Successfully reported this slideshow.
Your SlideShare is downloading. ×

On Defending Against Doxxing: Benjamin Brown

Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Upcoming SlideShare
Malware SPAM - January 2013
Malware SPAM - January 2013
Loading in …3
×

Check these out next

1 of 54 Ad

More Related Content

Similar to On Defending Against Doxxing: Benjamin Brown (20)

More from EC-Council (20)

Advertisement

Recently uploaded (20)

On Defending Against Doxxing: Benjamin Brown

  1. 1. On  Defending  Against  Doxxing   Benjamin  Brown  
  2. 2. Who Am I? Benjamin  Brown   Akamai  Technologies       -  Incident  Response   -  Threat  Research   -  Actor  Profiling   -  System  Architecture  Reviews   -  Security  Training  and  Workshops  
  3. 3. Overview of Terms -  Doxxing:  “Publicly  releasing  a  person’s   idenCfying  informaCon  including  [but   not  limited  to]  full  name,  date  of  birth,   address,  phone  number,  and  pictures”     -  SWATing:  “To  cause  a  SWAT  team  to  be   deployed  on  (an  unsuspecCng  vicCm)  by   falsifying  a  threat”  
  4. 4. Why Should We Care? Pranking,  MarkeCng   SensiCve  InformaCon  Leaks   Harassment,  Bullying,  Stalking   Iden:ty  The=   SWATing     Targe:ng  For  Physical  ABack  
  5. 5. Why Should We Care?
  6. 6. Why Should We Care?
  7. 7. Why Should We Care?
  8. 8. Why Should We Care?
  9. 9. Why Should We Care?
  10. 10. From:  Tim  Oblivious   Sent:  Wednesday,  October  31,  3:55PM   To:  Paul  Bossman   Subject:  Family  Emergency     Paul,   I  just  wanted  to  let  you  know  that  I  will  not  be  able  to   come  into  work  tomorrow.  Something  came  up  at  home   and  I  had  to  go  to  New  York  this  morning  for  the  next   couple  of  days.  I  apologize  for  the  delayed  noCce.     Kind  Regards,   Tim   Real Cases
  11. 11. From:  Paul  Bossman   Sent:  Thursday,  November  1,  4:54PM   To:  Tim  Oblivious   CC:  Jill  Director   Subject:  RE:  Family  Emergency     Tim,   Thanks  for  le_ng  us  know  –  hope  everything  is  ok  in  New   York.  (cool  wand)     Cheers,   PB   Real Cases
  12. 12. Real Cases
  13. 13. Sunil  Tripathi    -­‐  Missing  Since  March  16th  2013    -­‐  MisidenCfied  as  Boston  Bomber    -­‐  Doxxed  on  Reddit  &  4chan    -­‐  Family  Death  Threats,  Harrasment    -­‐  Body  Found  in  Providence  River   Real Cases
  14. 14. Amanda  Todd’s  Bully    -­‐  Commifed  Suicide  Following   Cyberstalking  and  Blackmail    -­‐  Anonymous  Doxxed  Wrong  Man    -­‐  Had  to  Quit  Job,  Move  Across   Country,  Legally  Change  Name   Real Cases
  15. 15. Michael  Brown  Shooter    -­‐  Anonymous  Doxxed  Wrong  Man   and  His  Mother    -­‐  Never  Part  of  Ferguson  Police    -­‐  Death  Threats,  Thrown  Items    -­‐  Both  Financial  VicCms  of  ID  Thei     Real Cases
  16. 16. SWATTing
  17. 17. • Live  Recordings  of  Various   Online  Gamers   • MulCple  Gamergate  Targets   • Ashton  Kutcher   • Brian  Krebs   SWATTing
  18. 18. Chinese  "Human  Flesh  Search  Engine"     (人肉搜索,  Rénròu  sōusuǒ)    -­‐  CollaboraCve,  Distributed  Human   Research  on  a  Mass  Scale     Russian  Celeb  Doxxing    -­‐  Eastern  Bloc,  Europe,  Americas    -­‐  Kim  Kardashian,  Mel  Gibson,  Ashton  Kutcher,   Jay  Z,  Beyonce,  Paris  Hilton,  Britney  Spears   Global
  19. 19. The  Googles   -  Search  Operators  (“Google-­‐Fu”)   -  Usernames  <-­‐>  Email  Addresses   -  Cached  Websites     -  (Way  Back  Machine)   -  VariaCons  of  Usernames  and   Email  Addresses   Resources and Methods
  20. 20. Tools    -­‐  theHarvester    -­‐  Maltego    -­‐  Cree.py    -­‐  Recon-­‐NG   Resources and Methods
  21. 21. Social  Media   -  FB,  Twifer,  LinkedIn,  etc.   -  Contact  Info,  Family  Members,   Friends,  Acquaintances     -  Interests,  Haunts,  Paferns   -  Skillsets,  Jobs,  Colleagues   -  Answers  to  Security  Ques:ons     Resources and Methods
  22. 22. Resources and Methods
  23. 23. Social  Media   -  Forums,  Groups,  Mailinglists   -  Birthdate,  Age,  LocaCon   -  Hobbies,  FeCshes   -  Trusted  Usernames   -  Breaches     Resources and Methods
  24. 24. Resources and Methods
  25. 25. Resources and Methods Yahoo  Groups  -­‐  Freecycle  
  26. 26. - Whois     -  Full  Name   -  Phone  Number   -  Fax  Number   -  Email  Address(es)   -  Physical  Address     Resources and Methods
  27. 27. Resources and Methods
  28. 28. Data  Brokers   -  Spokeo,  Intelius,  pipl,  peekyou,  etc.   -  Free   -  Full  Name  (Incl.  Maiden  Name),  Age   -  Current  and  Former  Addresses   -  Family  Members  /  Ages  /  Addresses   -  Paid   -  Criminal  Records   -  Schools   -  Retail  AcCvity  InformaCon   Resources and Methods
  29. 29. Resources and Methods
  30. 30. Resources and Methods
  31. 31. Public  Records   -  Business  IncorporaCon,  Deeds,  etc.   -  Business  Partners   -  Addresses   -  Histories   -  Mappings  to  Other  Business   Resources and Methods
  32. 32. Resources and Methods
  33. 33. Resources and Methods
  34. 34. Resources and Methods
  35. 35. Resources and Methods
  36. 36. Public  Records   -  PoliCcal  ContribuCons   -  Name,  Address,  PoliCcal   AffiliaCon,  DonaCon  Amounts   -  PeCCons   -  Name,  Geographic  LocaCon,  Fuel   For  Social  Engineering     Resources and Methods
  37. 37. EXIF  Data   -  Photos,  Videos,  Audio   -  Device  /  Computer  InformaCon   -  Soiware  InformaCon   -  Times  and  Dates   -  GPS  Coordinates     Resources and Methods
  38. 38. Resources and Methods
  39. 39. Social  Engineering     -  ISP  /  Phone  Company  as   Spouse  or  Delegate   -  Current/Former  Place  of  Work   -  Family  as  Friends   -  Friends  as  Family     Resources and Methods
  40. 40. Social  Media  Mindfulness   -  Tighten  Security  and  Privacy  Se_ngs   -  Facebook,  Google+,  LinkedIn,  etc.   -  Restrict  Personal  InformaCon   -  Vet  ConnecCon  Requests   -  Untag  Judiciously   -  Block,  Uninstall  3rd  Party  Apps   Defense Methods
  41. 41. Secure  Your  Accounts    -­‐  Use  Strong  Passphrases    -­‐  Use  Two-­‐Factor  Auth    -­‐  Do  Not  Reuse  Passwords    -­‐  Shutdown  and  Clean-­‐out  Old,   Disused  Accounts    -­‐  Don’t  Let  Retail  Sites  Save  Data   Defense Methods
  42. 42. Defense Methods
  43. 43. Data  Clearinghouse  Opt-­‐Outs   -  Spokeo:   -  hfp://www.spokeo.com/opt_out/new   -  VerificaCon  needed:  Email  address   -  Pipl   -  hfps://pipl.com/directory/remove/   -  VerificaCon  needed:  Email  address   -  ZoomInfo   -  hfp://www.zoominfo.com/lookupEmail   -  VerificaCon  needed:  Email  address     Defense Methods More:  hfp://www.computerworld.com/arCcle/2849263/doxxing-­‐defense-­‐remove-­‐your-­‐personal-­‐info-­‐from-­‐data-­‐brokers.html  
  44. 44. Data  Clearinghouse  Opt-­‐Outs   -  Whitepages:   -  hfps://support.whitepages.com/hc/en-­‐us/ arCcles/203263794-­‐How-­‐do-­‐I-­‐remove-­‐my-­‐ people-­‐search-­‐profile-­‐   -  VerificaCon  needed:  Email  address  and  Phone   Number   -  Intellius  (and  subsidiaries)   -  hfps://www.intelius.com/optout.php   -  VerificaCon  needed:  Government  ID     Defense Methods More:  hfp://www.computerworld.com/arCcle/2849263/doxxing-­‐defense-­‐remove-­‐your-­‐personal-­‐info-­‐from-­‐data-­‐brokers.html  
  45. 45. Registering  a  Fic::ous     or  “Doing  Business  As”  (DBA)  name        -­‐  Protect  Your  Name,  Your   Partners,  Your  LLC  or  CorporaCon    -­‐  County  Clerk’s  Office  or  State   Government  Website  or  Office       Defense Methods
  46. 46. Land  Trusts  /  Holding  Corpora:ons        -­‐  Protect  Your  Name,  Address,  Etc.    -­‐  Keep  Sales  Price  Private      -­‐  Consult  a  Real  Estate  Lawyer       Defense Methods
  47. 47. Wiping  EXIF  Data  From  Media     -­‐  ExifTool  by  Phil  Harvey  (Win/Mac/Nix)   hfp://www.sno.phy.queensu.ca/~phil/exiiool/     -­‐  Windows:  Property  Details       Turn  off  Loca:on  Tagging  on  Devices   Defense Methods
  48. 48. Маскировка (Maskirovka)
  49. 49. -­‐  Use  different  and  ‘Meaningless’   Email  Accounts,  Usernames,  and   Passwords   -­‐  Employ  Pseudonyms   -­‐  Be  Wary  of  Cloud  Services   -­‐  Rotate  Phone  Numbers  and   Passwords  Oien   -­‐  Shred  All  IdenCfying  Paper  /  Mail   Маскировка (Maskirovka)
  50. 50. -­‐  DifferenCated  InformaCon  Release   -­‐  False  InformaCon   -­‐  Pics  of  Places  You  Haven’t  Been   -­‐  “Evidence”  of  Hobbies  You  Don’t  Have   -­‐  Early  InformaCon   -­‐  Late  InformaCon   -­‐  Don’t  Post  Photos  Right  Away   -­‐  Family  /  Friends  Corroborate   Маскировка (Maskirovka)
  51. 51. -­‐ Always  Use  (No-­‐Split)  VPN   -­‐ Watch  for  DNS  /  IP  Leaks   -­‐ Consider  TOR   -­‐ Don’t  Use  Skype   -­‐ Start  Building  Other  IdenCCes   -­‐ Encrypt  All  The  Things   -­‐ OTR,  PGP,  Etc.   Маскировка (Maskirovka)
  52. 52. -  MiCgate  Immediate  Danger   -  Call  911,  File  a  Police  Report   - Fully  Document   -  Shreenshots,  Printouts,  etc.   - Clean-­‐up   -  Close  Down  Accounts   I’ve Been Doxxed!
  53. 53. - Credit  Watch  Services   - ID  Thei  Watch  Services   - ID  Thei  or  Blackmail   Afempts  =  Contact  FBI   - Inform  Local  Police  About   any  SWATing  Concerns   I’ve Been Doxxed!
  54. 54. Questions?     bbrowntalks@gmail.com  

×