SlideShare a Scribd company logo

Undermining security infographic

Venafi
Venafi

Why did Chinese cybercriminals want to breach an American health services company? Perhaps they were hoping to resell personal data or learn how to operate distributed hospital systems for profit. More likely, this was a test—a proof-of-concept attack that was vastly successful in stealing data by undermining the security controls of this Fortune 200 business. Having now proven the attack vector, APT 18 will decide when and where to use the attack on other targets. How did they do it? This exclusive new infographic highlights the 4 attack stages used by many threats that rely on compromised keys and certificates to bypass existing enterprise security controls. Learn these stages and find out how to ensure your enterprise is not the next headline.

Internet
1 of 1
Download to read offline
ONLY A TEST PROOF OF CONCEPT 110100101010110101000100001000110101001001011011001111011100110110000000110000011111111110010010101000010101111101010011 010100011011101110100101010110101000100001000110101001001011011001111011100110110000000110000011111111110010010101000010 011111010100111010100011011101110100101010110101000100001000110101001001011011001111011100110110000000110000011111111110 100101010000101011111010100111010100011011101110100101010110101000100001000110101001001011011001111011100110110000000110 000111111111100100101010000101011111010100111010100011011101110100101010110101000100001000110101001001011011001111011100 101100000001100000111111111100100101010000101011111010100111010100011011101110100101010110101000100001000110101001001011 110011110111001101100000001100000111111111100100101010000101011111010100111010100011011101110100101010110101000100001000 101010010010110110011110111001101100000001100000111111111100100101010000101011111010100111010100011011101110100101010110 010001000010001101010010010110110011110111001101100000001100000111111111100100101010000101011111010100111010100011011101 101001010101101010001000010001101010010010110110011110111001101100000001100000111111111100100101010000101011111010100111 101000110111011101001010101101010001000010001101010010010110110011110111001101100000001100000111111111100100101010000101 111110101001110101000110111011101001010101101010001000010001101010010010110110011110111001101100000001100000111111111100 001010100001010111110101001110101000110111011101001010101101010001000010001101010010010110110011110111001101100000001100 001111111111001001010100001010111110101001110101000110111011101001010101101010001000010001101010010010110110011110111001 011000000011000001111111111001001010100001010111110101001110101000110111010101111101010011101010001101110111010010101011 101000100001000110101001001011011001111011100110110000000110000011111111110010010101000010101111101010011101010001101110 110100101010110101000100001000110101001001011011001111011100110110000000110000011111111110010010101000010101111101010011 010100011011101110010010101000010101111101010011101010001101110111010010101011010100010000100011010100100101101100111101 100110110000000110000011111111110010010101000010101111101010011101010001101110111010010101011010100010000100011010100100 011011001111011100110110000000110000011111111110010010101000010101111101010011101010001101110101011111010100111010100011 STOLE PRIVATE KEYS 110100101010110101000100001000110101001001011011001111011100110110000000110000011111111110010010101000010101111101010011 010100011011101110100101010110101000100001000110101001001011011001111011100110110000000110000011111111110010010101000010 011111010100111010100011011101110100101010110101000100001000110101001001011011001111011100110110000000110000011111111110 100101010000101011111010100111010100011011101110100101010110101000100001000110101001001011011001111011100110110000000110 000111111111100100101010000101011111010100111010100011011101110100101010110101000100001000110101001001011011001111011100 101100000001100000111111111100100101010000101011111010100111010100011011101110100101010110101000100001000110101001001011 110011110111001101100000001100000111111111100100101010000101011111010100111010100011011101110100101010110101000100001000 101010010010110110011110111001101100000001100000111111111100100101010000101011111010100111010100011011101110100101010110 010001000010001101010010010110110011110111001101100000001100000111111111100100101010000101011111010100111010100011011101 101001010101101010001000010001101010010010110110011110111001101100000001100000111111111100100101010000101011111010100111 101000110111011101001010101101010001000010001101010010010110110011110111001101100000001100000111111111100100101010000101 111110101001110101000110111011101001010101101010001000010001101010010010110110011110111001101100000001100000111111111100 001010100001010111110101001110101000110111011101001010101101010001000010001101010010010110110011110111001101100000001100 001111111111001001010100001010111110101001110101000110111011101001010101101010001000010001101010010010110110011110111001 011000000011000001111111111001001010100001010111110101001110101000110111010101111101010011101010001101110111010010101011 101000100001000110101001001011011001111011100110110000000110000011111111110010010101000010101111101010011101010001101110 110100101010110101000100001000110101001001011011001111011100110110000000110000011111111110010010101000010101111101010011 010100011011101110010010101000010101111101010011101010001101110111010010101011010100010000100011010100100101101100111101 100110110000000110000011111111110010010101000010101111101010011101010001101110111010010101011010100010000100011010100100 011011001111011100110110000000110000011111111110010010101000010101111101010011101010001101110101011111010100111010100011 GAINED ACCESS ATTACK STAGE 2 EXPANDED FOOTHOLD ATTACK STAGE 3 ATTACK STAGE 4 EXFILTRATED DATA WARNING APT18’s test attack was vastly successful in stealing data by undermining the existing security systems. What will be their next target? Have you protected your keys and certificates from misuse, such as a Heartbleed compromise, malware, or other exploits? PROTECT YOUR BUSINESS 1 Learn how to protect your business at www.venafi.com/apt18-attack 2 3 4 Secure: Find all keys and certificates Enforce: Apply policies and workflow requirements Detect: Identify changes, misuse, and anomalies Respond: Replace keys and certificates automatically THE ATTACKERS EXFILTRATED DATA USING SSL Most security controls do not conduct SSL inspection or have ALL of the keys necessary to decrypt ALL traffic, leaving a huge blind spot. ATTACKERS BYPASSED SECURITY CONTROLS Used encrypted SSL/TLS communications to bypass security controls, including DLP, IDS/IPS, threat detection, sandboxing, etc. ONCE IN, ATTACKERS WORKED TO ELEVATE PRIVILEGES AND EXPAND ACCESS Stole or created new SSH keys and certificates for future backdoor access and exfiltration of data. ATTACKERS BYPASSED SECURITY CONTROLS Including firewall, authentication, VPN and privileged access controls by using stolen keys and certificates to hide their activity. THE ATTACKERS BREACHED THE COMPANY Using stolen private keys and VPN credentials. The private keys were used to decrypt live data. ATTACKERS BYPASSED SECURITY CONTROLS Circumventing firewalls, authentication, and other security controls. NAME ID SSN ADDRESS Attackers used HEARTBLEED To compromises private keys. ATTACKERS BYPASSED SECURITY CONTROLS In addition to Heartbleed, they could have used any of the millions of malware variants that steal keys and certificates to bypass security controls. KEYS & CERTIFICATES INTRODUCTION As reported by Time, Bloomberg, and others, known Chinese cyber-espoinage operator, APT18, compromised a Fortune 200 American health services organization and stole data on 4.5 million patients. ATTACKERS BYPASSED SECURITY CONTROLS Using compromised keys and certificates. ATTACK STAGE 1 APT 18 UNDERMINING SECURITYTHE BAD GUYS HAVE TESTED A POWERFUL PROOF-OF-CONCEPT ATTACK AND PROVEN IT WORKS. WILL YOU BE THE NEXT TARGET?

Recommended

RSAC2013 CME Group case study
RSAC2013 CME Group case studyRSAC2013 CME Group case study
RSAC2013 CME Group case study
Venafi
 
Trust Online is at the Breaking Point
Trust Online is at the Breaking PointTrust Online is at the Breaking Point
Trust Online is at the Breaking Point
Venafi
 
What is-flame-miniflame
What is-flame-miniflameWhat is-flame-miniflame
What is-flame-miniflame
Venafi
 
Four Must Know Certificate and Key Management Threats That Can Bring Down You...
Four Must Know Certificate and Key Management Threats That Can Bring Down You...Four Must Know Certificate and Key Management Threats That Can Bring Down You...
Four Must Know Certificate and Key Management Threats That Can Bring Down You...
Venafi
 
Præsentation Greenland Hostels
Præsentation Greenland HostelsPræsentation Greenland Hostels
Præsentation Greenland Hostels
John Harry Enggaard
 
SANS 20 Critical Security Control 17 Requirements for SSL/TLS Security and Ma...
SANS 20 Critical Security Control 17 Requirements for SSL/TLS Security and Ma...SANS 20 Critical Security Control 17 Requirements for SSL/TLS Security and Ma...
SANS 20 Critical Security Control 17 Requirements for SSL/TLS Security and Ma...
Venafi
 
Where Are My SSH Keys?
Where Are My SSH Keys?Where Are My SSH Keys?
Where Are My SSH Keys?
Venafi
 
When a Certificate Authority Fails, How Quickly Can You Restore Trust?
When a Certificate Authority Fails, How Quickly Can You Restore Trust?When a Certificate Authority Fails, How Quickly Can You Restore Trust?
When a Certificate Authority Fails, How Quickly Can You Restore Trust?
Venafi
 

Recommended

RSAC2013 CME Group case study
RSAC2013 CME Group case studyRSAC2013 CME Group case study
RSAC2013 CME Group case study
Venafi
 
Trust Online is at the Breaking Point
Trust Online is at the Breaking PointTrust Online is at the Breaking Point
Trust Online is at the Breaking Point
Venafi
 
What is-flame-miniflame
What is-flame-miniflameWhat is-flame-miniflame
What is-flame-miniflame
Venafi
 
Four Must Know Certificate and Key Management Threats That Can Bring Down You...
Four Must Know Certificate and Key Management Threats That Can Bring Down You...Four Must Know Certificate and Key Management Threats That Can Bring Down You...
Four Must Know Certificate and Key Management Threats That Can Bring Down You...
Venafi
 
Præsentation Greenland Hostels
Præsentation Greenland HostelsPræsentation Greenland Hostels
Præsentation Greenland Hostels
John Harry Enggaard
 
SANS 20 Critical Security Control 17 Requirements for SSL/TLS Security and Ma...
SANS 20 Critical Security Control 17 Requirements for SSL/TLS Security and Ma...SANS 20 Critical Security Control 17 Requirements for SSL/TLS Security and Ma...
SANS 20 Critical Security Control 17 Requirements for SSL/TLS Security and Ma...
Venafi
 
Where Are My SSH Keys?
Where Are My SSH Keys?Where Are My SSH Keys?
Where Are My SSH Keys?
Venafi
 
When a Certificate Authority Fails, How Quickly Can You Restore Trust?
When a Certificate Authority Fails, How Quickly Can You Restore Trust?When a Certificate Authority Fails, How Quickly Can You Restore Trust?
When a Certificate Authority Fails, How Quickly Can You Restore Trust?
Venafi
 
Ponemon Report: When Trust Online Breaks, Businesses Lose Customers
Ponemon Report: When Trust Online Breaks, Businesses Lose CustomersPonemon Report: When Trust Online Breaks, Businesses Lose Customers
Ponemon Report: When Trust Online Breaks, Businesses Lose Customers
Venafi
 
How an Attack by a Cyber-espionage Operator Bypassed Security Controls
How an Attack by a Cyber-espionage Operator Bypassed Security ControlsHow an Attack by a Cyber-espionage Operator Bypassed Security Controls
How an Attack by a Cyber-espionage Operator Bypassed Security Controls
Venafi
 
Breaching the NSA Graphic
Breaching the NSA GraphicBreaching the NSA Graphic
Breaching the NSA Graphic
Venafi
 
Breaching the NSA
Breaching the NSABreaching the NSA
Breaching the NSA
Venafi
 
The Evolution of Cyber Attacks
The Evolution of Cyber AttacksThe Evolution of Cyber Attacks
The Evolution of Cyber Attacks
Venafi
 
Ponemon - Cost of Failed Trust: Threats and Attacks
Ponemon - Cost of Failed Trust: Threats and AttacksPonemon - Cost of Failed Trust: Threats and Attacks
Ponemon - Cost of Failed Trust: Threats and Attacks
Venafi
 
Five Must Haves to Prevent Encryption Disasters
Five Must Haves to Prevent Encryption DisastersFive Must Haves to Prevent Encryption Disasters
Five Must Haves to Prevent Encryption Disasters
Venafi
 
原版定制(爱大毕业证书)英国爱丁堡大学毕业证原件一模一样
原版定制(爱大毕业证书)英国爱丁堡大学毕业证原件一模一样原版定制(爱大毕业证书)英国爱丁堡大学毕业证原件一模一样
原版定制(爱大毕业证书)英国爱丁堡大学毕业证原件一模一样
gfhdsfr
 
一比一定制(USC毕业证书)美国南加州大学毕业证学位证书
一比一定制(USC毕业证书)美国南加州大学毕业证学位证书一比一定制(USC毕业证书)美国南加州大学毕业证学位证书
一比一定制(USC毕业证书)美国南加州大学毕业证学位证书
Fir
 
一比一原版(Princeton毕业证书)普林斯顿大学毕业证如何办理
一比一原版(Princeton毕业证书)普林斯顿大学毕业证如何办理一比一原版(Princeton毕业证书)普林斯顿大学毕业证如何办理
一比一原版(Princeton毕业证书)普林斯顿大学毕业证如何办理
C
 
一比一原版英国萨赛克斯大学毕业证如何办理
一比一原版英国萨赛克斯大学毕业证如何办理一比一原版英国萨赛克斯大学毕业证如何办理
一比一原版英国萨赛克斯大学毕业证如何办理
SDSA
 
I’ll See Y’All Motherfuckers In Game 7 Shirt
I’ll See Y’All Motherfuckers In Game 7 ShirtI’ll See Y’All Motherfuckers In Game 7 Shirt
I’ll See Y’All Motherfuckers In Game 7 Shirt
rahman018755
 
iThome_CYBERSEC2024_Drive_Into_the_DarkWeb
iThome_CYBERSEC2024_Drive_Into_the_DarkWebiThome_CYBERSEC2024_Drive_Into_the_DarkWeb
iThome_CYBERSEC2024_Drive_Into_the_DarkWeb
Jie Liau
 
一比一定制(Dundee毕业证书)英国邓迪大学毕业证学位证书
一比一定制(Dundee毕业证书)英国邓迪大学毕业证学位证书一比一定制(Dundee毕业证书)英国邓迪大学毕业证学位证书
一比一定制(Dundee毕业证书)英国邓迪大学毕业证学位证书
gfhdsfr
 
原版定制美国加州大学河滨分校毕业证原件一模一样
原版定制美国加州大学河滨分校毕业证原件一模一样原版定制美国加州大学河滨分校毕业证原件一模一样
原版定制美国加州大学河滨分校毕业证原件一模一样
A
 
100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...
100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...
100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...
musaddumba454
 
🍑👄Dehradun Esℂorts Serviℂe☎️9315791090🍑👄 ℂall Girl serviℂe in ☎️Dehradun ℂall...
🍑👄Dehradun Esℂorts Serviℂe☎️9315791090🍑👄 ℂall Girl serviℂe in ☎️Dehradun ℂall...🍑👄Dehradun Esℂorts Serviℂe☎️9315791090🍑👄 ℂall Girl serviℂe in ☎️Dehradun ℂall...
🍑👄Dehradun Esℂorts Serviℂe☎️9315791090🍑👄 ℂall Girl serviℂe in ☎️Dehradun ℂall...
Mumbai Escorts
 
原版定制(PSU毕业证书)美国宾州州立大学毕业证原件一模一样
原版定制(PSU毕业证书)美国宾州州立大学毕业证原件一模一样原版定制(PSU毕业证书)美国宾州州立大学毕业证原件一模一样
原版定制(PSU毕业证书)美国宾州州立大学毕业证原件一模一样
rgdasda
 
一比一定制(OSU毕业证书)美国俄亥俄州立大学毕业证学位证书
一比一定制(OSU毕业证书)美国俄亥俄州立大学毕业证学位证书一比一定制(OSU毕业证书)美国俄亥俄州立大学毕业证学位证书
一比一定制(OSU毕业证书)美国俄亥俄州立大学毕业证学位证书
rgdasda
 
一比一原版加拿大多伦多大学毕业证(UofT毕业证书)如何办理
一比一原版加拿大多伦多大学毕业证(UofT毕业证书)如何办理一比一原版加拿大多伦多大学毕业证(UofT毕业证书)如何办理
一比一原版加拿大多伦多大学毕业证(UofT毕业证书)如何办理
egfdgfd
 
一比一原版(Cranfield毕业证书)英国克兰菲尔德大学毕业证如何办理
一比一原版(Cranfield毕业证书)英国克兰菲尔德大学毕业证如何办理一比一原版(Cranfield毕业证书)英国克兰菲尔德大学毕业证如何办理
一比一原版(Cranfield毕业证书)英国克兰菲尔德大学毕业证如何办理
gfhdsfr
 
💞 Safe And Seℂure ℂall Girls Dehradun ℂall Girls Serviℂe Just ℂall 🍑👄93157910...
💞 Safe And Seℂure ℂall Girls Dehradun ℂall Girls Serviℂe Just ℂall 🍑👄93157910...💞 Safe And Seℂure ℂall Girls Dehradun ℂall Girls Serviℂe Just ℂall 🍑👄93157910...
💞 Safe And Seℂure ℂall Girls Dehradun ℂall Girls Serviℂe Just ℂall 🍑👄93157910...
Mumbai Escorts
 

More Related Content

More from Venafi

How an Attack by a Cyber-espionage Operator Bypassed Security Controls
How an Attack by a Cyber-espionage Operator Bypassed Security ControlsHow an Attack by a Cyber-espionage Operator Bypassed Security Controls
How an Attack by a Cyber-espionage Operator Bypassed Security Controls
Venafi
 
Five Must Haves to Prevent Encryption Disasters
Five Must Haves to Prevent Encryption DisastersFive Must Haves to Prevent Encryption Disasters
Five Must Haves to Prevent Encryption Disasters
Venafi
 

More from Venafi (7)

Ponemon Report: When Trust Online Breaks, Businesses Lose Customers
Ponemon Report: When Trust Online Breaks, Businesses Lose CustomersPonemon Report: When Trust Online Breaks, Businesses Lose Customers
Ponemon Report: When Trust Online Breaks, Businesses Lose Customers
 
How an Attack by a Cyber-espionage Operator Bypassed Security Controls
How an Attack by a Cyber-espionage Operator Bypassed Security ControlsHow an Attack by a Cyber-espionage Operator Bypassed Security Controls
How an Attack by a Cyber-espionage Operator Bypassed Security Controls
 
Breaching the NSA Graphic
Breaching the NSA GraphicBreaching the NSA Graphic
Breaching the NSA Graphic
 
Breaching the NSA
Breaching the NSABreaching the NSA
Breaching the NSA
 
The Evolution of Cyber Attacks
The Evolution of Cyber AttacksThe Evolution of Cyber Attacks
The Evolution of Cyber Attacks
 
Ponemon - Cost of Failed Trust: Threats and Attacks
Ponemon - Cost of Failed Trust: Threats and AttacksPonemon - Cost of Failed Trust: Threats and Attacks
Ponemon - Cost of Failed Trust: Threats and Attacks
 
Five Must Haves to Prevent Encryption Disasters
Five Must Haves to Prevent Encryption DisastersFive Must Haves to Prevent Encryption Disasters
Five Must Haves to Prevent Encryption Disasters
 

Recently uploaded

原版定制(爱大毕业证书)英国爱丁堡大学毕业证原件一模一样
原版定制(爱大毕业证书)英国爱丁堡大学毕业证原件一模一样原版定制(爱大毕业证书)英国爱丁堡大学毕业证原件一模一样
原版定制(爱大毕业证书)英国爱丁堡大学毕业证原件一模一样
gfhdsfr
 
一比一定制(USC毕业证书)美国南加州大学毕业证学位证书
一比一定制(USC毕业证书)美国南加州大学毕业证学位证书一比一定制(USC毕业证书)美国南加州大学毕业证学位证书
一比一定制(USC毕业证书)美国南加州大学毕业证学位证书
Fir
 
一比一原版(Princeton毕业证书)普林斯顿大学毕业证如何办理
一比一原版(Princeton毕业证书)普林斯顿大学毕业证如何办理一比一原版(Princeton毕业证书)普林斯顿大学毕业证如何办理
一比一原版(Princeton毕业证书)普林斯顿大学毕业证如何办理
C
 
一比一原版英国萨赛克斯大学毕业证如何办理
一比一原版英国萨赛克斯大学毕业证如何办理一比一原版英国萨赛克斯大学毕业证如何办理
一比一原版英国萨赛克斯大学毕业证如何办理
SDSA
 
一比一定制(Dundee毕业证书)英国邓迪大学毕业证学位证书
一比一定制(Dundee毕业证书)英国邓迪大学毕业证学位证书一比一定制(Dundee毕业证书)英国邓迪大学毕业证学位证书
一比一定制(Dundee毕业证书)英国邓迪大学毕业证学位证书
gfhdsfr
 
原版定制美国加州大学河滨分校毕业证原件一模一样
原版定制美国加州大学河滨分校毕业证原件一模一样原版定制美国加州大学河滨分校毕业证原件一模一样
原版定制美国加州大学河滨分校毕业证原件一模一样
A
 
100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...
100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...
100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...
musaddumba454
 
原版定制(PSU毕业证书)美国宾州州立大学毕业证原件一模一样
原版定制(PSU毕业证书)美国宾州州立大学毕业证原件一模一样原版定制(PSU毕业证书)美国宾州州立大学毕业证原件一模一样
原版定制(PSU毕业证书)美国宾州州立大学毕业证原件一模一样
rgdasda
 
一比一定制(OSU毕业证书)美国俄亥俄州立大学毕业证学位证书
一比一定制(OSU毕业证书)美国俄亥俄州立大学毕业证学位证书一比一定制(OSU毕业证书)美国俄亥俄州立大学毕业证学位证书
一比一定制(OSU毕业证书)美国俄亥俄州立大学毕业证学位证书
rgdasda
 
一比一原版加拿大多伦多大学毕业证(UofT毕业证书)如何办理
一比一原版加拿大多伦多大学毕业证(UofT毕业证书)如何办理一比一原版加拿大多伦多大学毕业证(UofT毕业证书)如何办理
一比一原版加拿大多伦多大学毕业证(UofT毕业证书)如何办理
egfdgfd
 
一比一原版(Cranfield毕业证书)英国克兰菲尔德大学毕业证如何办理
一比一原版(Cranfield毕业证书)英国克兰菲尔德大学毕业证如何办理一比一原版(Cranfield毕业证书)英国克兰菲尔德大学毕业证如何办理
一比一原版(Cranfield毕业证书)英国克兰菲尔德大学毕业证如何办理
gfhdsfr
 
一比一原版(TRU毕业证书)温哥华社区学院毕业证如何办理
一比一原版(TRU毕业证书)温哥华社区学院毕业证如何办理一比一原版(TRU毕业证书)温哥华社区学院毕业证如何办理
一比一原版(TRU毕业证书)温哥华社区学院毕业证如何办理
Fir
 
一比一原版(PSU毕业证书)美国宾州州立大学毕业证如何办理
一比一原版(PSU毕业证书)美国宾州州立大学毕业证如何办理一比一原版(PSU毕业证书)美国宾州州立大学毕业证如何办理
一比一原版(PSU毕业证书)美国宾州州立大学毕业证如何办理
Fir
 
一比一原版(Soton毕业证书)南安普顿大学毕业证原件一模一样
一比一原版(Soton毕业证书)南安普顿大学毕业证原件一模一样一比一原版(Soton毕业证书)南安普顿大学毕业证原件一模一样
一比一原版(Soton毕业证书)南安普顿大学毕业证原件一模一样
Fi
 
一比一定制加州大学欧文分校毕业证学位证书
一比一定制加州大学欧文分校毕业证学位证书一比一定制加州大学欧文分校毕业证学位证书
一比一定制加州大学欧文分校毕业证学位证书
A
 

Recently uploaded (20)

原版定制(爱大毕业证书)英国爱丁堡大学毕业证原件一模一样
原版定制(爱大毕业证书)英国爱丁堡大学毕业证原件一模一样原版定制(爱大毕业证书)英国爱丁堡大学毕业证原件一模一样
原版定制(爱大毕业证书)英国爱丁堡大学毕业证原件一模一样
 
一比一定制(USC毕业证书)美国南加州大学毕业证学位证书
一比一定制(USC毕业证书)美国南加州大学毕业证学位证书一比一定制(USC毕业证书)美国南加州大学毕业证学位证书
一比一定制(USC毕业证书)美国南加州大学毕业证学位证书
 
一比一原版(Princeton毕业证书)普林斯顿大学毕业证如何办理
一比一原版(Princeton毕业证书)普林斯顿大学毕业证如何办理一比一原版(Princeton毕业证书)普林斯顿大学毕业证如何办理
一比一原版(Princeton毕业证书)普林斯顿大学毕业证如何办理
 
一比一原版英国萨赛克斯大学毕业证如何办理
一比一原版英国萨赛克斯大学毕业证如何办理一比一原版英国萨赛克斯大学毕业证如何办理
一比一原版英国萨赛克斯大学毕业证如何办理
 
I’ll See Y’All Motherfuckers In Game 7 Shirt
I’ll See Y’All Motherfuckers In Game 7 ShirtI’ll See Y’All Motherfuckers In Game 7 Shirt
I’ll See Y’All Motherfuckers In Game 7 Shirt
 
iThome_CYBERSEC2024_Drive_Into_the_DarkWeb
iThome_CYBERSEC2024_Drive_Into_the_DarkWebiThome_CYBERSEC2024_Drive_Into_the_DarkWeb
iThome_CYBERSEC2024_Drive_Into_the_DarkWeb
 
一比一定制(Dundee毕业证书)英国邓迪大学毕业证学位证书
一比一定制(Dundee毕业证书)英国邓迪大学毕业证学位证书一比一定制(Dundee毕业证书)英国邓迪大学毕业证学位证书
一比一定制(Dundee毕业证书)英国邓迪大学毕业证学位证书
 
原版定制美国加州大学河滨分校毕业证原件一模一样
原版定制美国加州大学河滨分校毕业证原件一模一样原版定制美国加州大学河滨分校毕业证原件一模一样
原版定制美国加州大学河滨分校毕业证原件一模一样
 
100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...
100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...
100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...
 
🍑👄Dehradun Esℂorts Serviℂe☎️9315791090🍑👄 ℂall Girl serviℂe in ☎️Dehradun ℂall...
🍑👄Dehradun Esℂorts Serviℂe☎️9315791090🍑👄 ℂall Girl serviℂe in ☎️Dehradun ℂall...🍑👄Dehradun Esℂorts Serviℂe☎️9315791090🍑👄 ℂall Girl serviℂe in ☎️Dehradun ℂall...
🍑👄Dehradun Esℂorts Serviℂe☎️9315791090🍑👄 ℂall Girl serviℂe in ☎️Dehradun ℂall...
 
原版定制(PSU毕业证书)美国宾州州立大学毕业证原件一模一样
原版定制(PSU毕业证书)美国宾州州立大学毕业证原件一模一样原版定制(PSU毕业证书)美国宾州州立大学毕业证原件一模一样
原版定制(PSU毕业证书)美国宾州州立大学毕业证原件一模一样
 
一比一定制(OSU毕业证书)美国俄亥俄州立大学毕业证学位证书
一比一定制(OSU毕业证书)美国俄亥俄州立大学毕业证学位证书一比一定制(OSU毕业证书)美国俄亥俄州立大学毕业证学位证书
一比一定制(OSU毕业证书)美国俄亥俄州立大学毕业证学位证书
 
一比一原版加拿大多伦多大学毕业证(UofT毕业证书)如何办理
一比一原版加拿大多伦多大学毕业证(UofT毕业证书)如何办理一比一原版加拿大多伦多大学毕业证(UofT毕业证书)如何办理
一比一原版加拿大多伦多大学毕业证(UofT毕业证书)如何办理
 
一比一原版(Cranfield毕业证书)英国克兰菲尔德大学毕业证如何办理
一比一原版(Cranfield毕业证书)英国克兰菲尔德大学毕业证如何办理一比一原版(Cranfield毕业证书)英国克兰菲尔德大学毕业证如何办理
一比一原版(Cranfield毕业证书)英国克兰菲尔德大学毕业证如何办理
 
💞 Safe And Seℂure ℂall Girls Dehradun ℂall Girls Serviℂe Just ℂall 🍑👄93157910...
💞 Safe And Seℂure ℂall Girls Dehradun ℂall Girls Serviℂe Just ℂall 🍑👄93157910...💞 Safe And Seℂure ℂall Girls Dehradun ℂall Girls Serviℂe Just ℂall 🍑👄93157910...
💞 Safe And Seℂure ℂall Girls Dehradun ℂall Girls Serviℂe Just ℂall 🍑👄93157910...
 
一比一原版(TRU毕业证书)温哥华社区学院毕业证如何办理
一比一原版(TRU毕业证书)温哥华社区学院毕业证如何办理一比一原版(TRU毕业证书)温哥华社区学院毕业证如何办理
一比一原版(TRU毕业证书)温哥华社区学院毕业证如何办理
 
一比一原版(PSU毕业证书)美国宾州州立大学毕业证如何办理
一比一原版(PSU毕业证书)美国宾州州立大学毕业证如何办理一比一原版(PSU毕业证书)美国宾州州立大学毕业证如何办理
一比一原版(PSU毕业证书)美国宾州州立大学毕业证如何办理
 
Development Lifecycle.pptx for the secure development of apps
Development Lifecycle.pptx for the secure development of appsDevelopment Lifecycle.pptx for the secure development of apps
Development Lifecycle.pptx for the secure development of apps
 
一比一原版(Soton毕业证书)南安普顿大学毕业证原件一模一样
一比一原版(Soton毕业证书)南安普顿大学毕业证原件一模一样一比一原版(Soton毕业证书)南安普顿大学毕业证原件一模一样
一比一原版(Soton毕业证书)南安普顿大学毕业证原件一模一样
 
一比一定制加州大学欧文分校毕业证学位证书
一比一定制加州大学欧文分校毕业证学位证书一比一定制加州大学欧文分校毕业证学位证书
一比一定制加州大学欧文分校毕业证学位证书
 

Undermining security infographic

  • 1. ONLY A TEST PROOF OF CONCEPT 110100101010110101000100001000110101001001011011001111011100110110000000110000011111111110010010101000010101111101010011 010100011011101110100101010110101000100001000110101001001011011001111011100110110000000110000011111111110010010101000010 011111010100111010100011011101110100101010110101000100001000110101001001011011001111011100110110000000110000011111111110 100101010000101011111010100111010100011011101110100101010110101000100001000110101001001011011001111011100110110000000110 000111111111100100101010000101011111010100111010100011011101110100101010110101000100001000110101001001011011001111011100 101100000001100000111111111100100101010000101011111010100111010100011011101110100101010110101000100001000110101001001011 110011110111001101100000001100000111111111100100101010000101011111010100111010100011011101110100101010110101000100001000 101010010010110110011110111001101100000001100000111111111100100101010000101011111010100111010100011011101110100101010110 010001000010001101010010010110110011110111001101100000001100000111111111100100101010000101011111010100111010100011011101 101001010101101010001000010001101010010010110110011110111001101100000001100000111111111100100101010000101011111010100111 101000110111011101001010101101010001000010001101010010010110110011110111001101100000001100000111111111100100101010000101 111110101001110101000110111011101001010101101010001000010001101010010010110110011110111001101100000001100000111111111100 001010100001010111110101001110101000110111011101001010101101010001000010001101010010010110110011110111001101100000001100 001111111111001001010100001010111110101001110101000110111011101001010101101010001000010001101010010010110110011110111001 011000000011000001111111111001001010100001010111110101001110101000110111010101111101010011101010001101110111010010101011 101000100001000110101001001011011001111011100110110000000110000011111111110010010101000010101111101010011101010001101110 110100101010110101000100001000110101001001011011001111011100110110000000110000011111111110010010101000010101111101010011 010100011011101110010010101000010101111101010011101010001101110111010010101011010100010000100011010100100101101100111101 100110110000000110000011111111110010010101000010101111101010011101010001101110111010010101011010100010000100011010100100 011011001111011100110110000000110000011111111110010010101000010101111101010011101010001101110101011111010100111010100011 STOLE PRIVATE KEYS 110100101010110101000100001000110101001001011011001111011100110110000000110000011111111110010010101000010101111101010011 010100011011101110100101010110101000100001000110101001001011011001111011100110110000000110000011111111110010010101000010 011111010100111010100011011101110100101010110101000100001000110101001001011011001111011100110110000000110000011111111110 100101010000101011111010100111010100011011101110100101010110101000100001000110101001001011011001111011100110110000000110 000111111111100100101010000101011111010100111010100011011101110100101010110101000100001000110101001001011011001111011100 101100000001100000111111111100100101010000101011111010100111010100011011101110100101010110101000100001000110101001001011 110011110111001101100000001100000111111111100100101010000101011111010100111010100011011101110100101010110101000100001000 101010010010110110011110111001101100000001100000111111111100100101010000101011111010100111010100011011101110100101010110 010001000010001101010010010110110011110111001101100000001100000111111111100100101010000101011111010100111010100011011101 101001010101101010001000010001101010010010110110011110111001101100000001100000111111111100100101010000101011111010100111 101000110111011101001010101101010001000010001101010010010110110011110111001101100000001100000111111111100100101010000101 111110101001110101000110111011101001010101101010001000010001101010010010110110011110111001101100000001100000111111111100 001010100001010111110101001110101000110111011101001010101101010001000010001101010010010110110011110111001101100000001100 001111111111001001010100001010111110101001110101000110111011101001010101101010001000010001101010010010110110011110111001 011000000011000001111111111001001010100001010111110101001110101000110111010101111101010011101010001101110111010010101011 101000100001000110101001001011011001111011100110110000000110000011111111110010010101000010101111101010011101010001101110 110100101010110101000100001000110101001001011011001111011100110110000000110000011111111110010010101000010101111101010011 010100011011101110010010101000010101111101010011101010001101110111010010101011010100010000100011010100100101101100111101 100110110000000110000011111111110010010101000010101111101010011101010001101110111010010101011010100010000100011010100100 011011001111011100110110000000110000011111111110010010101000010101111101010011101010001101110101011111010100111010100011 GAINED ACCESS ATTACK STAGE 2 EXPANDED FOOTHOLD ATTACK STAGE 3 ATTACK STAGE 4 EXFILTRATED DATA WARNING APT18’s test attack was vastly successful in stealing data by undermining the existing security systems. What will be their next target? Have you protected your keys and certificates from misuse, such as a Heartbleed compromise, malware, or other exploits? PROTECT YOUR BUSINESS 1 Learn how to protect your business at www.venafi.com/apt18-attack 2 3 4 Secure: Find all keys and certificates Enforce: Apply policies and workflow requirements Detect: Identify changes, misuse, and anomalies Respond: Replace keys and certificates automatically THE ATTACKERS EXFILTRATED DATA USING SSL Most security controls do not conduct SSL inspection or have ALL of the keys necessary to decrypt ALL traffic, leaving a huge blind spot. ATTACKERS BYPASSED SECURITY CONTROLS Used encrypted SSL/TLS communications to bypass security controls, including DLP, IDS/IPS, threat detection, sandboxing, etc. ONCE IN, ATTACKERS WORKED TO ELEVATE PRIVILEGES AND EXPAND ACCESS Stole or created new SSH keys and certificates for future backdoor access and exfiltration of data. ATTACKERS BYPASSED SECURITY CONTROLS Including firewall, authentication, VPN and privileged access controls by using stolen keys and certificates to hide their activity. THE ATTACKERS BREACHED THE COMPANY Using stolen private keys and VPN credentials. The private keys were used to decrypt live data. ATTACKERS BYPASSED SECURITY CONTROLS Circumventing firewalls, authentication, and other security controls. NAME ID SSN ADDRESS Attackers used HEARTBLEED To compromises private keys. ATTACKERS BYPASSED SECURITY CONTROLS In addition to Heartbleed, they could have used any of the millions of malware variants that steal keys and certificates to bypass security controls. KEYS & CERTIFICATES INTRODUCTION As reported by Time, Bloomberg, and others, known Chinese cyber-espoinage operator, APT18, compromised a Fortune 200 American health services organization and stole data on 4.5 million patients. ATTACKERS BYPASSED SECURITY CONTROLS Using compromised keys and certificates. ATTACK STAGE 1 APT 18 UNDERMINING SECURITYTHE BAD GUYS HAVE TESTED A POWERFUL PROOF-OF-CONCEPT ATTACK AND PROVEN IT WORKS. WILL YOU BE THE NEXT TARGET?