Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
LinkedIn Data Breach 2012 Case Study
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
Cecy C.
November 30, 2021
Technology
0
5.1k
LinkedIn Data Breach 2012 Case Study
Case Study presented for Beyond the Code: Cybersecurity in Context, UC Berkeley, MICS Fall 2021
Cecy C.
November 30, 2021
Tweet
Share
More Decks by Cecy C.
See All by Cecy C.
Surviving Code Reviews & Tech Interviews
cecyc
0
100
Vulnerability True: Surviving Brutal Code Reviews and Tech Interviews
cecyc
0
160
The Joy of CSS: RailsConf 2019
cecyc
0
170
RubyConf 2018 Psychology of Fake News
cecyc
0
93
A Retro of Retros: How Sprint Retrospectives Can Be Both Fun and Productive
cecyc
0
170
MONKTOBERFEST 2018: Psychology of Fake News
cecyc
0
110
From Monolith to Microservice: Building APIs with gRPC & golang
cecyc
3
1.8k
Building APIs with GRPC, PHP, and Golang
cecyc
1
590
The Psychology of Fake News (And What Tech Can Do About It)
cecyc
1
65
Other Decks in Technology
See All in Technology
これまでのネットワーク運用を変えるかもしれないアプデをおさらい
hatahata021
4
270
Werner Vogelsが14年間 問い続けてきたこと
yusukeshimizu
2
140
プロダクトエンジニアこそ必要なPMスキル 〜デリバリー力を最大化し、価値を届け続けるために〜
layerx
PRO
0
120
AWSと暗号技術
nrinetcom
PRO
1
160
Vivre en Bitcoin : le tutoriel que votre banquier ne veut pas que vous voyiez
rlifchitz
0
360
Kusakabe_面白いダッシュボードの表現方法
ykka
0
380
Databricks Free Edition講座 データエンジニアリング編
taka_aki
0
2.8k
コミュニティが持つ「学びと成長の場」としての作用 / RSGT2026
ama_ch
2
480
アウトプットはいいぞ / output_iizo
uhooi
0
140
DEVCON 14 Report at AAMSX RU65: V9968, MSX0tab5, MSXDIY etc
mcd500
0
190
BPaaSオペレーション・kubell社内 n8n活用による効率化検証事例紹介
kubell_hr
0
230
習慣とAIと環境 — 技術探求を続ける3つの鍵
azukiazusa1
3
750
Featured
See All Featured
Become a Pro
speakerdeck
PRO
31
5.8k
Leveraging Curiosity to Care for An Aging Population
cassininazir
1
150
DBのスキルで生き残る技術 - AI時代におけるテーブル設計の勘所
soudai
PRO
61
49k
Odyssey Design
rkendrick25
PRO
0
470
Mind Mapping
helmedeiros
PRO
0
54
Testing 201, or: Great Expectations
jmmastey
46
7.9k
How to Align SEO within the Product Triangle To Get Buy-In & Support - #RIMC
aleyda
1
1.4k
Utilizing Notion as your number one productivity tool
mfonobong
2
200
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
194
17k
How GitHub (no longer) Works
holman
316
140k
Are puppies a ranking factor?
jonoalderson
1
2.6k
Optimising Largest Contentful Paint
csswizardry
37
3.6k
Transcript
Cecy Correa // UC Berkeley MICS 2021 LINKEDIN 2012 DATA
BREACH CASE STUDY
1. The Hack How it happened Tracing & attribution 2.
Impact LinkedIn class action suit United States v. Nikulin 3. Current day Agenda
Using LinkedIn to Hack LinkedIn A little social engineering
4
5 (dramatic re-enactment of hacking into a server)
3 months later... Hack is uncovered on a message forum
7
Food for Thought A look back at Conficker
Hackers always leave a trace Tracing & Attribution
None
Assessing impact Legal repercussions
6.5 million accounts
100+ million accounts
LinkedIn Class Action Lawsuit Lawsuit cites LinkedIn’s inability to: •
Use strong encryption • Salt their passwords LinkedIn settles for over 1 million USD
1. Secure configuration of hardware and software 2. Controlled use
of admin privileges Mitigation & CIS Controls
1. Secure configuration of hardware and software 2. Controlled use
of admin privileges Mitigation & CIS Controls
17
Food for Thought What do you think of the verdict?
Current day Where are they now?
20
21
22
Food for Thought Hack or no hack?
Read more at: cecy.dev Thank you!
cecyc
hatahata021
yusukeshimizu
layerx
nrinetcom
rlifchitz
ykka
taka_aki
ama_ch
uhooi
mcd500
kubell_hr
azukiazusa1
speakerdeck
cassininazir
soudai
rkendrick25
helmedeiros
jmmastey
aleyda
mfonobong
afnizarnur
holman
jonoalderson
csswizardry
