SlideShare uma empresa Scribd logo

Email is top cyber threat

Transferir como PPTX, PDF
Jisc
Jisc

Presentation at Networkshop46. Phishing simulation exercises, by Michael Jenkins, Brunel University. Rogue wifi - by Danny Moules, professional security services: security assessment specialist, Jisc Implementing cyber essentials - Ged Nicholson, Hartlepool College of FE

Tecnologia
1 de 48
Security human Chair: John Chapman, Head of security operations centre, Jisc
Phishing simulation exercises Michael Jenkins, Brunel University
EMAIL IS THE No 1 THREAT VECTOR 225B e mails per day 90% THREATS START BY E MAIL 99% OF HACKERS RELY ON USERS TO RUN MALICIOUS CODE IMPACTS: MALWARE INFECTION / COMPROMISED ACCOUNTS / LOSS OF DATA Threats using social engineering
Human Click Enabled v Technical Threats
Human Click Rates
Levels of authenticity
Executive Assistants Head of Legal Affairs HR Director COO CFO Finance Staff IT Staff Threats by Individuals
Spoofing E mail addresses The tools necessary to spoof email addresses are surprisingly easy to get. All you need is a working SMTP server (aka, a server that can send email), and the right mailing software.
Which tools are used to train users?
Who measures an organisations susceptibility? 2015 2016 2017 63% 66% 75% Average click rates: Healthcare 15% Public Sector 14% HEI’s ? All 11%
People are targets must let them know they are targets must let them know criminal TTP’s people make defence work
Video of the threat…….. Tactics, Techniques, and Procedures…..(TTP’s) Youtube Video: An Anatomy of an Attack WE ARE A TARGET
Cyber Attacks – The Adversary Not Just Security – It’s Defence
TransNational Crime
The Kill Chain
Staff Phish
Student Phish
Phish Last Week Staff Students 9% 10%
Any questions?
Rogue WiFi Danny Moules, Professional security services: security assessment specialist, Jisc
>WEP -> WPA (Personal+Enterprise) -> WPA2 -> WPA3 >Public WiFi -> Passworded WiFi (Open Wireless Movement) >WPS (WiFi “Protected” Setup) >Ninety quadrillion* accredited Enterprise protocols: >EAP-TLS >EAP-TTLS/MSCHAPv2 >PEAPv0/EAP-MSCHAPv2 >PEAPv1/EAP-GTC >PEAPv2/EAP-GCM The state of the art
> Well-established attack tools > airbase-ng (2004+) > WiFi Pineapple® (2008+) > Fluxion, etc, etc > Mistaken identity > Streamlined WiFi workflows hide underlying network ‘complexity’ from user – Unable to detect or respond Wireless Access Point Spoofing (Rogue WiFi)
> Basic case: WPA2 PSK cracking or stolen via other channels (e.g. guest client compromise) > Mitigated by WPA2 Enterprise – but only if server certificate verification is enforced. Hard & rare. > WPA2 Enterprise only permits detection of direct spoofs by a technical user – doesn’t prevent homograph attacks > User already connected to the real network? Can’t break the key? Certificate verification set up? Denial of Service. > De-authentication > Jamming Wireless Access Point Spoofing
> Active Directory clients spew credentials over HTTP, SMB, LDAP etc to anyone who asks nicely enough > Spoofed relays can replay credentWials > Spoofed services can crack passwords of most AD networks (upgrade!) > Phishing. Capture portals especially vulnerable – insecure by design > Network pass-through. Attacker can be connected to spoofed network, providing realistic experience but introducing insecurities at leisure What are the risks?
> Easy for attacker. Tools are easy to use, documented, and can be performed with nothing but a laptop or cheap stand-alone hardware > Problems of phishing compounded by trust in network, Capture Portals, and promiscuous use of MITM attacks as industry-standard practice > Laptops are crammed full of credentials and can be induced to give them up in myriad different ways, outside of the protections of their normal business network What are the risks? Attack Properties
> Not vulnerable to de-auth (in theory) – Hurrah! > Jamming unaddressed > Dragonfly protocol – secure key negotiation > Enables public wifi without password > No/limited security proof? > Solves unencrypted data problem but doesn’t appear to add a new authentication element. Easier to spoof than PSK? Watch this space™ > Enables NFC-based setup – security properties unknown. WPS all over again? The Next Generation - WPA3
> Detection is very hard to achieve – de-auth fix is helpful but not silver bullet > Incident response is very hard – CERT/SIRT not much help here > Credentials can be stolen or abused even outside your own network – tighten your Group Policies! > APTs targeting research can incorporate WiFi phishing in to all sorts of complex social engineering scenarios with less fear than other, better monitored, approaches Residual Risks
> Not enough risk for ya? > Swap WiFi hotspots for phone base stations and n^2 your threat model! > Heard of Stingray? It’s not just for law enforcers! > Not as mature as WiFi spoofing but maturing very rapidly and nearing off-the-shelf use > Current options for defenders? 1. Be paranoid & ahead of the curve 2. Adopt religion and pray Not just WiFi Different, but the same
Except where otherwise noted, this work is licensed under CC-BY-NC-ND. Danny Moules Security assessment specialist danny.moules@jisc.ac.uk I have been… One Castlepark, Tower Hill, Bristol, BS2 0JA T 07867 552072 customerservices@jisc.ac.uk jisc.ac.uk
Any questions? Further reading: • YouTube: DEFCON 23 - Sniffin WiFi Sippin Pineapple Juice
Implementing cyber essentials Ged Nicholson, Hartlepool College of FE
The Cyber Essentials scheme has been developed by the UK Government and industry to fulfil two functions It provides a clear statement of the basic controls all organisations should implement to mitigate the risk from common internet based threats, within the context of the Government’s 10 Steps to Cyber Security And through the Assurance Framework it offers a mechanism for organisations to demonstrate to customers, investors, insurers and others that they have taken these essential precautions What is Cyber Essentials
Five Key Controls Boundary firewalls & internet Gateways Secure configuration Access control & administration privilege management Patch Management Malware Protection
> Self assessment questionnaire verified by certification body Which option > Verification carried out independently by a certification body
cyberessentials.ncsc.gov.uk/ Where to go for help
cyberessentials.ncsc.gov.uk/ Where to go for help
Accreditation Bodies Direct - Portal CE £300 CE+ ? 40 Questions 48 Suppliers CE £300 + CE+ £1250 + 34 Questions Vulnerability Scan Included 20 Companies CE £250 + CE+ £500 + 35 Questions 4 Companies ? ? ? ? Direct + 143 Suppliers CE £300 or £400 CE+ Varies 62 or 171 Questions Bundle with IASME governance & GDPR assessments cyberessentials.ncsc.gov.uk/getting-certified/
> Decide CE or CE+ > Select Certification Body through one of the Accreditation Body > Verify that your IT is Secure > Write business scope > Fill out Questionnaire > Option – Arrange Vulnerability scan/Visit > Buy picture frame and await for Certificate > Renew after one year Steps to Certification
> Make sure you have the 5 key controls covered > Review the questions before you start the process > Take your time to selecting a accreditation and Certification bodies > Select which option is best for your needs CE or CE+ > Getting the Scope correct is vital especially for CE+ > Be prepared to justify your answers and results Our Experience
Limitations Not designed for Education Scheme not consistent CE relies on the company honesty Is only a snapshot in time Can be expense for CE+
Is it worth the Time and Cost? Good starting point for Cyber Security Simple, straightforward and cost affective certification process Keeps management, auditors and insurers happy
Except where otherwise noted, this work is licensed under CC-BY-NC-ND. Gerald Nicholson IT manager gerald.nicholson@hartlepoolfe.ac.uk I have been… Hartlepool College of Further Education, Stockton Street, Hartlepool, TS24 7NT T 01429 404181 enquires@hartlepoolfe.ac.uk www.hartlepoolfe.ac.uk
Any questions? / Thank you

Recomendados

Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness TrainingJen Ruhman
 
Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics Mohammed Adam
 
Zlatibor asseco-fire eye
Zlatibor asseco-fire eyeZlatibor asseco-fire eye
Zlatibor asseco-fire eyeDejan Jeremic
 
Cyber Security - IDS/IPS is not enough
Cyber Security - IDS/IPS is not enoughCyber Security - IDS/IPS is not enough
Cyber Security - IDS/IPS is not enoughSavvius, Inc
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber securitySumanPramanik7
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing BasicsRick Wanner
 
No More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe
No More SIlos: Connected Security - Mike Desai and Ryan RowcliffeNo More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe
No More SIlos: Connected Security - Mike Desai and Ryan RowcliffeCore Security
 
DTS Solution - Penetration Testing Services v1.0
DTS Solution - Penetration Testing Services v1.0DTS Solution - Penetration Testing Services v1.0
DTS Solution - Penetration Testing Services v1.0Shah Sheikh
 

Recomendados

Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness TrainingJen Ruhman
 
Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics Mohammed Adam
 
Zlatibor asseco-fire eye
Zlatibor asseco-fire eyeZlatibor asseco-fire eye
Zlatibor asseco-fire eyeDejan Jeremic
 
Cyber Security - IDS/IPS is not enough
Cyber Security - IDS/IPS is not enoughCyber Security - IDS/IPS is not enough
Cyber Security - IDS/IPS is not enoughSavvius, Inc
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber securitySumanPramanik7
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing BasicsRick Wanner
 
No More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe
No More SIlos: Connected Security - Mike Desai and Ryan RowcliffeNo More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe
No More SIlos: Connected Security - Mike Desai and Ryan RowcliffeCore Security
 
DTS Solution - Penetration Testing Services v1.0
DTS Solution - Penetration Testing Services v1.0DTS Solution - Penetration Testing Services v1.0
DTS Solution - Penetration Testing Services v1.0Shah Sheikh
 
Information Security Seminar
Information Security SeminarInformation Security Seminar
Information Security SeminarAcend Corporate Learning
 
Advanced Threat Detection in ICS – SCADA Environments
Advanced Threat Detection in ICS – SCADA EnvironmentsAdvanced Threat Detection in ICS – SCADA Environments
Advanced Threat Detection in ICS – SCADA EnvironmentsLondon School of Cyber Security
 
Learn intrusion detection: Using Zeek and Elastic for incident response
Learn intrusion detection: Using Zeek and Elastic for incident responseLearn intrusion detection: Using Zeek and Elastic for incident response
Learn intrusion detection: Using Zeek and Elastic for incident responseInfosec
 
Malware
MalwareMalware
MalwareSetiya Nugroho
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security BasicsMohan Jadhav
 
C02
C02C02
C02newbie2019
 
How To Defeat Advanced Malware. New Tools for Protection and Forensics
How To Defeat Advanced Malware. New Tools for Protection and ForensicsHow To Defeat Advanced Malware. New Tools for Protection and Forensics
How To Defeat Advanced Malware. New Tools for Protection and ForensicsLondon School of Cyber Security
 
Ethical Hacking & Penetration Testing
Ethical Hacking & Penetration TestingEthical Hacking & Penetration Testing
Ethical Hacking & Penetration Testingecmee
 
WEEK5 Mobile Device Security 31032022.pdf
WEEK5 Mobile Device Security 31032022.pdfWEEK5 Mobile Device Security 31032022.pdf
WEEK5 Mobile Device Security 31032022.pdfSetiya Nugroho
 
Crack the Code
Crack the CodeCrack the Code
Crack the CodeInnoTech
 
Offensive cyber security engineer updated
Offensive cyber security engineer updatedOffensive cyber security engineer updated
Offensive cyber security engineer updatedInfosecTrain
 
Addressing the Data Security Risks of Cloud-Based Software - HBMA Presentation
Addressing the Data Security Risks of Cloud-Based Software - HBMA PresentationAddressing the Data Security Risks of Cloud-Based Software - HBMA Presentation
Addressing the Data Security Risks of Cloud-Based Software - HBMA PresentationKareo
 
Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyVeriato
 
How To Protect Your Website From Bot Attacks
How To Protect Your Website From Bot AttacksHow To Protect Your Website From Bot Attacks
How To Protect Your Website From Bot AttacksLondon School of Cyber Security
 
Redefining Endpoint Security
Redefining Endpoint SecurityRedefining Endpoint Security
Redefining Endpoint SecurityBurak DAYIOGLU
 
Daddy Thwane. CV
Daddy Thwane. CVDaddy Thwane. CV
Daddy Thwane. CVDaddy Jonathan Thwane
 
Career Guidance on Cybersecurity by Mohammed Adam
Career Guidance on Cybersecurity by Mohammed AdamCareer Guidance on Cybersecurity by Mohammed Adam
Career Guidance on Cybersecurity by Mohammed AdamMohammed Adam
 
VAPT Infomagnum
VAPT InfomagnumVAPT Infomagnum
VAPT InfomagnumARUN REDDY M
 
Cyber Security for Financial Planners
Cyber Security for Financial PlannersCyber Security for Financial Planners
Cyber Security for Financial PlannersMichael O'Phelan
 
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...Core Security
 
Netwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldNetwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldnetwealthInvest
 
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...Core Security
 

Mais conteúdo relacionado

Mais procurados

Learn intrusion detection: Using Zeek and Elastic for incident response
Learn intrusion detection: Using Zeek and Elastic for incident responseLearn intrusion detection: Using Zeek and Elastic for incident response
Learn intrusion detection: Using Zeek and Elastic for incident responseInfosec
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security BasicsMohan Jadhav
 
How To Defeat Advanced Malware. New Tools for Protection and Forensics
How To Defeat Advanced Malware. New Tools for Protection and ForensicsHow To Defeat Advanced Malware. New Tools for Protection and Forensics
How To Defeat Advanced Malware. New Tools for Protection and ForensicsLondon School of Cyber Security
 
Ethical Hacking & Penetration Testing
Ethical Hacking & Penetration TestingEthical Hacking & Penetration Testing
Ethical Hacking & Penetration Testingecmee
 
WEEK5 Mobile Device Security 31032022.pdf
WEEK5 Mobile Device Security 31032022.pdfWEEK5 Mobile Device Security 31032022.pdf
WEEK5 Mobile Device Security 31032022.pdfSetiya Nugroho
 
Crack the Code
Crack the CodeCrack the Code
Crack the CodeInnoTech
 
Offensive cyber security engineer updated
Offensive cyber security engineer updatedOffensive cyber security engineer updated
Offensive cyber security engineer updatedInfosecTrain
 
Addressing the Data Security Risks of Cloud-Based Software - HBMA Presentation
Addressing the Data Security Risks of Cloud-Based Software - HBMA PresentationAddressing the Data Security Risks of Cloud-Based Software - HBMA Presentation
Addressing the Data Security Risks of Cloud-Based Software - HBMA PresentationKareo
 
Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyVeriato
 
Redefining Endpoint Security
Redefining Endpoint SecurityRedefining Endpoint Security
Redefining Endpoint SecurityBurak DAYIOGLU
 
Career Guidance on Cybersecurity by Mohammed Adam
Career Guidance on Cybersecurity by Mohammed AdamCareer Guidance on Cybersecurity by Mohammed Adam
Career Guidance on Cybersecurity by Mohammed AdamMohammed Adam
 
Cyber Security for Financial Planners
Cyber Security for Financial PlannersCyber Security for Financial Planners
Cyber Security for Financial PlannersMichael O'Phelan
 
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...Core Security
 

Mais procurados (20)

Information Security Seminar
Information Security SeminarInformation Security Seminar
Information Security Seminar
 
Advanced Threat Detection in ICS – SCADA Environments
Advanced Threat Detection in ICS – SCADA EnvironmentsAdvanced Threat Detection in ICS – SCADA Environments
Advanced Threat Detection in ICS – SCADA Environments
 
Learn intrusion detection: Using Zeek and Elastic for incident response
Learn intrusion detection: Using Zeek and Elastic for incident responseLearn intrusion detection: Using Zeek and Elastic for incident response
Learn intrusion detection: Using Zeek and Elastic for incident response
 
Malware
MalwareMalware
Malware
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security Basics
 
C02
C02C02
C02
 
How To Defeat Advanced Malware. New Tools for Protection and Forensics
How To Defeat Advanced Malware. New Tools for Protection and ForensicsHow To Defeat Advanced Malware. New Tools for Protection and Forensics
How To Defeat Advanced Malware. New Tools for Protection and Forensics
 
Ethical Hacking & Penetration Testing
Ethical Hacking & Penetration TestingEthical Hacking & Penetration Testing
Ethical Hacking & Penetration Testing
 
WEEK5 Mobile Device Security 31032022.pdf
WEEK5 Mobile Device Security 31032022.pdfWEEK5 Mobile Device Security 31032022.pdf
WEEK5 Mobile Device Security 31032022.pdf
 
Crack the Code
Crack the CodeCrack the Code
Crack the Code
 
Offensive cyber security engineer updated
Offensive cyber security engineer updatedOffensive cyber security engineer updated
Offensive cyber security engineer updated
 
Addressing the Data Security Risks of Cloud-Based Software - HBMA Presentation
Addressing the Data Security Risks of Cloud-Based Software - HBMA PresentationAddressing the Data Security Risks of Cloud-Based Software - HBMA Presentation
Addressing the Data Security Risks of Cloud-Based Software - HBMA Presentation
 
Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your Company
 
How To Protect Your Website From Bot Attacks
How To Protect Your Website From Bot AttacksHow To Protect Your Website From Bot Attacks
How To Protect Your Website From Bot Attacks
 
Redefining Endpoint Security
Redefining Endpoint SecurityRedefining Endpoint Security
Redefining Endpoint Security
 
Daddy Thwane. CV
Daddy Thwane. CVDaddy Thwane. CV
Daddy Thwane. CV
 
Career Guidance on Cybersecurity by Mohammed Adam
Career Guidance on Cybersecurity by Mohammed AdamCareer Guidance on Cybersecurity by Mohammed Adam
Career Guidance on Cybersecurity by Mohammed Adam
 
VAPT Infomagnum
VAPT InfomagnumVAPT Infomagnum
VAPT Infomagnum
 
Cyber Security for Financial Planners
Cyber Security for Financial PlannersCyber Security for Financial Planners
Cyber Security for Financial Planners
 
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...
 

Semelhante a Email is top cyber threat

Netwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldNetwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldnetwealthInvest
 
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...Core Security
 
Webinar: Beyond Two-Factor: Secure Access Control for Office 365
Webinar: Beyond Two-Factor: Secure Access Control for Office 365 Webinar: Beyond Two-Factor: Secure Access Control for Office 365
Webinar: Beyond Two-Factor: Secure Access Control for Office 365SecureAuth
 
M Kamens Iia Financial Services Presentation At Disney
M Kamens Iia Financial Services Presentation At DisneyM Kamens Iia Financial Services Presentation At Disney
M Kamens Iia Financial Services Presentation At Disneykamensm02
 
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce RiskThe Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce RiskBeyondTrust
 
Top Network Security Interview Questions That You Should Know.pptx
Top Network Security Interview Questions That You Should Know.pptxTop Network Security Interview Questions That You Should Know.pptx
Top Network Security Interview Questions That You Should Know.pptxInfosectrain3
 
NH Bankers 10 08 07 Kamens
NH Bankers 10 08 07 KamensNH Bankers 10 08 07 Kamens
NH Bankers 10 08 07 Kamenskamensm02
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineeringSweta Kumari Barnwal
 
Strong authentication implementation guide
Strong authentication implementation guideStrong authentication implementation guide
Strong authentication implementation guideNis
 
Multi Factor Authentication Whitepaper Arx - Intellect Design
Multi Factor Authentication Whitepaper Arx - Intellect DesignMulti Factor Authentication Whitepaper Arx - Intellect Design
Multi Factor Authentication Whitepaper Arx - Intellect DesignRajat Jain
 
The Hacker Playbook: How to Think Like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think Like a Cybercriminal to Reduce RiskThe Hacker Playbook: How to Think Like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think Like a Cybercriminal to Reduce RiskBeyondTrust
 
The Evolution of Cybercrime
The Evolution of CybercrimeThe Evolution of Cybercrime
The Evolution of CybercrimeStephen Cobb
 
Cyber Security Seminar
Cyber Security SeminarCyber Security Seminar
Cyber Security SeminarJeremy Quadri
 
Introduction to the Current Threat Landscape
Introduction to the Current Threat LandscapeIntroduction to the Current Threat Landscape
Introduction to the Current Threat LandscapeMelbourne IT
 
Asegurarme de la Seguridad?, Un Vistazo al Penetration Testing
Asegurarme de la Seguridad?, Un Vistazo al Penetration TestingAsegurarme de la Seguridad?, Un Vistazo al Penetration Testing
Asegurarme de la Seguridad?, Un Vistazo al Penetration TestingSoftware Guru
 

Semelhante a Email is top cyber threat (20)

Netwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldNetwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital world
 
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
 
Webinar: Beyond Two-Factor: Secure Access Control for Office 365
Webinar: Beyond Two-Factor: Secure Access Control for Office 365 Webinar: Beyond Two-Factor: Secure Access Control for Office 365
Webinar: Beyond Two-Factor: Secure Access Control for Office 365
 
CyberSecurity Update Slides
CyberSecurity Update SlidesCyberSecurity Update Slides
CyberSecurity Update Slides
 
M Kamens Iia Financial Services Presentation At Disney
M Kamens Iia Financial Services Presentation At DisneyM Kamens Iia Financial Services Presentation At Disney
M Kamens Iia Financial Services Presentation At Disney
 
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce RiskThe Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
 
Top Network Security Interview Questions That You Should Know.pptx
Top Network Security Interview Questions That You Should Know.pptxTop Network Security Interview Questions That You Should Know.pptx
Top Network Security Interview Questions That You Should Know.pptx
 
Module 3-cyber security
Module 3-cyber securityModule 3-cyber security
Module 3-cyber security
 
Module 10 e security-en
Module 10 e security-enModule 10 e security-en
Module 10 e security-en
 
NH Bankers 10 08 07 Kamens
NH Bankers 10 08 07 KamensNH Bankers 10 08 07 Kamens
NH Bankers 10 08 07 Kamens
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineering
 
Under thehood
Under thehoodUnder thehood
Under thehood
 
Brochure of ICSS
Brochure of ICSS Brochure of ICSS
Brochure of ICSS
 
Strong authentication implementation guide
Strong authentication implementation guideStrong authentication implementation guide
Strong authentication implementation guide
 
Multi Factor Authentication Whitepaper Arx - Intellect Design
Multi Factor Authentication Whitepaper Arx - Intellect DesignMulti Factor Authentication Whitepaper Arx - Intellect Design
Multi Factor Authentication Whitepaper Arx - Intellect Design
 
The Hacker Playbook: How to Think Like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think Like a Cybercriminal to Reduce RiskThe Hacker Playbook: How to Think Like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think Like a Cybercriminal to Reduce Risk
 
The Evolution of Cybercrime
The Evolution of CybercrimeThe Evolution of Cybercrime
The Evolution of Cybercrime
 
Cyber Security Seminar
Cyber Security SeminarCyber Security Seminar
Cyber Security Seminar
 
Introduction to the Current Threat Landscape
Introduction to the Current Threat LandscapeIntroduction to the Current Threat Landscape
Introduction to the Current Threat Landscape
 
Asegurarme de la Seguridad?, Un Vistazo al Penetration Testing
Asegurarme de la Seguridad?, Un Vistazo al Penetration TestingAsegurarme de la Seguridad?, Un Vistazo al Penetration Testing
Asegurarme de la Seguridad?, Un Vistazo al Penetration Testing
 

Mais de Jisc

Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Jisc
 
International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...Jisc
 
Digital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxDigital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxJisc
 
Open Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxOpen Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxJisc
 
Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Jisc
 
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...Jisc
 
Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc
 
Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc
 
Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc
 
JISC Presentation.pptx
JISC Presentation.pptxJISC Presentation.pptx
JISC Presentation.pptxJisc
 
Community-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxCommunity-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxJisc
 
The Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxThe Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxJisc
 
Are we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxAre we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxJisc
 
JiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJisc
 
UWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxUWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxJisc
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber EssentialsJisc
 
MarkChilds.pptx
MarkChilds.pptxMarkChilds.pptx
MarkChilds.pptxJisc
 
RStrachanOct23.pptx
RStrachanOct23.pptxRStrachanOct23.pptx
RStrachanOct23.pptxJisc
 
ISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptxISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptxJisc
 
FerrellWalker.pptx
FerrellWalker.pptxFerrellWalker.pptx
FerrellWalker.pptxJisc
 

Mais de Jisc (20)

Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...
 
Digital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxDigital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptx
 
Open Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxOpen Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptx
 
Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...
 
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
 
Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023
 
Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023
 
Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023
 
JISC Presentation.pptx
JISC Presentation.pptxJISC Presentation.pptx
JISC Presentation.pptx
 
Community-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxCommunity-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptx
 
The Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxThe Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptx
 
Are we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxAre we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptx
 
JiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptx
 
UWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxUWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptx
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber Essentials
 
MarkChilds.pptx
MarkChilds.pptxMarkChilds.pptx
MarkChilds.pptx
 
RStrachanOct23.pptx
RStrachanOct23.pptxRStrachanOct23.pptx
RStrachanOct23.pptx
 
ISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptxISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptx
 
FerrellWalker.pptx
FerrellWalker.pptxFerrellWalker.pptx
FerrellWalker.pptx
 

Último

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 

Último (20)

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 

Email is top cyber threat

  • 1. Security human Chair: John Chapman, Head of security operations centre, Jisc
  • 3. EMAIL IS THE No 1 THREAT VECTOR 225B e mails per day 90% THREATS START BY E MAIL 99% OF HACKERS RELY ON USERS TO RUN MALICIOUS CODE IMPACTS: MALWARE INFECTION / COMPROMISED ACCOUNTS / LOSS OF DATA Threats using social engineering
  • 4. Human Click Enabled v Technical Threats
  • 7. Executive Assistants Head of Legal Affairs HR Director COO CFO Finance Staff IT Staff Threats by Individuals
  • 8. Spoofing E mail addresses The tools necessary to spoof email addresses are surprisingly easy to get. All you need is a working SMTP server (aka, a server that can send email), and the right mailing software.
  • 9. Which tools are used to train users?
  • 10. Who measures an organisations susceptibility? 2015 2016 2017 63% 66% 75% Average click rates: Healthcare 15% Public Sector 14% HEI’s ? All 11%
  • 11. People are targets must let them know they are targets must let them know criminal TTP’s people make defence work
  • 12. Video of the threat…….. Tactics, Techniques, and Procedures…..(TTP’s) Youtube Video: An Anatomy of an Attack WE ARE A TARGET
  • 13. Cyber Attacks – The Adversary Not Just Security – It’s Defence
  • 16.
  • 17.
  • 20.
  • 23.
  • 24. Rogue WiFi Danny Moules, Professional security services: security assessment specialist, Jisc
  • 25. >WEP -> WPA (Personal+Enterprise) -> WPA2 -> WPA3 >Public WiFi -> Passworded WiFi (Open Wireless Movement) >WPS (WiFi “Protected” Setup) >Ninety quadrillion* accredited Enterprise protocols: >EAP-TLS >EAP-TTLS/MSCHAPv2 >PEAPv0/EAP-MSCHAPv2 >PEAPv1/EAP-GTC >PEAPv2/EAP-GCM The state of the art
  • 26. > Well-established attack tools > airbase-ng (2004+) > WiFi Pineapple® (2008+) > Fluxion, etc, etc > Mistaken identity > Streamlined WiFi workflows hide underlying network ‘complexity’ from user – Unable to detect or respond Wireless Access Point Spoofing (Rogue WiFi)
  • 27. > Basic case: WPA2 PSK cracking or stolen via other channels (e.g. guest client compromise) > Mitigated by WPA2 Enterprise – but only if server certificate verification is enforced. Hard & rare. > WPA2 Enterprise only permits detection of direct spoofs by a technical user – doesn’t prevent homograph attacks > User already connected to the real network? Can’t break the key? Certificate verification set up? Denial of Service. > De-authentication > Jamming Wireless Access Point Spoofing
  • 28. > Active Directory clients spew credentials over HTTP, SMB, LDAP etc to anyone who asks nicely enough > Spoofed relays can replay credentWials > Spoofed services can crack passwords of most AD networks (upgrade!) > Phishing. Capture portals especially vulnerable – insecure by design > Network pass-through. Attacker can be connected to spoofed network, providing realistic experience but introducing insecurities at leisure What are the risks?
  • 29. > Easy for attacker. Tools are easy to use, documented, and can be performed with nothing but a laptop or cheap stand-alone hardware > Problems of phishing compounded by trust in network, Capture Portals, and promiscuous use of MITM attacks as industry-standard practice > Laptops are crammed full of credentials and can be induced to give them up in myriad different ways, outside of the protections of their normal business network What are the risks? Attack Properties
  • 30. > Not vulnerable to de-auth (in theory) – Hurrah! > Jamming unaddressed > Dragonfly protocol – secure key negotiation > Enables public wifi without password > No/limited security proof? > Solves unencrypted data problem but doesn’t appear to add a new authentication element. Easier to spoof than PSK? Watch this space™ > Enables NFC-based setup – security properties unknown. WPS all over again? The Next Generation - WPA3
  • 31. > Detection is very hard to achieve – de-auth fix is helpful but not silver bullet > Incident response is very hard – CERT/SIRT not much help here > Credentials can be stolen or abused even outside your own network – tighten your Group Policies! > APTs targeting research can incorporate WiFi phishing in to all sorts of complex social engineering scenarios with less fear than other, better monitored, approaches Residual Risks
  • 32. > Not enough risk for ya? > Swap WiFi hotspots for phone base stations and n^2 your threat model! > Heard of Stingray? It’s not just for law enforcers! > Not as mature as WiFi spoofing but maturing very rapidly and nearing off-the-shelf use > Current options for defenders? 1. Be paranoid & ahead of the curve 2. Adopt religion and pray Not just WiFi Different, but the same
  • 33. Except where otherwise noted, this work is licensed under CC-BY-NC-ND. Danny Moules Security assessment specialist danny.moules@jisc.ac.uk I have been… One Castlepark, Tower Hill, Bristol, BS2 0JA T 07867 552072 customerservices@jisc.ac.uk jisc.ac.uk
  • 34. Any questions? Further reading: • YouTube: DEFCON 23 - Sniffin WiFi Sippin Pineapple Juice
  • 36. The Cyber Essentials scheme has been developed by the UK Government and industry to fulfil two functions It provides a clear statement of the basic controls all organisations should implement to mitigate the risk from common internet based threats, within the context of the Government’s 10 Steps to Cyber Security And through the Assurance Framework it offers a mechanism for organisations to demonstrate to customers, investors, insurers and others that they have taken these essential precautions What is Cyber Essentials
  • 37.
  • 38. Five Key Controls Boundary firewalls & internet Gateways Secure configuration Access control & administration privilege management Patch Management Malware Protection
  • 39. > Self assessment questionnaire verified by certification body Which option > Verification carried out independently by a certification body
  • 42. Accreditation Bodies Direct - Portal CE £300 CE+ ? 40 Questions 48 Suppliers CE £300 + CE+ £1250 + 34 Questions Vulnerability Scan Included 20 Companies CE £250 + CE+ £500 + 35 Questions 4 Companies ? ? ? ? Direct + 143 Suppliers CE £300 or £400 CE+ Varies 62 or 171 Questions Bundle with IASME governance & GDPR assessments cyberessentials.ncsc.gov.uk/getting-certified/
  • 43. > Decide CE or CE+ > Select Certification Body through one of the Accreditation Body > Verify that your IT is Secure > Write business scope > Fill out Questionnaire > Option – Arrange Vulnerability scan/Visit > Buy picture frame and await for Certificate > Renew after one year Steps to Certification
  • 44. > Make sure you have the 5 key controls covered > Review the questions before you start the process > Take your time to selecting a accreditation and Certification bodies > Select which option is best for your needs CE or CE+ > Getting the Scope correct is vital especially for CE+ > Be prepared to justify your answers and results Our Experience
  • 45. Limitations Not designed for Education Scheme not consistent CE relies on the company honesty Is only a snapshot in time Can be expense for CE+
  • 46. Is it worth the Time and Cost? Good starting point for Cyber Security Simple, straightforward and cost affective certification process Keeps management, auditors and insurers happy
  • 47. Except where otherwise noted, this work is licensed under CC-BY-NC-ND. Gerald Nicholson IT manager gerald.nicholson@hartlepoolfe.ac.uk I have been… Hartlepool College of Further Education, Stockton Street, Hartlepool, TS24 7NT T 01429 404181 enquires@hartlepoolfe.ac.uk www.hartlepoolfe.ac.uk

Notas do Editor

  1. The video you are about to see is footage of a computer being infected with ransomware followed by extortion based on the publication of compromised confidential company information.
  2. ‘EAP’ stands for ‘EAP a hacker is looking at my data’. ‘PEAP’ stands for ‘EAP a hacker is PEAPing at my data’.
  3. Explain MITM. Explain shift towards ease of usability and costs to security.
  4. Start with note on public wifi, then head to basic PSK case. Mention homograph edge-cases, general fiel
  5. Government wanted to improve cyber security nationwide GCHQ – 10 steps Nothing available that met requirements Worked with industry to develop scheme Cyber essentials Around since 2014 Basically what you need to do to stay safe and a mechanism for you to prove it to your suppliers/customers etc.
  6. Very good 86 statements of what you need to implement – develop policy for updates and patch management, install firewalls, limit the use of remote media Created spreadsheet to review and work through to big for Cyber Essentials -key work Essentials
  7. Network Security, segmented networks, secure wireless, Nat translation. DMZ, Secure configuration – HW/SW inventory's, lock down OS/Apps, vulnerability scans, AppLocker Managing user privileges - user creation/deletion automated?, password policy, limiting user privileges, monitoring user activity Malware protection – software installed, scanning all systems, dedicated airgaped scanning machines usb, baseline security build for all new machines. Patch Management – software licenced and supported, are os/app patched with 14 days, boyd policy for mobile devices,
  8. CE – relies on you telling the truth – as simple as writing a business scope and answering the questionnaire CE+ - site visit, vulnerability scan external and internal, and pc/mobile device checks can be 10% or individual type of machines
  9. 216 companies APMG – Direct – quick 1 hour Prices vary do it your self £300 includes vulnerability scan, £100 rescans it governance get a little help £550 IASME £300 or £400 with governance and GDPR 62 Q or 171 Q Very varied approaches and advice given This process most time consuming picking the right body and company
  10. Internet facing, full org, finance, etc Example questions At least your have the answers
  11. 2003 server when 2012 r2
  12. Very varied approaches and advice given