インシデントレスポンス演習 II / Incident Response Exercise II

Transcript

1. Hardening for cyber security — generated by Stable Diffusion XL

   v1.0 2024 11-12 II (WBS) 2024 11-12 II — 2024-07-15 – p.1/33

2. https://speakerdeck.com/ks91/collections/cyber-security-2024-summer 2024 11-12 II — 2024-07-15 – p.2/33

3. ( ) 1 6 10 (1) • 2 6 10

   (2) • 3 6 17 • 4 6 17 • 5 6 24 I ( ) • 6 6 24 I ( ) • 7 7 1 • 8 7 1 • 9 7 8 • 10 7 8 • 11 7 15 II ( ) • 12 7 15 II ( ) • 13 7 22 14 7 22 W-IOI / ( ) 2024 11-12 II — 2024-07-15 – p.3/33

4. ( 20 ) 1 • 2 • 3 • 4

   (TCP/IP ) • 5 • 6 • 7 • 8 • 9 • 10 World Wide Web • 11 Web API • 12 • 13 git GitHub • 14 • SSH • (6/24 ) / (2 ) OK / 2024 11-12 II — 2024-07-15 – p.4/33

5. ( ) + + 2024 11-12 II — 2024-07-15 –

   p.5/33

6. II 10 2024 11-12 II — 2024-07-15 – p.6/33

7. 2024 11-12 II — 2024-07-15 – p.7/33

8. 5. (1) ( ) (2) I OvenAI CEO 2024 7

   11 ( ) 23:59 JST Waseda Moodle (Q & A ) 2024 11-12 II — 2024-07-15 – p.8/33

9. . . . . . . 12 9 (7/14( )

   ) ( ) 2024 11-12 II — 2024-07-15 – p.9/33

10. I CEO CEO CEO ⇒ NPC CEO 2024 11-12 II

    — 2024-07-15 – p.10/33

11. W M ⇒ 2024 11-12 II — 2024-07-15 – p.11/33

12. N ⇒ 2024 11-12 II — 2024-07-15 – p.12/33

13. A ( ) ( ) ( ) ( ) (

    ) AI ⇒ 2024 11-12 II — 2024-07-15 – p.13/33

14. T ⇒ 2024 11-12 II — 2024-07-15 – p.14/33

15. M OvenAI ⇒ 2024 11-12 II — 2024-07-15 – p.15/33

16. Y CSIRT ⇒ 2024 11-12 II — 2024-07-15 – p.16/33

17. W E2E ⇒ E2E (End-to-End) (end) (end) 2024 11-12 II

    — 2024-07-15 – p.17/33

18. A ⇒ 2024 11-12 II — 2024-07-15 – p.18/33

19. L ⇒ 2024 11-12 II — 2024-07-15 – p.19/33

20. II 15 2024 11-12 II — 2024-07-15 – p.20/33

21. 4 Discord ( ) ( ) AI AI AI 2024

    10 14 ( ) ( ) ( ) 112 ^^; 21:55 21:45 10 21:45 2024 11-12 II — 2024-07-15 – p.21/33

22. 112 (1/2) OvenAI CEO ( COO ) ^^; AI 2024

    11-12 II — 2024-07-15 – p.22/33

23. 112 (2/2) OvenAI 5. . . . CSIRT (?) AI

    (← ) 2024 11-12 II — 2024-07-15 – p.23/33

24. A B B A B B 5 2024 11-12 II

    — 2024-07-15 – p.24/33

25. AI (NPC : Non Player Character) @ / OvenAI @ceo

    : CEO ( ) : @cto : CTO ( ) : @eng : : ( ), ( ), ( , ) @cr : : @pr : OvenAI : @br : ( ) : @personnel : : @sns : W : @tv : TV : @police : ( ) : @caa : : 2024 11-12 II — 2024-07-15 – p.25/33

26. (cto) (eng) – (1/n) APT (Advanced Persistent Threat; ) :

    APT33 ( ), APT29 ( ), APT38 ( ), etc. AWS (Amazon Web Services; ) Amazon.com 2024 11-12 II — 2024-07-15 – p.26/33

27. → 2024 11-12 II — 2024-07-15 – p.27/33

28. 10 5 ( ) ( ) CSIRT (Computer Security Incident

    Response Team) 1 CISO ( ) ← : 1 ( ) 1 ( Discord ) ( ^^;) ( ) CSIRT Zoom OvenAI CTO CSIRT CEO “ ” 2024 11-12 II — 2024-07-15 – p.28/33

29. 10 21:45 21:55 2024 11-12 II — 2024-07-15 – p.29/33

30. 2024 11-12 II — 2024-07-15 – p.30/33

31. 6. II (1) ( ) (2) 2024 7 18 (

    ) 23:59 JST Waseda Moodle (Q & A ) 2024 11-12 II — 2024-07-15 – p.31/33

32. (1 ) 2024 11-12 II — 2024-07-15 – p.32/33

33. 2024 11-12 II — 2024-07-15 – p.33/33