Video and slides synchronized, mp3 and slide download available at URL http://bit.ly/1FtqWLb. Alex Holden examines hackers’ techniques, skills, and shortfalls. He takes a snapshot of the current threat landscape and derives practical lessons by analyzing a number of high profile breaches. Filmed at qconnewyork.com. Alex Holden is the founder and CISO of Hold Security, LLC. He leads Hold Security in helping all size businesses, including global Fortune 500 companies, with their data security needs. Considered one of the leading security experts, he regularly voices his expert opinion in the mainstream media including CNN, NY Times, and Reuters.

1. Copyright 2015
Alex Holden, CISSP
Chief Information Security Officer

2. InfoQ.com: News & Community Site
• 750,000 unique visitors/month
• Published in 4 languages (English, Chinese, Japanese and Brazilian
Portuguese)
• Post content from our QCon conferences
• News 15-20 / week
• Articles 3-4 / week
• Presentations (videos) 12-15 / week
• Interviews 2-3 / week
• Books 1 / month
Watch the video with slide
synchronization on InfoQ.com!
http://www.infoq.com/presentations
/hackers-threat-defense

3. Presented at QCon New York
www.qconnewyork.com
Purpose of QCon
- to empower software development by facilitating the spread of
knowledge and innovation
Strategy
- practitioner-driven conference designed for YOU: influencers of
change and innovation in your teams
- speakers and topics driving the evolution and innovation
- connecting and catalyzing the influencers and innovators
Highlights
- attended by more than 12,000 delegates since 2007
- held in 9 cities worldwide

4. INFORMATION SECURITY – EVOLVING TARGET
• Rapid evolution of technology creates ample
opportunity for cybercrime to thrive.
• Technology infiltrated our culture faster than
education about safety.

5. LINE OF DEFENSE - TECHNOLOGY
• Firewalls
• Anti-virus
• Encryption
• Monitoring
• Authentication

6. LINE OF DEFENSE - PEOPLE
• C-suite
• Legal
• Information Technology
• Business Units
• Privacy & Audit

7. LINE OF DEFENSE - COMPLIANCE
• Laws
• Regulations
• Rules
• Policies

8. HACKERS – THE OTHER SIDE
• State or Corporate Sponsored
• Hacktivists – Driven by Political or Social Agendas
• Profit Seekers
• Revenge
• Employees

9. WHO IS THE MODERN HACKER?

10. MODERN HACKER
• Не говорит по-английски
• Semi-educated
• Lazy
• Money-hungry
• Addicted to drugs, alcohol, gambling

11. MODERN HACKER
• 99% of hackers fail in their carriers
• On a run from the law
• On a run from competition
• On a run from street gangs

12. HACKERS VIEW OF US
• War of stereotypes
“I’m fighting a holy war against the West… They drive
their Rolls Royces and go home to their million-dollar
houses, while people here are struggling. I will never
harm my fellow Slavs; but America, Europe, and
Australia deserve it.”
- aqua (jabberzeus)

13. LEARNING FROM EXPERIENCE
• Target Breach 2013
• CyberVor Breach 2013-2014
• Sony Pictures Breach 2014
• Anthem Breach 2014-2015

14. TARGET BREACH
• Hackers learned from their bad experience with BlackPOS with
Verifone POS attempted breach in Russia (Feb-Mar 2013)
• Breach planned for several months
• Botnet breach of a vendor
• A week before the Black Friday – extensive testing
• Two weeks of data collection before putting the data up for sale

15. TARGET BREACH
• Kartoxa POS Malware author - Rinat Shabaev was
looking for a regular job programming, asking for
about $12 / hour
• After failing to find any significant project he turns
to hacker community who use his skills write
malware

16. THE CYBERVOR BREACH
• Spam
• Credentials
• Distribution
• 1.2 billion credential breach from 420,000 websites (CyberVor)
• Credential attack for hire
• Spam via email and social media
• Travel Scams
• Financial Services
• Moderate profits

17. DEFENSE 101
• Understand your enemy
• Emerging patterns
• Hackers types
• Hackers business models

18. Common vectors
Viruses
0-day vulnerabilities
Heartbleed
Shellshock
SQL injection
Stolen/re-used credentials
DEFENSE 101 (CONT’D)

19. ADVISE - QUANTITATIVE ANALYSIS
• Sony breach lessons
• How much of your data is transferred?
• What is normal? What is not?
• Learn to look at statistics
17

20. ADVICE - HONEYPOTS
Honeypots are not only systems
•Components
•Credentials
•Features
18

21. DEFENSE 101 (CONT’D)
• Regulatory Security
• Why is it important
• Real-World Security
• Why it is essential

22. REGULATORY SECURITY

23. REAL WORLD SECURITY
?b=0 or 1=1--?b=0 or 1=2--?b=0 or 1=a--

24. BREACHES
• You have been breached already
• Look for your data
•Surface Web
•Deep Web
•Dark Web

25. SECURITY - MATURITY MODEL

26. HOLD SECURITY, LLC
Copyright 2015
THANK YOU
A L E X H O L D E N – A H O L D E N @ H O L D S E C U R I T Y . C O M

27. Watch the video with slide synchronization on
InfoQ.com!
http://www.infoq.com/presentations/hackers-
threat-defense