security is an illusion
TRANSCRIPT
Security is an IllusionJandBeyond 2015
Jessica Dunbar
About Me
What is social engineering?
01
01. What is Social Engineering?
Security is an Illusion Jessica Dunbar
Social engineering, in the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in that it is often one of many steps in a more complex fraud scheme. http://en.wikipedia.org/wikiSocial_engineering_(security).
01. What is Social Engineering?
Security is an Illusion Jessica Dunbar
pic of my kids.
methods
Security is an Illusion Jessica Dunbar
main methods of SE
Methods
Security is an Illusion Jessica Dunbar
Impersonation
Methods
Security is an Illusion Jessica Dunbar
Posing as an important user
Methods
Security is an Illusion Jessica Dunbar
Being a third party
Methods
Security is an Illusion Jessica Dunbar
Tech Support
Methods
Security is an Illusion Jessica Dunbar
Shoulder surfing
Methods
Security is an Illusion Jessica Dunbar
Dumpster Diving
Methods
Security is an Illusion Jessica Dunbar
Phishing
01. What is Social Engineering?
Security is an Illusion Jessica Dunbar
01. What is Social Engineering?
Security is an Illusion Jessica Dunbar
02What Can You Do?
02. Prevention
Helpful
Security is an Illusion Jessica Dunbar
02. Prevention
The only way you are safe from web is if your computer is unplugged
Security is an Illusion Jessica Dunbar
02. Prevention
Security is an Illusion Jessica Dunbar
02. Prevention
important things:
Education Penetration testing And common sense
Security is an Illusion Jessica Dunbar
02. Education
Security is an Illusion Jessica Dunbar
02. Education
Security is an Illusion Jessica Dunbar
02. Education
Security is an Illusion Jessica Dunbar
What to do if an attack occurs What to do when they click, answer the phone, let someone in. Why communicate the risk.
02. Education
Security is an Illusion Jessica Dunbar
Penetration Tests (pentest)
Story Time
Story Time
Security is an Illusion Jessica Dunbar
Room Number
Story Time
Security is an Illusion Jessica Dunbar
Story Time
Security is an Illusion Jessica Dunbar
Pentest
Story Time
Security is an Illusion Jessica Dunbar
Information Gathering
Story Time
Security is an Illusion Jessica Dunbar
Maltego
Story Time
Security is an Illusion Jessica Dunbar
Profiling
Story Time
Security is an Illusion Jessica Dunbar
Here’s what I found
Story Time
Security is an Illusion Jessica Dunbar
Finding A Way In
Story Time
Security is an Illusion Jessica Dunbar
Sally Sue Born July 24, 1988 Enjoys playing in the rain drinking coffee Works at Subway and as a office Assistant for WordPress Apartments
Story Time
Security is an Illusion Jessica Dunbar
Austin Allen Born April 21, 1979 Likes Star Wars and The Muppet Movie is a superintendent for wordpress Apartments
Security is an Illusion Jessica Dunbar
Janice marks March 30, 1986 Likes kayaking, exploring, and getting lost Works as a Technology Support Specialist for Matt mullenuage properties!
Security is an Illusion Jessica Dunbar
More info on sally
02. Education
Security is an Illusion Jessica Dunbar
The Research
02. Education
Security is an Illusion Jessica Dunbar
Goals: Phone Test physical access access secure areas
02. Education
Security is an Illusion Jessica Dunbar
Trust
02. Education
Security is an Illusion Jessica Dunbar
Trust
02. Education
Security is an Illusion Jessica Dunbar
The Hack
Summary
02. Education
Security is an Illusion Jessica Dunbar
Build Trust
02. Education
Security is an Illusion Jessica Dunbar
Build a credible story
02. Education
Security is an Illusion Jessica Dunbar
developing policies:
Conclusion• Be educated • Get regular check ups • Think
THANK YOU!