Upgrade to Pro — share decks privately, control downloads, hide ads and more …

No Phishing Beyond This Point

No Phishing Beyond This Point

drifter666

April 27, 2017
Tweet

More Decks by drifter666

Other Decks in Technology

Transcript

  1. About Me • Information Technology System Specialist for Nova Scotia’s

    public education sector • 2009 Cape Breton University graduate - Bachelor of Technology Information in Network Management • OSCP, OSWP, Security+, OCSA, MCTS, Network+, Server+, A+ • Co-Host of the East Coast InfoSec Podcast (along with co-host Darryl MacLeod – AtlSecCon Board Member)
  2. The Five Stages of Data Loss Grief R.I.P. 1TB DRIVE

    (2012-2016) ALSO, SORRY FOR POTATO QUALITY PICS…
  3. Phishing DEFINITION • A scam by which an e-mail user

    is duped into revealing personal or confidential information which the scammer can use illicitly source: https://www.merriam-webster.com/dictionary/phishing
  4. Phishing DEFINITION • A scam by which an e-mail user

    is duped into revealing personal or confidential information which the scammer can use illicitly source: https://www.merriam-webster.com/dictionary/phishing • A scam by which an e-mail, SMS, or phone user is duped into revealing personal or confidential information which the scammer can use illicitly
  5. Phishing Stats “…HOW ARE THEY ARMED?… IT IS OFTEN WITH

    PHISHING…” -2016 VERIZON DBRI REPORT
  6. Phishing Stats WHAT DOES THIS ALL MEAN? • “What we

    have here is a failure to communicate. Apparently, the communication between the criminal and the victim is much more effective than the communication between employees and security staff.” – 2016 Verizon DBRI Report
  7. How to Fight Phishing • Define Security Priorities • Phishing

    Awareness Training • Hardware (Firewalls, Mail Gateways, etc.) • Software (AntiVirus, AntiMalware, etc.)
  8. Security Priorities (From Google’s Security Blog) SECURITY NON-EXPERTS 1) Use

    Antivirus 2) Use Strong Passwords 3) Change Passwords Frequently 4) Only Visit Websites They Know 5) Don’t Share Personal Information SECURITY EXPERTS 1) Install Software Updates 2) Use Unique Passwords 3) Use Two-Factor Authentication 4) Use Strong Passwords 5) Use a Password Manager https://security.googleblog.com/2015/07/new-research-comparing-how-security.html
  9. Phishing Awareness Training • Train staff on what to look

    for in emails • Do not open email attachments from unknown senders • Look for grammar and spelling errors • Check link destinations • Aggressive email content …but does it really work?
  10. Phishing Awareness Training • End users need to buy into

    it • Spear phishing is much harder to detect, if done correctly DOES IT WORK?
  11. Hardware • Next-Generation Firewalls • Block unrated sites • Block

    known malicious sites • Etc. • Mail Gateways • Scan emails for malicious attachments • Block known malicious domains • Etc. …but do they really work?
  12. Hardware • Rules and filters can be easily bypassed •

    Known good sites can send malicious content via ads DO THEY WORK?
  13. Software • Anti-Malware/Anti-Rootkit/Anti-*insert cyber awesomeness word here* • Blocks known

    malicious code • Can prevent ransomware from encrypting files • Etc. • Ensure software is up to date • Prevents known exploits from triggering • DOUBLEPULSAR… *mic drop* • Etc. …but does it really work?
  14. Users & Hardware & Software • Need to work in

    harmony with each other • Need to get along with each other • Need to… you get the point… DOES IT WORK? NEEDS TO WORK
  15. How to Troll the Phishers • A honeytoken is data

    or a computing resource that exists for the purpose of alerting you when someone accesses it. HONEYTOKENS (THANKS JSAVOIE FOR THIS TIP) Source: https://zeltser.com/honeytokens-canarytokens-setup/
  16. How to Troll the Phishers • Ted Talk: This is

    what happens when you reply to spam email JAMES VEITCH (COMEDIAN AND WRITER)