Streamlining Python Development: A Guide to a Modern Project Setup
VCU INFO 644 Critical Thinking 1
1. INFO 644
Enterprise Cyber Security Critical Thinking #1
Tyler Brunet
VCU Department of Information Systems
2. What Will Be Covered
Why security breaches happen
How attacks happen
What a social engineering attack is and how they happen
An example of reverse social engineering
How to protect from different breaches
3. Why Breaches Happen
Individuals looking to „steal‟ corporate or private information
Sell information to other companies
Use the information to find out what industries are doing/working on
Counterintelligence measures
Gain a competitive advantage by duplicating a product and getting it to market
before the initial company does
Individuals hack for the fun of it
4. How Breaches Happen
Most classic example will be illustrated later in presentation
Someone giving out personal identifiers to the wrong person
Phishing by means of fake emails and spoofed websites
Reverse Social Engineering
5. How Social Engineering Attacks Happen
Social engineering attacks
The gaining of information from legitimate users for illegitimate access
Dumpster diving – look for any information that can be used such as names, project
leaders, meeting notes, etc.
Pose as employees in order to get support from the Help Desk
6. Social Engineering Attack Techniques
Physical attacks
Require the social engineer to be at the company‟s location.
Sorting through trash – most common form
Consultant
Network Engineer
Repair Technician
Psychological attacks
Work to create an environment that will enable them to most easily acquire the
necessary information
Impersonation
Conformity
Being friendly
Reverse social engineering
7. Reverse Social Engineering Example
Attacker first learns about the organization as much as possible
They then cause problem for a particular individual (HR, Manager etc.)
Come in to fix the problem
Give contact information to the targeted individual
Week or so later causes same problem
The targeted individual contacts the “attacker” who fixed it the first time
and asks if they could fix it again
“Attacker” says cannot get to the location today, but can do it now if the
individual gives them a login username and password
Individual complies and not the attacker has a legitimate login that they can
get to anything that the individual may have access to
8. Technical and Social Vulnerabilities
Technical
Lack of security measures on servers
Ports left open that should not be
Weak password policies
Redundancy in username and password use
Social
Weak means of who is in charge of what
Trust in outsiders that could be possible hackers
Passwords are written down and dishonest employees may take note of them
9. Preventing Security Breaches
Develop policies that have social implications (4G methods)
Develop policies that incorporate all methods (1G, 2G, 3G, and 4G)
1G – Checklist approach
2G – Flow of data Ex: Firewalls
3G – Interconnected devices
4G – Social implications
Conduct random audits
Social penetration tests
Review of log files of webservers and other IT devices
Training of employees on monthly, semi-yearly etc. on security policies and procedure
10. Questions to Think About
What ways do business‟s control their information?
Are there written security measures?
Are these measures updated routinely?
Are these practices conducted on a day-to-day level?