hacker update rick shaw – president,corpnet security, inc. mick johannes – cto, corpnet...
Post on 18-Dec-2015
217 Views
Preview:
TRANSCRIPT
Hacker Update
Rick Shaw – President,CorpNet Security, Inc.Mick Johannes – CTO, CorpNet Security, Inc.
Hacker Update - Topics
What are they after? Why should I be concerned? Where am I vulnerable? How will they do it? What can I do about it?
Hacker Update – What are they after?
Malicious Mischief – Deface your site. Make your services/resources unavailable.
Information Vandalism – Intentional destruction of data/availability. May occur with/without reasons/provocation.
Information Espionage – Theft or destruction of information for profit. Maybe motivated/associated with competitive corporate environments.
Why Should I Be Concerned?
The threat is real. Hackers/Crackers are well informed/equipped.
Maintain a competitive advantage.
Protect data/electronic corporate assets.
Protect customer data.
Protect reputation.
Where am I vulnerable?
Email ServersWeb ServersFTP ServersBackdoor ModemsMis-configured hardware/operating systemsOut of box configured hardware/operating systemsSoftware/Firmware without current revisions/patchesLack of knowledge/understanding of security issues
by employees
How will they do it?
Port ScanningPort Re-directionSpoofingDenial of Service AttacksOperating System VulnerabilitiesTrojan-Horse AttackPassword CrackingBack DoorsPacket Sniffing
What can I do about it?
Close your ports! (Design before you deploy)Patch your software/firmware!Implement strong password controls!Strong/current enterprise anti-virus controls!Enable and review your logs!Implement intrusion detection solutions!Have policies and escalation procedures!Educate your users!!!
Questions?
top related