CBI WEBINAR SERIESSPEAR PHISHING DEFENSE               Presented By:               Joe Schorr               Principal Secu...
Agenda    • Spear Phishing Defined    • Spear Phishing Defense    • Next Steps    • Tips for home and family    • Q&A2    ...
Spear Phishing Defined    Spear phishing is a targeted attack using email spoofing    that seeks to obtain illegal access ...
Security Trends                                                   CHALLENGING                                             ...
Recent Events – Personal Information Lost5                                       800.747.8585 | help@cbihome.com
Recent Events – Spear Phishing Attacks6                                        800.747.8585 | help@cbihome.com
Anatomy of the Attack                                 Step 4                                 • Gather and                 ...
Step 1 – Target selection and research1.   Target selected from shopping list2.   Passive searching – ‘Google-Fu’3.   Cybe...
Step 2 – ‘Payload’ Delivery1. The targeted person receives the fake email2. User follows instructions on false site they a...
Step 3 – Exploitation1.   Create ‘Backdoor’ to access the network un-impeded2.   Steal credentials, i.e. user names and pa...
Step 4 – Data Gathering     1. Gather important data targeted by the original shopping list     2. Encrypt the stolen data...
Step 5 - Extraction     Encrypted data extracted via FTP to compromised server outside the target’s network12             ...
Spear Phishing Defense     1. REVIEW! Your personal information on the internet        and social networking sites immedia...
Spear Phishing Defense     2. SANITIZE! Your online life. Remove references to        personal information on social netwo...
Spear Phishing Defense     3. DON’T! Click links or respond to mysterious email        messages. Double-check the authenti...
Spear Phishing Defense     4. UPDATE! And patch your anti-virus software. Many        attackers make use of ‘zero-day’ or ...
Spear Phishing Defense 5. TURN ON! All the features on your security software.    Make sure that all elements of the solut...
Spear Phishing Defense 6. ENCRYPT! The Crown Jewels of your organization.    Make your priceless data ‘worthless’.18      ...
Spear Phishing Defense 7. PREVENT! Sensitive data from leaving. Data Loss    Prevention inspects the content flow and give...
Next Steps      • Publish a corporate policy for public information      • Prohibit publication of org charts, personal in...
Tips for Homehttp://www.connectsafely.org/   http://www.staysafeonline.org     http://us.norton.com/content/enpdfs/fbparen...
THANK YOUjschorr@cbihome.com   @JoeSchorr               800.747.8585 | help@cbihome.com
Upcoming SlideShare
Loading in …5
×

Spear Phishing Defense

838
-1

Published on

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
838
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
0
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Spear Phishing Defense

  1. 1. CBI WEBINAR SERIESSPEAR PHISHING DEFENSE Presented By: Joe Schorr Principal Security Strategist 800.747.8585 | help@cbihome.com
  2. 2. Agenda • Spear Phishing Defined • Spear Phishing Defense • Next Steps • Tips for home and family • Q&A2 800.747.8585 | help@cbihome.com
  3. 3. Spear Phishing Defined Spear phishing is a targeted attack using email spoofing that seeks to obtain illegal access in order to steal confidential data. These attacks are not the work of random actors but more often the persistent efforts of criminal enterprises, or state-sponsored professionals seeking trade secrets, financial gain or military intelligence. Spear phishing emails leverage social engineering techniques and appear to come from within a person’s place of employment, an authority figure or a known associate.3 800.747.8585 | help@cbihome.com
  4. 4. Security Trends CHALLENGING THREAT LANDSCAPE MALICIOUS INSIDERS TARGETED ATTACKS INCREASING EVOLVING COMPLEXITY INFRASTRUCTURE INCREASING FINANCIAL AND BRAND RISK DATA GROWTH COMPLIANCE REQUIREMENTS MOBILE VIRTUALIZATION VENDOR COMPLEXITY CLOUD 800.747.8585 | help@cbihome.com
  5. 5. Recent Events – Personal Information Lost5 800.747.8585 | help@cbihome.com
  6. 6. Recent Events – Spear Phishing Attacks6 800.747.8585 | help@cbihome.com
  7. 7. Anatomy of the Attack Step 4 • Gather and encrypt stolen data Step 2 Step 5 • Fake Email • Stolen data Delivered transferred to Step 3 attacker • Create a backdoor and steal user information Step 1 • Targets (people) researched and pinpointed7 800.747.8585 | help@cbihome.com
  8. 8. Step 1 – Target selection and research1. Target selected from shopping list2. Passive searching – ‘Google-Fu’3. Cyber-stalking via Facebook and Linked In4. Select individuals for Spear-phishing attack5. Customize mail to targets8 800.747.8585 | help@cbihome.com
  9. 9. Step 2 – ‘Payload’ Delivery1. The targeted person receives the fake email2. User follows instructions on false site they are directed to3. Or… the user opens a malicious payload in an attachment9 800.747.8585 | help@cbihome.com
  10. 10. Step 3 – Exploitation1. Create ‘Backdoor’ to access the network un-impeded2. Steal credentials, i.e. user names and passwords3. ‘Phone Home’ to Command & Control servers4. Spread out to other systems10 800.747.8585 | help@cbihome.com
  11. 11. Step 4 – Data Gathering 1. Gather important data targeted by the original shopping list 2. Encrypt the stolen data 3. Prepare the data to be transferred from the target11 800.747.8585 | help@cbihome.com
  12. 12. Step 5 - Extraction Encrypted data extracted via FTP to compromised server outside the target’s network12 800.747.8585 | help@cbihome.com
  13. 13. Spear Phishing Defense 1. REVIEW! Your personal information on the internet and social networking sites immediately. Start to look at your online persona as an attacker would.13 800.747.8585 | help@cbihome.com
  14. 14. Spear Phishing Defense 2. SANITIZE! Your online life. Remove references to personal information on social networking and social media sites. Even family info, photos and hobbies can be used against you and your company.14 800.747.8585 | help@cbihome.com
  15. 15. Spear Phishing Defense 3. DON’T! Click links or respond to mysterious email messages. Double-check the authenticity especially if they seem abnormally urgent. Examine the link names.15 800.747.8585 | help@cbihome.com
  16. 16. Spear Phishing Defense 4. UPDATE! And patch your anti-virus software. Many attackers make use of ‘zero-day’ or very new viruses and attack vectors. Keeping up to date is your best defense against new malware.16 800.747.8585 | help@cbihome.com
  17. 17. Spear Phishing Defense 5. TURN ON! All the features on your security software. Make sure that all elements of the solution are enabled and active. It does no good if your anti-virus is ‘On’ but the firewall or email filters are ‘Off’.17 800.747.8585 | help@cbihome.com
  18. 18. Spear Phishing Defense 6. ENCRYPT! The Crown Jewels of your organization. Make your priceless data ‘worthless’.18 800.747.8585 | help@cbihome.com
  19. 19. Spear Phishing Defense 7. PREVENT! Sensitive data from leaving. Data Loss Prevention inspects the content flow and give assurance the content doesn’t contain any sensitive data that may be violate company policy. If it violates the policy, the transmission is blocked and a notification sent.19 800.747.8585 | help@cbihome.com
  20. 20. Next Steps • Publish a corporate policy for public information • Prohibit publication of org charts, personal info, phone lists, customer lists, etc. • Implement awareness training for your employees • Let them know they are targets and what attackers want to know • Create a Phishing Response Strategy • Begin to track the kinds of ‘spam’ you’re getting (you may be targeted and not realize it) • Contact CBI for assistance with these and other information security and security awareness issues, including security and vulnerability assessments20 800.747.8585 | help@cbihome.com
  21. 21. Tips for Homehttp://www.connectsafely.org/ http://www.staysafeonline.org http://us.norton.com/content/enpdfs/fbparents.pdf /sites/default/files/resource_d /us/home_homeoffice/media/the ocuments/Parents%20Internet me/parentresources/FamilyOnlin %20Safety%20and%20Security eSafetyGuide_3rdEd_final.pdf %20STC.pdf21 800.747.8585 | help@cbihome.com
  22. 22. THANK YOUjschorr@cbihome.com @JoeSchorr 800.747.8585 | help@cbihome.com

×