(isc)2 2016: why targeting is the next big trend in attacks

Why Targeting Is the Next Big Trend in Attacks

Lance CottrellChief Scientist

Ntrepid Corporation

2

If you got an e-card from your mother on your birthday, with your childhood picture

4

would you open it?

The Fraction of Companies Which Said:

“Targeting is a concern or inevitable”

Most Companies are TargetsQuocira Study

Targeting Big Fish

The Email Threat

» Two Realities:• Masterfully crafted spear

phish will catch almost everyone

• People need to click to work

The Browser is the Biggest ThreatThe Browser is the Biggest Threat

Targeted Attacks

Spear Phishing

Un-targeted Attacks

Targeted

Made you click!

Social Engineering

Not just a Watering Hole

Snipers at the Watering Hole

Do you read news online?

Do you feel at risk?

Waterbug / Turla

Dark Hotel

Stay Below the Radar

Conserves Zero-day Exploits

More Damaging

DNC Emails

Stuxnet

Am I a Target?

» Obvious high profile individuals» Access to valuable data» Access to exploitable data» Access to money» Access to networks» Access to people» Obviously weak defenses

Can We Avoid Targeting?

Email is Really Hard

» No organizational domain» No correspondence with org» Work in full alias

On the Web, Maybe

» Delete cookies» Hide IP address» Scrub persistent trackers» Mask browser fingerprint» Disposable VM with VPN

What does targeting mean for our

defensive strategy?

“Bummer of a birthmark, Hal.”

You can’t train your way out of this

You can’t train your way out of this

You can fool some of the people all of the time

ANDYou can fool all of the people

some of the time

Detection works worst when you

need it most

We need next generation security

Damage Reduction

Isolation

Leverage Virtualization

» Enables isolation» Easy remediation and restoration» Keep them small

Recover…whether or not you detect anything

Keep your boxas empty as possible

Remember

To Do…

Lance CottrellChief Scientist

lance.cottrell@ntrepidcorp.com@LanceCottrell