LinkedIn to Your Network - The Social Engineering Threat

586 views

Published on

By nature, humans are inclined to trust. Unfortunately, attackers are often successful in breaching large enterprises by targeting specific individuals and utilizing social engineering to obtain confidential information. Once an adversary is able to gain enough data through social media or other channels, they can pose as an authentic user with valid credentials, bypassing traditional security measures.

Join Lancope’s Joey Muniz, aka The Security Blogger, to hear about his successful, real-life experiments in using social engineering to easily compromise high-profile targets.

Learn about:

· The dangers of insider threats

·How attackers are leveraging social media to compromise targets

· Best practices for defending network interiors from attackers with authentic credentials

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
586
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
16
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

LinkedIn to Your Network - The Social Engineering Threat

  1. 1. © Lancope 5/5/2013
  2. 2. This talk focuses on Facebook & LinkedIN HOWEVER these are not the only Social Engineering attack vectors • Fake Police Department for DOJ • Fake Emergency Responder To Gain Access • Scary  Take a job, gather info, leave Warning!
  3. 3. Who Are Your Cyber Friends?
  4. 4. Or Joseph ??? Josephine ???
  5. 5. People send 64 million tweets per day. Lady Gaga has more followers than the president. The Facts 1 in 5 Couples meet online. 1 in 5 also blame divorce on Facebook Facebook passed Google - most visited internet site. • 11% of world’s population has Facebook account. • More Facebook accounts than automobiles. • If Facebook were a country, it would be the 3rd largest in the world
  6. 6. What Is Your Digital Identity?
  7. 7. Robin Sage Fictional American cyber threat analyst created to abstract sensitive information. She graduated from MIT and had 10 years of experience despite she was 25 years old. Despite the fake profile, she was offered consulting work with notable companies such as Google and Lockheed Marti. She had friends in the FBI, CIA and even offered dinner invitations from male friends.
  8. 8. Emily Olivia Williams Fictional CSE created to abstract sensitive information from a specific target. She graduated from MIT and had 10 years of experience despite she was 28 years old. Despite the fake profile, she was offered sensitive information from our target’s AM and CSEs. She had friends in large partner vendors and even offered dinner invitations from male friends.
  9. 9. The Impact of Social Media 10 minutes: 20 Facebook connections 6 LinkedIn Connections 15 hours: 60 Facebook connections 55 LinkedIn Connections 24 hours: 3 job offers Total Connections: 170 Employees 71 Cisco; 22 NetApp; 10 EMC; 35 McAfee 300+ Facebook friends Endorsements: 22 LinkedIn Endorsements For Expertise and Experience From Partners and co-workers Offers: 4 job offers, Laptop and office equipment, network access.
  10. 10. What we Did What? Created fake FaceBook and LinkedIn profile to gain information using social media. How? Social engineering techniques that allowed us to participate as a New Hire What was captured? Salesforce Logins, Issued Laptops, Jobs offers, Endorsements, Meet up requests What was the real threat? Published a Christmas card on social networks that gave us remote access to anyone that clicked on the link. This gave us significant access to devices and data.
  11. 11. The Social Engineering Kill Chain Reconnaissance Gain Access through Facebook and learn lifestyles Privilege escalation Gain C Level friends through other friends Infiltrate • Post links to hide attacks, collect information and fingerprint target • Email rootkit / Trojan horse applications Establish Foothold • Build backdoors and map out target’s internal network • Compromise Authentication – Create Email and Admin account Own Remove sensitive data
  12. 12. What Does Emily Teach Us? • Identities are a very Valuable commodity • Humans are naturally trusting • People use the same passwords for everything! • Attractive women can bypass procedures in a male dominated industry (Yes I said it … and its true!) • Common security products do not protect your employees from Social Engineering • Social Engineering threats can impact your business. • There isn’t a silver bullet product that can protect you from a future Emily Williams
  13. 13. Emily Williams Good News Some people asked “Do I know you”? Some people on Facebook flagged suspicious activity
  14. 14. Emily Williams Bad News What do you leave on social networks that could be used against you? Some people pretended to know her after using data from their facebook page
  15. 15. Social Engineer Countermeasures • Question suspicious behavior • Forward any possible threats to HR • Be aware of what is public • Never share work intel on social networks • Protect your data with STRONG passwords. • Don’t share devices used for work.
  16. 16. Your Infrastructure Provides the Source... Interne t Atlant a San Jose New York ASR-1000 Cat6k UCS with Nexus 1000v ASA Cat6k 3925 ISR 3560-X 3750-X Stack(s) Cat4k Datacente r WAN DMZ Access NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlo w
  17. 17. StealthWatch for APTs StealthWatch delivers visibility and actionable insight throughout the kill chain 19© Lancope 5/5/2013 Recon Exploitation (Social Engineering?) Initial Infection Command and Control Internal Pivot Data Preparation and Exfiltration
  18. 18. Stop Problems Before They Become Crises ImpacttotheBusiness($) credit card data compromised attack identified vulnerability closed attack thwarted early warning attack identified vulnerability closed attack onset STEALTHWATCH REDUCES MTTK Company with StealthWatch Company with Legacy Monitoring Tools 21© 2013 Lancope, Inc. All rights reserved. ~70% of Incident Response is spent on MTTK “Worm outbreaks impact revenue by up to $250k / hour. StealthWatch pays for itself in 30 minutes.” F500 Media Conglomerate 259% ROI MTTK Time
  19. 19. Thank you www.lancope.com www.thesecurityblogger.com Cisco Cyber Threat Defense BTW Lady Ga Ga’s twitter is @ladygaga

×