Upgrade to Pro — share decks privately, control downloads, hide ads and more …

LinkedIn Data Breach 2012 Case Study

Cecy C.
November 30, 2021
Technology
0
4.4k

LinkedIn Data Breach 2012 Case Study

Case Study presented for Beyond the Code: Cybersecurity in Context, UC Berkeley, MICS Fall 2021

Cecy C.

November 30, 2021
Tweet

More Decks by Cecy C.

See All by Cecy C.
Surviving Code Reviews & Tech Interviews
cecyc
0
76
Vulnerability True: Surviving Brutal Code Reviews and Tech Interviews
cecyc
0
130
The Joy of CSS: RailsConf 2019
cecyc
0
140
RubyConf 2018 Psychology of Fake News
cecyc
0
78
A Retro of Retros: How Sprint Retrospectives Can Be Both Fun and Productive
cecyc
0
110
MONKTOBERFEST 2018: Psychology of Fake News
cecyc
0
48
From Monolith to Microservice: Building APIs with gRPC & golang
cecyc
3
1.5k
Building APIs with GRPC, PHP, and Golang
cecyc
1
450
The Psychology of Fake News (And What Tech Can Do About It)
cecyc
1
47

Other Decks in Technology

See All in Technology
長期間TiDBを使ってきた話 @ 私たちはなぜNewSQLを使うのかTiDB選定5社が語る選定理由と活用LT / Experiences with TiDB Over Time
chibiegg
2
900
LangSmith入門―トレース/評価/プロンプト管理などを担うLLMアプリ開発プラットフォーム
os1ma
3
310
20240418_Google ColabにLLMが搭載されたようなのでPython x データ分析の勉強方法を考えてみる
doradora09
0
140
TechFeed Experts Night#27 〜 フロントエンドフレームワーク最前線 (Svelte)
baseballyama
1
530
Azure Container Apps + Bicep 〜 こんな感じで運用しています
kaz29
2
480
On Your Data を超えていく!
hirotomotaguchi
2
690
AOAI をきっかけに​ 社内の Azure 管理を見直した話​
recruitengineers
PRO
1
300
チームでロジカルシンキングに改めて向き合っている話 〜学習環境と実践⽅法〜
sansantech
PRO
3
2.6k
Building Dashboards as a Hobby
egmc
0
230
今年のRubyKaigiはProfiler Year🤘
osyoyu
0
170
VSCodeの拡張機能を作っている話
ebarakazuhiro
1
530
Cloud Native Java with Spring Boot (CNCF Aarhus, April 2024)
thomasvitale
1
170

Featured

See All Featured
The World Runs on Bad Software
bkeepers
PRO
61
6.7k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
659
120k
Git: the NoSQL Database
bkeepers
PRO
422
63k
Rails Girls Zürich Keynote
gr2m
91
13k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
155
14k
Faster Mobile Websites
deanohume
299
30k
StorybookのUI Testing Handbookを読んだ
zakiyama
13
4.6k
The MySQL Ecosystem @ GitHub 2015
samlambert
243
12k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
226
51k
A Tale of Four Properties
chriscoyier
151
22k
Facilitating Awesome Meetings
lara
42
5.6k
A Philosophy of Restraint
colly
197
16k

Transcript

  1. Cecy Correa // UC Berkeley MICS 2021 LINKEDIN 2012 DATA

    BREACH CASE STUDY

  2. 1. The Hack How it happened Tracing & attribution 2.

    Impact LinkedIn class action suit United States v. Nikulin 3. Current day Agenda

  3. Using LinkedIn to Hack LinkedIn A little social engineering

  4. 4

  5. 5 (dramatic re-enactment of hacking into a server)

  6. 3 months later... Hack is uncovered on a message forum

  7. 7

  8. Food for Thought A look back at Conficker

  9. Hackers always leave a trace Tracing & Attribution

  10. None

  11. Assessing impact Legal repercussions

  12. 6.5 million accounts

  13. 100+ million accounts

  14. LinkedIn Class Action Lawsuit Lawsuit cites LinkedIn’s inability to: •

    Use strong encryption • Salt their passwords LinkedIn settles for over 1 million USD

  15. 1. Secure configuration of hardware and software 2. Controlled use

    of admin privileges Mitigation & CIS Controls

  16. 1. Secure configuration of hardware and software 2. Controlled use

    of admin privileges Mitigation & CIS Controls

  17. 17

  18. Food for Thought What do you think of the verdict?

  19. Current day Where are they now?

  20. 20

  21. 21

  22. 22

  23. Food for Thought Hack or no hack?

  24. Read more at: cecy.dev Thank you!