This is my talk from my OWASP Dublin event talk where I argue that as security professionals we should not worry about the Darkweb but rather focus on protecting our systems and businesses
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
The dark side of the internet
1. The Dark Side of the Internet
And Why You Shouldn’t Care
2. CEO of BH Consulting – Independent Information Security Firm
Founder & Head of IRISSCERT – Ireland’s first Computer
Emergency Response Team
Special Advisor on Internet Security Europol's CyberCrime
Centre (EC3)
Expert Advisor to European Network & Information Security
Agency (ENISA)
Adjunct Lecturer at University College Dublin
Regularly comments on media stories –
BBC, Forbes, Bloomberg, FT, Guardian, Sunday Times
Who Am I?
18. $1-$6 US Credit card number
$2-$12 UK Credit card number
$5-$50 Medical ID card
$6-$18 Basic identity information
$7 PayPal account with credentials
$50-$500 PayPal verified with balance
$20 DDoS attack from bot army (per hour)
$30 Passwords to consumer credit reports
$50 to $60 Health/medical record
$140 10 million email addresses
$200 Malicious Software Toolkit
$500 20 million SPAMs sent from bot army
$100-$2000 Malware as a Service (MaaS)
$1000-$5000 Online banking accounts with a balance
$10000 0-Day Exploit
Why Should I Care?
20. 63% believe their organisation is only partially
equipped.
49% rate their overall readiness as fair or poor.
33% believe detection capabilities are
inadequate.
30% believe evolving technical threats are
biggest challenges.
Irish Computer Society
21. 33% of organisations experienced a cyber breach in
the past 2 years with 44% of organisations selling
online have experienced a cyber breach
84% of directors say their organisation will increase
spending on cyber security measures over the next 3
years
69% of directors claim their organisation is prepared
or very prepared for a cyber breach
Institute of Directors in Ireland
22. 19%
25%
28%
46%
64%
0% 10% 20% 30% 40% 50% 60% 70%
Website Hacked
Data Protection Breach
Email Accounts Hacked
Loss Theft/Mobile Device
Computer Virus
Top Five Breaches
Institute of Directors in Ireland
29. DDoS Extortion
Ransomware
CEO Fraud
SQL Injection
Current Issues/Concerns
30. To introduce ourselves first:
https://blogs.akamai.com/2014/12/dd4bc-anatomy-of-a-bitcoin-extortion-campaign.html
http://bitcoinbountyhunter.com/bitalo.html
http://cointelegraph.com/news/113499/notorious-hacker-group-involved-in-excoin-theft-owner-accuses-ccedk-of-withholding-info
Recently we were DDoS-ing Neteller:
https://twitter.com/neteller/status/583363894665715712
Yes, our attacks are powerful.
So, it’s your turn!
Your sites are going under attack unless you pay 100 Bitcoin.
Pay to 1XXXXXXXXXXXXXXXXXXXXX
Please note that it will not be easy to mitigate our attack, because our current UDP flood power is 400-500 Gbps, so don't even bother. At least, don't expect cheap services like CloudFlare or Incapsula to help...but you
can try. :)
Right now we are running small demonstrative attack.
Don't worry, it will not be that hard (it shouldn't crash your site) and it will stop in 1 hour. It's just to prove that we are serious.
We are aware that you probably don't have 100 BTC at the moment, so we are giving you 24 hours.
Find the best exchanger for you on
https://localbitcoins.com or
http://howtobuybitcoins.info
You can pay directly through exchanger to our BTC address, you don't even need to have BTC wallet.
Current price of 1 BTC is about 230 USD, so we are cheap, at the moment. But if you ignore us, price will increase.
IMPORTANT: You don’t even have to reply. Just pay 100 BTC to 1XXXXXXXXXXXXXXXXXXXXX – we will know it’s you and you will never hear from us again.
We say it because for big companies it's usually the problem as they don't want that there is proof that they cooperated. If you need to contact us, feel free to use some free email service. Or contact us via Bitmessage:
BM-XXXXXXXXXXXXXXXXXX
But if you ignore us, and don't pay us within a given time, long term attack will start, price to stop will go to 200 BTC and will keep increasing for every hour of attack.
IMPORTANT: It’s a one-time payment. Pay and you will not hear from us ever again!
We do bad things, but we keep our word.
31. To introduce ourselves first:
https://blogs.akamai.com/2014/12/dd4bc-anatomy-of-a-bitcoin-extortion-campaign.html
http://bitcoinbountyhunter.com/bitalo.html
http://cointelegraph.com/news/113499/notorious-hacker-group-involved-in-excoin-theft-owner-accuses-ccedk-of-withholding-info
Recently we were DDoS-ing Neteller:
https://twitter.com/neteller/status/583363894665715712
Yes, our attacks are powerful.
So, it’s your turn!
Your sites are going under attack unless you pay 100 Bitcoin.
Pay to 1XXXXXXXXXXXXXXXXXXXXX
Please note that it will not be easy to mitigate our attack, because our current UDP flood power is 400-500 Gbps, so don't even bother. At least, don't expect cheap services like CloudFlare or Incapsula to help...but you
can try. :)
Right now we are running small demonstrative attack.
Don't worry, it will not be that hard (it shouldn't crash your site) and it will stop in 1 hour. It's just to prove that we are serious.
We are aware that you probably don't have 100 BTC at the moment, so we are giving you 24 hours.
Find the best exchanger for you on
https://localbitcoins.com or
http://howtobuybitcoins.info
You can pay directly through exchanger to our BTC address, you don't even need to have BTC wallet.
Current price of 1 BTC is about 230 USD, so we are cheap, at the moment. But if you ignore us, price will increase.
IMPORTANT: You don’t even have to reply. Just pay 100 BTC to 1XXXXXXXXXXXXXXXXXXXXX – we will know it’s you and you will never hear from us again.
We say it because for big companies it's usually the problem as they don't want that there is proof that they cooperated. If you need to contact us, feel free to use some free email service. Or contact us via Bitmessage:
BM-XXXXXXXXXXXXXXXXXX
But if you ignore us, and don't pay us within a given time, long term attack will start, price to stop will go to 200 BTC and will keep increasing for every hour of attack.
IMPORTANT: It’s a one-time payment. Pay and you will not hear from us ever again!
We do bad things, but we keep our word.
32. To introduce ourselves first:
https://blogs.akamai.com/2014/12/dd4bc-anatomy-of-a-bitcoin-extortion-campaign.html
http://bitcoinbountyhunter.com/bitalo.html
http://cointelegraph.com/news/113499/notorious-hacker-group-involved-in-excoin-theft-owner-accuses-ccedk-of-withholding-info
Recently we were DDoS-ing Neteller:
https://twitter.com/neteller/status/583363894665715712
Yes, our attacks are powerful.
So, it’s your turn!
Your sites are going under attack unless you pay 100 Bitcoin.
Pay to 1XXXXXXXXXXXXXXXXXXXXX
Please note that it will not be easy to mitigate our attack, because our current UDP flood power is 400-500 Gbps, so don't even bother. At least, don't expect cheap services like CloudFlare or Incapsula to help...but you
can try. :)
Right now we are running small demonstrative attack.
Don't worry, it will not be that hard (it shouldn't crash your site) and it will stop in 1 hour. It's just to prove that we are serious.
We are aware that you probably don't have 100 BTC at the moment, so we are giving you 24 hours.
Find the best exchanger for you on
https://localbitcoins.com or
http://howtobuybitcoins.info
You can pay directly through exchanger to our BTC address, you don't even need to have BTC wallet.
Current price of 1 BTC is about 230 USD, so we are cheap, at the moment. But if you ignore us, price will increase.
IMPORTANT: You don’t even have to reply. Just pay 100 BTC to 1XXXXXXXXXXXXXXXXXXXXX – we will know it’s you and you will never hear from us again.
We say it because for big companies it's usually the problem as they don't want that there is proof that they cooperated. If you need to contact us, feel free to use some free email service. Or contact us via Bitmessage:
BM-XXXXXXXXXXXXXXXXXX
But if you ignore us, and don't pay us within a given time, long term attack will start, price to stop will go to 200 BTC and will keep increasing for every hour of attack.
IMPORTANT: It’s a one-time payment. Pay and you will not hear from us ever again!
We do bad things, but we keep our word.
33. To introduce ourselves first:
https://blogs.akamai.com/2014/12/dd4bc-anatomy-of-a-bitcoin-extortion-campaign.html
http://bitcoinbountyhunter.com/bitalo.html
http://cointelegraph.com/news/113499/notorious-hacker-group-involved-in-excoin-theft-owner-accuses-ccedk-of-withholding-info
Recently we were DDoS-ing Neteller:
https://twitter.com/neteller/status/583363894665715712
Yes, our attacks are powerful.
So, it’s your turn!
Your sites are going under attack unless you pay 100
Bitcoin = (€22000)
Pay to 1XXXXXXXXXXXXXXXXXXXXX
Please note that it will not be easy to mitigate our attack,
because our current UDP flood power is 400-500 Gbps, so
don't even bother. At least, don't expect cheap services like CloudFlare or Incapsula to help...but you can try. :)
Right now we are running small demonstrative attack.
Don't worry, it will not be that hard (it shouldn't crash your site) and it will stop in 1 hour. It's just to prove that we are serious.
We are aware that you probably don't have 100 BTC at the moment, so we are giving you 24 hours.
Find the best exchanger for you on
https://localbitcoins.com or
http://howtobuybitcoins.info
You can pay directly through exchanger to our BTC address, you don't even need to have BTC wallet.
Current price of 1 BTC is about 230 USD, so we are cheap, at the moment. But if you ignore us, price will increase.
IMPORTANT: You don’t even have to reply. Just pay 100 BTC to 1XXXXXXXXXXXXXXXXXXXXX – we will know it’s you and you will never hear from us again.
34. So, it’s your turn!
Your sites are going under attack unless you pay 100 Bitcoin.
Pay to 1XXXXXXXXXXXXXXXXXXXXX
Please note that it will not be easy to mitigate our attack, because our current UDP flood power is 400-500 Gbps, so don't even bother. At least, don't expect cheap services like CloudFlare or Incapsula to help...but you
can try. :)
Right now we are running small demonstrative attack.
Don't worry, it will not be that hard (it shouldn't crash
your site) and it will stop in 1 hour. It's just to prove that
we are serious.
We are aware that you probably don't have 100 BTC at
the moment, so we are giving you 24 hours.
Find the best exchanger for you on
https://localbitcoins.com or
http://howtobuybitcoins.info
You can pay directly through exchanger to our BTC address, you don't even need to have BTC wallet.
Current price of 1 BTC is about 230 USD, so we are cheap, at the moment. But if you ignore us, price will increase.
IMPORTANT: You don’t even have to reply. Just pay 100 BTC to 1XXXXXXXXXXXXXXXXXXXXX – we will know it’s you and you will never hear from us again.
We say it because for big companies it's usually the problem as they don't want that there is proof that they cooperated. If you need to contact us, feel free to use some free email service. Or contact us via Bitmessage:
BM-XXXXXXXXXXXXXXXXXX
But if you ignore us, and don't pay us within a given time, long term attack will start, price to stop will go to 200 BTC and will keep increasing for every hour of attack.
IMPORTANT: It’s a one-time payment. Pay and you will not hear from us ever again!
We do bad things, but we keep our word.
35. Right now we are running small demonstrative attack.
Don't worry, it will not be that hard (it shouldn't crash your site) and it will stop in 1 hour. It's just to prove that we are serious.
We are aware that you probably don't have 100 BTC at the moment, so we are giving you 24 hours.
Find the best exchanger for you on
https://localbitcoins.com or
http://howtobuybitcoins.info
You can pay directly through exchanger to our BTC address, you don't even need to have BTC wallet.
Current price of 1 BTC is about 230 USD, so we are cheap, at the moment. But if you ignore us, price will increase.
IMPORTANT: You don’t even have to reply. Just pay 100 BTC to 1XXXXXXXXXXXXXXXXXXXXX – we will know it’s you and you will never hear from us again.
We say it because for big companies it's usually the problem as they don't want that there is proof that they cooperated. If you need to contact us, feel free to use some free email service. Or contact us via Bitmessage:
BM-XXXXXXXXXXXXXXXXXX
But if you ignore us, and don't pay us within a given time,
long term attack will start, price to stop will go to 200 BTC
and will keep increasing for every hour of attack.
IMPORTANT: It’s a one-time payment. Pay and you will
not hear from us ever again!
We do bad things, but we keep our word.
39. CEO Fraud
Criminals Target
Company
Get Details on Company
LinkedIn
About Us Pages
Press Releases
News Stories
Understand Hierarchy
40. CEO Fraud
Spoof CEO Email
Address
Compromise CEO Email
Account
OWA/Web Based
Email
Password Guessing
Password reuse by
CEO from other
breach
Infect CEO’s PC to
gather Passwords
41. CEO Fraud
Send Urgent Email to
CFO as CEO Requesting
Payment to new
vendor
Change in existing
vendor payments
BCC to email account
under Criminal’s control
Criminal acting as
CEO
Criminal’s own
email account
42. CEO Fraud
Criminal’s fake account
looks similar to real
account;
ceo@Companyabc.com
ceo@Connpanyabc.com
Criminal now in control
of conversation
If still in control of CEO
mailbox, delete emails of
ongoing conversation
43. CEO Fraud
Can even take part in
conversation with
supplier
Monitor emails to
Genuine supplier
account
Set up fake
supplier email
account
person@supplier.com
person@suppIier.com
(note L in 2nd supplier
address is uppercase i)
57. Other Mechanisms
Mobile Device Management (MDM)
Enforce Policies across devices
Network Access Control
Data Leakage Prevention
Digital Rights Management
Monitor Log Files for Access
Check Corporate Credit Card Statements
Encrypted & Secure USB Devices
End Point Management
Mobile Malware Protection