accounts

  14. LinkedIn Class Action Lawsuit Lawsuit cites LinkedIn’s inability to: •

    Use strong encryption • Salt their passwords LinkedIn settles for over 1 million USD

  15. 1. Secure configuration of hardware and software 2. Controlled use

    of admin privileges Mitigation & CIS Controls

  16. 1. Secure configuration of hardware and software 2. Controlled use

    of admin privileges Mitigation & CIS Controls

  17. 17

  18. Food for Thought What do you think of the verdict?

  19. Current day Where are they now?

  20. 20

  21. 21

  22. 22

  23. Food for Thought Hack or no hack?

  24. Read more at: cecy.dev Thank you!