Hacker Update

Rick Shaw – President,CorpNet Security, Inc.Mick Johannes – CTO, CorpNet Security, Inc.

Hacker Update - Topics

What are they after? Why should I be concerned? Where am I vulnerable? How will they do it? What can I do about it?

Hacker Update – What are they after?

Malicious Mischief – Deface your site. Make your services/resources unavailable.

Information Vandalism – Intentional destruction of data/availability. May occur with/without reasons/provocation.

Information Espionage – Theft or destruction of information for profit. Maybe motivated/associated with competitive corporate environments.

Why Should I Be Concerned?

The threat is real. Hackers/Crackers are well informed/equipped.

Maintain a competitive advantage.

Protect data/electronic corporate assets.

Protect customer data.

Protect reputation.

Where am I vulnerable?

Email ServersWeb ServersFTP ServersBackdoor ModemsMis-configured hardware/operating systemsOut of box configured hardware/operating systemsSoftware/Firmware without current revisions/patchesLack of knowledge/understanding of security issues

by employees

How will they do it?

Port ScanningPort Re-directionSpoofingDenial of Service AttacksOperating System VulnerabilitiesTrojan-Horse AttackPassword CrackingBack DoorsPacket Sniffing

What can I do about it?

Close your ports! (Design before you deploy)Patch your software/firmware!Implement strong password controls!Strong/current enterprise anti-virus controls!Enable and review your logs!Implement intrusion detection solutions!Have policies and escalation procedures!Educate your users!!!

Questions?