SlideShare a Scribd company logo

Spear Phishing Defense

Joseph Schorr
Joseph Schorr
1 of 22
CBI WEBINAR SERIES SPEAR PHISHING DEFENSE Presented By: Joe Schorr Principal Security Strategist 800.747.8585 | help@cbihome.com
Agenda • Spear Phishing Defined • Spear Phishing Defense • Next Steps • Tips for home and family • Q&A 2 800.747.8585 | help@cbihome.com
Spear Phishing Defined Spear phishing is a targeted attack using email spoofing that seeks to obtain illegal access in order to steal confidential data. These attacks are not the work of random actors but more often the persistent efforts of criminal enterprises, or state-sponsored professionals seeking trade secrets, financial gain or military intelligence. Spear phishing emails leverage social engineering techniques and appear to come from within a person’s place of employment, an authority figure or a known associate. 3 800.747.8585 | help@cbihome.com
Security Trends CHALLENGING THREAT LANDSCAPE MALICIOUS INSIDERS TARGETED ATTACKS INCREASING EVOLVING COMPLEXITY INFRASTRUCTURE INCREASING FINANCIAL AND BRAND RISK DATA GROWTH COMPLIANCE REQUIREMENTS MOBILE VIRTUALIZATION VENDOR COMPLEXITY CLOUD 800.747.8585 | help@cbihome.com
Recent Events – Personal Information Lost 5 800.747.8585 | help@cbihome.com
Recent Events – Spear Phishing Attacks 6 800.747.8585 | help@cbihome.com
Anatomy of the Attack Step 4 • Gather and encrypt stolen data Step 2 Step 5 • Fake Email • Stolen data Delivered transferred to Step 3 attacker • Create a backdoor and steal user information Step 1 • Targets (people) researched and pinpointed 7 800.747.8585 | help@cbihome.com
Step 1 – Target selection and research 1. Target selected from shopping list 2. Passive searching – ‘Google-Fu’ 3. Cyber-stalking via Facebook and Linked In 4. Select individuals for Spear-phishing attack 5. Customize mail to targets 8 800.747.8585 | help@cbihome.com
Step 2 – ‘Payload’ Delivery 1. The targeted person receives the fake email 2. User follows instructions on false site they are directed to 3. Or… the user opens a malicious payload in an attachment 9 800.747.8585 | help@cbihome.com
Step 3 – Exploitation 1. Create ‘Backdoor’ to access the network un-impeded 2. Steal credentials, i.e. user names and passwords 3. ‘Phone Home’ to Command & Control servers 4. Spread out to other systems 10 800.747.8585 | help@cbihome.com
Step 4 – Data Gathering 1. Gather important data targeted by the original shopping list 2. Encrypt the stolen data 3. Prepare the data to be transferred from the target 11 800.747.8585 | help@cbihome.com
Step 5 - Extraction Encrypted data extracted via FTP to compromised server outside the target’s network 12 800.747.8585 | help@cbihome.com
Spear Phishing Defense 1. REVIEW! Your personal information on the internet and social networking sites immediately. Start to look at your online persona as an attacker would. 13 800.747.8585 | help@cbihome.com
Spear Phishing Defense 2. SANITIZE! Your online life. Remove references to personal information on social networking and social media sites. Even family info, photos and hobbies can be used against you and your company. 14 800.747.8585 | help@cbihome.com
Spear Phishing Defense 3. DON’T! Click links or respond to mysterious email messages. Double-check the authenticity especially if they seem abnormally urgent. Examine the link names. 15 800.747.8585 | help@cbihome.com
Spear Phishing Defense 4. UPDATE! And patch your anti-virus software. Many attackers make use of ‘zero-day’ or very new viruses and attack vectors. Keeping up to date is your best defense against new malware. 16 800.747.8585 | help@cbihome.com
Spear Phishing Defense 5. TURN ON! All the features on your security software. Make sure that all elements of the solution are enabled and active. It does no good if your anti-virus is ‘On’ but the firewall or email filters are ‘Off’. 17 800.747.8585 | help@cbihome.com
Spear Phishing Defense 6. ENCRYPT! The Crown Jewels of your organization. Make your priceless data ‘worthless’. 18 800.747.8585 | help@cbihome.com
Spear Phishing Defense 7. PREVENT! Sensitive data from leaving. Data Loss Prevention inspects the content flow and give assurance the content doesn’t contain any sensitive data that may be violate company policy. If it violates the policy, the transmission is blocked and a notification sent. 19 800.747.8585 | help@cbihome.com
Next Steps • Publish a corporate policy for public information • Prohibit publication of org charts, personal info, phone lists, customer lists, etc. • Implement awareness training for your employees • Let them know they are targets and what attackers want to know • Create a Phishing Response Strategy • Begin to track the kinds of ‘spam’ you’re getting (you may be targeted and not realize it) • Contact CBI for assistance with these and other information security and security awareness issues, including security and vulnerability assessments 20 800.747.8585 | help@cbihome.com
Tips for Home http://www.connectsafely.org/ http://www.staysafeonline.org http://us.norton.com/content/en pdfs/fbparents.pdf /sites/default/files/resource_d /us/home_homeoffice/media/the ocuments/Parents%20Internet me/parentresources/FamilyOnlin %20Safety%20and%20Security eSafetyGuide_3rdEd_final.pdf %20STC.pdf 21 800.747.8585 | help@cbihome.com
THANK YOU jschorr@cbihome.com @JoeSchorr 800.747.8585 | help@cbihome.com

Recommended

Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data Protection
UthsoNandy
 
Security/Compliance - Advanced Threat Detection and Compliance
Security/Compliance - Advanced Threat Detection and ComplianceSecurity/Compliance - Advanced Threat Detection and Compliance
Security/Compliance - Advanced Threat Detection and Compliance
Advanced Technology Consulting (ATC)
 
Security Awareness Training Summary
Security Awareness Training SummarySecurity Awareness Training Summary
Security Awareness Training Summary
SNP Technologies, Inc.
 
A Cybersecurity Planning Guide for CFOs
A Cybersecurity Planning Guide for CFOsA Cybersecurity Planning Guide for CFOs
A Cybersecurity Planning Guide for CFOs
gppcpa
 
Cybersecurity and data privacy
Cybersecurity and data privacyCybersecurity and data privacy
Cybersecurity and data privacy
Katherine Cancelado
 
Thinking like a criminal – Cybersecurity 101
Thinking like a criminal – Cybersecurity 101Thinking like a criminal – Cybersecurity 101
Thinking like a criminal – Cybersecurity 101
PECB
 
Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security Awareness
Ade Ismail Isnan
 
Cybersecurity training seminars, courses, cybersecurity laws
Cybersecurity training seminars, courses, cybersecurity lawsCybersecurity training seminars, courses, cybersecurity laws
Cybersecurity training seminars, courses, cybersecurity laws
Bryan Len
 

Recommended

Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data Protection
UthsoNandy
 
Security/Compliance - Advanced Threat Detection and Compliance
Security/Compliance - Advanced Threat Detection and ComplianceSecurity/Compliance - Advanced Threat Detection and Compliance
Security/Compliance - Advanced Threat Detection and Compliance
Advanced Technology Consulting (ATC)
 
Security Awareness Training Summary
Security Awareness Training SummarySecurity Awareness Training Summary
Security Awareness Training Summary
SNP Technologies, Inc.
 
A Cybersecurity Planning Guide for CFOs
A Cybersecurity Planning Guide for CFOsA Cybersecurity Planning Guide for CFOs
A Cybersecurity Planning Guide for CFOs
gppcpa
 
Cybersecurity and data privacy
Cybersecurity and data privacyCybersecurity and data privacy
Cybersecurity and data privacy
Katherine Cancelado
 
Thinking like a criminal – Cybersecurity 101
Thinking like a criminal – Cybersecurity 101Thinking like a criminal – Cybersecurity 101
Thinking like a criminal – Cybersecurity 101
PECB
 
Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security Awareness
Ade Ismail Isnan
 
Cybersecurity training seminars, courses, cybersecurity laws
Cybersecurity training seminars, courses, cybersecurity lawsCybersecurity training seminars, courses, cybersecurity laws
Cybersecurity training seminars, courses, cybersecurity laws
Bryan Len
 
Cyber Security - awareness, vulnerabilities and solutions
Cyber Security - awareness, vulnerabilities and solutionsCyber Security - awareness, vulnerabilities and solutions
Cyber Security - awareness, vulnerabilities and solutions
inLabFIB
 
A Look Into Cyber Security
A Look Into Cyber SecurityA Look Into Cyber Security
A Look Into Cyber Security
GTreasury
 
Cyber Threat Landscape
Cyber Threat LandscapeCyber Threat Landscape
Cyber Threat Landscape
Ernest (E.J.) Hilbert
 
Good-cyber-hygiene-at-scale-and-speed
Good-cyber-hygiene-at-scale-and-speedGood-cyber-hygiene-at-scale-and-speed
Good-cyber-hygiene-at-scale-and-speed
James '​-- Mckinlay
 
Cybersecurity 2 cyber attacks
Cybersecurity 2 cyber attacksCybersecurity 2 cyber attacks
Cybersecurity 2 cyber attacks
sommerville-videos
 
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...
Withum
 
Lec21 security
Lec21 securityLec21 security
Lec21 security
imran6994
 
Cybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamCybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by Adam
Mohammed Adam
 
Information Security in a Compliance World
Information Security in a Compliance WorldInformation Security in a Compliance World
Information Security in a Compliance World
Evan Francen
 
Cyber security awareness booklet for citizens from mahashtra cyber 10 jan2020
Cyber security awareness booklet for citizens from mahashtra cyber 10 jan2020Cyber security awareness booklet for citizens from mahashtra cyber 10 jan2020
Cyber security awareness booklet for citizens from mahashtra cyber 10 jan2020
Rahul Boga
 
Online Security and Privacy Issues
Online Security and Privacy IssuesOnline Security and Privacy Issues
Online Security and Privacy Issues
ebusinessmantra
 
Unveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureUnveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity posture
Lourdes Paloma Gimenez
 
Webinar - Cyber Hygiene: Stay Clean at Work and at Home
Webinar - Cyber Hygiene: Stay Clean at Work and at HomeWebinar - Cyber Hygiene: Stay Clean at Work and at Home
Webinar - Cyber Hygiene: Stay Clean at Work and at Home
WPICPE
 
Evolution of ransomware
Evolution of ransomwareEvolution of ransomware
Evolution of ransomware
Charles Steve
 
Taking the offensive Security Leaders V9.1
Taking the offensive Security Leaders V9.1Taking the offensive Security Leaders V9.1
Taking the offensive Security Leaders V9.1
Fernando Romero
 
2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-security2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-security
Stephen Cobb
 
Cybersecurity Cyber Usalama
Cybersecurity Cyber UsalamaCybersecurity Cyber Usalama
Cybersecurity Cyber Usalama
MuhammadRadwan10
 
CYBER ATTACK RECOVERY GUIDE
CYBER ATTACK RECOVERY GUIDECYBER ATTACK RECOVERY GUIDE
CYBER ATTACK RECOVERY GUIDE
MUHAMMAD HUZAIFA CHAUDHARY
 
Animacion
Animacion Animacion
Animacion
Enrique Alcivar
 
коломенское экскурсия
коломенское экскурсияколоменское экскурсия
коломенское экскурсия
romisflasher
 
Navigating Medicaid: Part2
Navigating Medicaid: Part2Navigating Medicaid: Part2
Navigating Medicaid: Part2
Paul Kraft
 
Bab 2 (1)
Bab 2 (1)Bab 2 (1)
Bab 2 (1)
wanarizwan
 

More Related Content

What's hot

Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...
Withum
 
Taking the offensive Security Leaders V9.1
Taking the offensive Security Leaders V9.1Taking the offensive Security Leaders V9.1
Taking the offensive Security Leaders V9.1
Fernando Romero
 

What's hot (18)

Cyber Security - awareness, vulnerabilities and solutions
Cyber Security - awareness, vulnerabilities and solutionsCyber Security - awareness, vulnerabilities and solutions
Cyber Security - awareness, vulnerabilities and solutions
 
A Look Into Cyber Security
A Look Into Cyber SecurityA Look Into Cyber Security
A Look Into Cyber Security
 
Cyber Threat Landscape
Cyber Threat LandscapeCyber Threat Landscape
Cyber Threat Landscape
 
Good-cyber-hygiene-at-scale-and-speed
Good-cyber-hygiene-at-scale-and-speedGood-cyber-hygiene-at-scale-and-speed
Good-cyber-hygiene-at-scale-and-speed
 
Cybersecurity 2 cyber attacks
Cybersecurity 2 cyber attacksCybersecurity 2 cyber attacks
Cybersecurity 2 cyber attacks
 
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...
Think You’re Covered? Think Again. Cybersecurity, Data Privacy, Payments Frau...
 
Lec21 security
Lec21 securityLec21 security
Lec21 security
 
Cybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamCybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by Adam
 
Information Security in a Compliance World
Information Security in a Compliance WorldInformation Security in a Compliance World
Information Security in a Compliance World
 
Cyber security awareness booklet for citizens from mahashtra cyber 10 jan2020
Cyber security awareness booklet for citizens from mahashtra cyber 10 jan2020Cyber security awareness booklet for citizens from mahashtra cyber 10 jan2020
Cyber security awareness booklet for citizens from mahashtra cyber 10 jan2020
 
Online Security and Privacy Issues
Online Security and Privacy IssuesOnline Security and Privacy Issues
Online Security and Privacy Issues
 
Unveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureUnveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity posture
 
Webinar - Cyber Hygiene: Stay Clean at Work and at Home
Webinar - Cyber Hygiene: Stay Clean at Work and at HomeWebinar - Cyber Hygiene: Stay Clean at Work and at Home
Webinar - Cyber Hygiene: Stay Clean at Work and at Home
 
Evolution of ransomware
Evolution of ransomwareEvolution of ransomware
Evolution of ransomware
 
Taking the offensive Security Leaders V9.1
Taking the offensive Security Leaders V9.1Taking the offensive Security Leaders V9.1
Taking the offensive Security Leaders V9.1
 
2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-security2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-security
 
Cybersecurity Cyber Usalama
Cybersecurity Cyber UsalamaCybersecurity Cyber Usalama
Cybersecurity Cyber Usalama
 
CYBER ATTACK RECOVERY GUIDE
CYBER ATTACK RECOVERY GUIDECYBER ATTACK RECOVERY GUIDE
CYBER ATTACK RECOVERY GUIDE
 

Viewers also liked

Bab 01 pik (konsep tamadun)
Bab 01 pik (konsep tamadun)Bab 01 pik (konsep tamadun)
Bab 01 pik (konsep tamadun)
Adibah Sulaiman
 
жихарка 2
жихарка 2жихарка 2
жихарка 2
Валерия Кулеш
 
Weyker Kristi Resume 10-26-2016 Updates
Weyker Kristi Resume 10-26-2016 UpdatesWeyker Kristi Resume 10-26-2016 Updates
Weyker Kristi Resume 10-26-2016 Updates
Kristi Weyker
 

Viewers also liked (14)

Animacion
Animacion Animacion
Animacion
 
коломенское экскурсия
коломенское экскурсияколоменское экскурсия
коломенское экскурсия
 
Navigating Medicaid: Part2
Navigating Medicaid: Part2Navigating Medicaid: Part2
Navigating Medicaid: Part2
 
Bab 2 (1)
Bab 2 (1)Bab 2 (1)
Bab 2 (1)
 
No ui is the best ui
No ui is the best uiNo ui is the best ui
No ui is the best ui
 
Guide testing-and-tagging-portable-electrical-equipment-and-residual-current-...
Guide testing-and-tagging-portable-electrical-equipment-and-residual-current-...Guide testing-and-tagging-portable-electrical-equipment-and-residual-current-...
Guide testing-and-tagging-portable-electrical-equipment-and-residual-current-...
 
Suitable polymer suitable drug
Suitable polymer suitable drugSuitable polymer suitable drug
Suitable polymer suitable drug
 
IRAS and Retirement Planning
IRAS and Retirement PlanningIRAS and Retirement Planning
IRAS and Retirement Planning
 
Bab 01 pik (konsep tamadun)
Bab 01 pik (konsep tamadun)Bab 01 pik (konsep tamadun)
Bab 01 pik (konsep tamadun)
 
SDLC Models
SDLC ModelsSDLC Models
SDLC Models
 
жихарка 2
жихарка 2жихарка 2
жихарка 2
 
AVSR 091216
AVSR 091216AVSR 091216
AVSR 091216
 
Weyker Kristi Resume 10-26-2016 Updates
Weyker Kristi Resume 10-26-2016 UpdatesWeyker Kristi Resume 10-26-2016 Updates
Weyker Kristi Resume 10-26-2016 Updates
 
Bicicleta na Escola, por Ana Destri
Bicicleta na Escola, por Ana DestriBicicleta na Escola, por Ana Destri
Bicicleta na Escola, por Ana Destri
 

Similar to Spear Phishing Defense

CBI Threat Landscape Webinar
CBI Threat Landscape WebinarCBI Threat Landscape Webinar
CBI Threat Landscape Webinar
Joseph Schorr
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools Tactics
Ben Graybar
 
Addressing the Top 3 Real-world Security Challenges for Your IBM i Systems
Addressing the Top 3 Real-world Security Challenges for Your IBM i SystemsAddressing the Top 3 Real-world Security Challenges for Your IBM i Systems
Addressing the Top 3 Real-world Security Challenges for Your IBM i Systems
Precisely
 
Cyber Risks & Liabilities - Cyber Security for Small Businesses
Cyber Risks & Liabilities - Cyber Security for Small BusinessesCyber Risks & Liabilities - Cyber Security for Small Businesses
Cyber Risks & Liabilities - Cyber Security for Small Businesses
ntoscano50
 

Similar to Spear Phishing Defense (20)

APT Webinar
APT WebinarAPT Webinar
APT Webinar
 
CBI Threat Landscape Webinar
CBI Threat Landscape WebinarCBI Threat Landscape Webinar
CBI Threat Landscape Webinar
 
Cybersecurity: How Safe Is Your Organization?
Cybersecurity: How Safe Is Your Organization?Cybersecurity: How Safe Is Your Organization?
Cybersecurity: How Safe Is Your Organization?
 
Phishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresPhishing: Analysis and Countermeasures
Phishing: Analysis and Countermeasures
 
OWASP_Presentation_FINAl. Cybercrime and cyber security awareness
OWASP_Presentation_FINAl. Cybercrime and cyber security awarenessOWASP_Presentation_FINAl. Cybercrime and cyber security awareness
OWASP_Presentation_FINAl. Cybercrime and cyber security awareness
 
Phishing Whaling and Hacking Case Studies.pptx
Phishing Whaling and Hacking Case Studies.pptxPhishing Whaling and Hacking Case Studies.pptx
Phishing Whaling and Hacking Case Studies.pptx
 
Strengthening the Weakest Link - Reducing Risks from Social Engineering Attacks
Strengthening the Weakest Link - Reducing Risks from Social Engineering AttacksStrengthening the Weakest Link - Reducing Risks from Social Engineering Attacks
Strengthening the Weakest Link - Reducing Risks from Social Engineering Attacks
 
How to Protect Your Business from Cyber Threats | The Entrepreneur Review
How to Protect Your Business from Cyber Threats | The Entrepreneur ReviewHow to Protect Your Business from Cyber Threats | The Entrepreneur Review
How to Protect Your Business from Cyber Threats | The Entrepreneur Review
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools Tactics
 
Social Engineering: "The Cyber-Con"
Social Engineering: "The Cyber-Con"Social Engineering: "The Cyber-Con"
Social Engineering: "The Cyber-Con"
 
Addressing the Top 3 Real-world Security Challenges for Your IBM i Systems
Addressing the Top 3 Real-world Security Challenges for Your IBM i SystemsAddressing the Top 3 Real-world Security Challenges for Your IBM i Systems
Addressing the Top 3 Real-world Security Challenges for Your IBM i Systems
 
Cybersecurity Five Facts in Five Minutes - IOD - London - 20161129
Cybersecurity Five Facts in Five Minutes - IOD - London - 20161129Cybersecurity Five Facts in Five Minutes - IOD - London - 20161129
Cybersecurity Five Facts in Five Minutes - IOD - London - 20161129
 
Phishing.pdf
Phishing.pdfPhishing.pdf
Phishing.pdf
 
Breakfast Briefings - February 2018
Breakfast Briefings - February 2018Breakfast Briefings - February 2018
Breakfast Briefings - February 2018
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing
 
Cyber Risks & Liabilities - Cyber Security for Small Businesses
Cyber Risks & Liabilities - Cyber Security for Small BusinessesCyber Risks & Liabilities - Cyber Security for Small Businesses
Cyber Risks & Liabilities - Cyber Security for Small Businesses
 
Something is Phishy: Cyber Scams and How to Avoid Them
Something is Phishy: Cyber Scams and How to Avoid ThemSomething is Phishy: Cyber Scams and How to Avoid Them
Something is Phishy: Cyber Scams and How to Avoid Them
 
Dark Net The Devil in the Details - Larry Boettger and Michael Horsch Fizz
Dark Net The Devil in the Details - Larry Boettger and Michael Horsch FizzDark Net The Devil in the Details - Larry Boettger and Michael Horsch Fizz
Dark Net The Devil in the Details - Larry Boettger and Michael Horsch Fizz
 
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
 
IT2252_Presentation_Group03.pptx
IT2252_Presentation_Group03.pptxIT2252_Presentation_Group03.pptx
IT2252_Presentation_Group03.pptx
 

More from Joseph Schorr

Rule 1: Cardio (and some other rules to keep intruders out)
Rule 1: Cardio (and some other rules to keep intruders out)Rule 1: Cardio (and some other rules to keep intruders out)
Rule 1: Cardio (and some other rules to keep intruders out)
Joseph Schorr
 
Security awarenesspreso draft-v-11
Security awarenesspreso draft-v-11Security awarenesspreso draft-v-11
Security awarenesspreso draft-v-11
Joseph Schorr
 

More from Joseph Schorr (6)

Retail security-services--client-presentation
Retail security-services--client-presentationRetail security-services--client-presentation
Retail security-services--client-presentation
 
Rule 1: Cardio (and some other rules to keep intruders out)
Rule 1: Cardio (and some other rules to keep intruders out)Rule 1: Cardio (and some other rules to keep intruders out)
Rule 1: Cardio (and some other rules to keep intruders out)
 
Security awarenesspreso draft-v-11
Security awarenesspreso draft-v-11Security awarenesspreso draft-v-11
Security awarenesspreso draft-v-11
 
FETC - A Laptop in Every Classroom: Lessons Learned
FETC - A Laptop in Every Classroom: Lessons LearnedFETC - A Laptop in Every Classroom: Lessons Learned
FETC - A Laptop in Every Classroom: Lessons Learned
 
HIPAA Preso
HIPAA PresoHIPAA Preso
HIPAA Preso
 
Information Security - The Basics
Information Security - The BasicsInformation Security - The Basics
Information Security - The Basics
 

Spear Phishing Defense

  • 1. CBI WEBINAR SERIES SPEAR PHISHING DEFENSE Presented By: Joe Schorr Principal Security Strategist 800.747.8585 | help@cbihome.com
  • 2. Agenda • Spear Phishing Defined • Spear Phishing Defense • Next Steps • Tips for home and family • Q&A 2 800.747.8585 | help@cbihome.com
  • 3. Spear Phishing Defined Spear phishing is a targeted attack using email spoofing that seeks to obtain illegal access in order to steal confidential data. These attacks are not the work of random actors but more often the persistent efforts of criminal enterprises, or state-sponsored professionals seeking trade secrets, financial gain or military intelligence. Spear phishing emails leverage social engineering techniques and appear to come from within a person’s place of employment, an authority figure or a known associate. 3 800.747.8585 | help@cbihome.com
  • 4. Security Trends CHALLENGING THREAT LANDSCAPE MALICIOUS INSIDERS TARGETED ATTACKS INCREASING EVOLVING COMPLEXITY INFRASTRUCTURE INCREASING FINANCIAL AND BRAND RISK DATA GROWTH COMPLIANCE REQUIREMENTS MOBILE VIRTUALIZATION VENDOR COMPLEXITY CLOUD 800.747.8585 | help@cbihome.com
  • 5. Recent Events – Personal Information Lost 5 800.747.8585 | help@cbihome.com
  • 6. Recent Events – Spear Phishing Attacks 6 800.747.8585 | help@cbihome.com
  • 7. Anatomy of the Attack Step 4 • Gather and encrypt stolen data Step 2 Step 5 • Fake Email • Stolen data Delivered transferred to Step 3 attacker • Create a backdoor and steal user information Step 1 • Targets (people) researched and pinpointed 7 800.747.8585 | help@cbihome.com
  • 8. Step 1 – Target selection and research 1. Target selected from shopping list 2. Passive searching – ‘Google-Fu’ 3. Cyber-stalking via Facebook and Linked In 4. Select individuals for Spear-phishing attack 5. Customize mail to targets 8 800.747.8585 | help@cbihome.com
  • 9. Step 2 – ‘Payload’ Delivery 1. The targeted person receives the fake email 2. User follows instructions on false site they are directed to 3. Or… the user opens a malicious payload in an attachment 9 800.747.8585 | help@cbihome.com
  • 10. Step 3 – Exploitation 1. Create ‘Backdoor’ to access the network un-impeded 2. Steal credentials, i.e. user names and passwords 3. ‘Phone Home’ to Command & Control servers 4. Spread out to other systems 10 800.747.8585 | help@cbihome.com
  • 11. Step 4 – Data Gathering 1. Gather important data targeted by the original shopping list 2. Encrypt the stolen data 3. Prepare the data to be transferred from the target 11 800.747.8585 | help@cbihome.com
  • 12. Step 5 - Extraction Encrypted data extracted via FTP to compromised server outside the target’s network 12 800.747.8585 | help@cbihome.com
  • 13. Spear Phishing Defense 1. REVIEW! Your personal information on the internet and social networking sites immediately. Start to look at your online persona as an attacker would. 13 800.747.8585 | help@cbihome.com
  • 14. Spear Phishing Defense 2. SANITIZE! Your online life. Remove references to personal information on social networking and social media sites. Even family info, photos and hobbies can be used against you and your company. 14 800.747.8585 | help@cbihome.com
  • 15. Spear Phishing Defense 3. DON’T! Click links or respond to mysterious email messages. Double-check the authenticity especially if they seem abnormally urgent. Examine the link names. 15 800.747.8585 | help@cbihome.com
  • 16. Spear Phishing Defense 4. UPDATE! And patch your anti-virus software. Many attackers make use of ‘zero-day’ or very new viruses and attack vectors. Keeping up to date is your best defense against new malware. 16 800.747.8585 | help@cbihome.com
  • 17. Spear Phishing Defense 5. TURN ON! All the features on your security software. Make sure that all elements of the solution are enabled and active. It does no good if your anti-virus is ‘On’ but the firewall or email filters are ‘Off’. 17 800.747.8585 | help@cbihome.com
  • 18. Spear Phishing Defense 6. ENCRYPT! The Crown Jewels of your organization. Make your priceless data ‘worthless’. 18 800.747.8585 | help@cbihome.com
  • 19. Spear Phishing Defense 7. PREVENT! Sensitive data from leaving. Data Loss Prevention inspects the content flow and give assurance the content doesn’t contain any sensitive data that may be violate company policy. If it violates the policy, the transmission is blocked and a notification sent. 19 800.747.8585 | help@cbihome.com
  • 20. Next Steps • Publish a corporate policy for public information • Prohibit publication of org charts, personal info, phone lists, customer lists, etc. • Implement awareness training for your employees • Let them know they are targets and what attackers want to know • Create a Phishing Response Strategy • Begin to track the kinds of ‘spam’ you’re getting (you may be targeted and not realize it) • Contact CBI for assistance with these and other information security and security awareness issues, including security and vulnerability assessments 20 800.747.8585 | help@cbihome.com
  • 21. Tips for Home http://www.connectsafely.org/ http://www.staysafeonline.org http://us.norton.com/content/en pdfs/fbparents.pdf /sites/default/files/resource_d /us/home_homeoffice/media/the ocuments/Parents%20Internet me/parentresources/FamilyOnlin %20Safety%20and%20Security eSafetyGuide_3rdEd_final.pdf %20STC.pdf 21 800.747.8585 | help@cbihome.com
  • 22. THANK YOU jschorr@cbihome.com @JoeSchorr 800.747.8585 | help@cbihome.com