Why being hacked turned out to be the best thing that happened to me

171 views

Published on

At WordCamp Nuremberg 2016 I spoke about Why being hacked turned out to be the best thing that happened to me.

Published in: Internet
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
171
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Hello and introducing the hashtag, reminder: #WCNBG

    - DURING THIS PRESENTATION YOU ARE ALLOWED TO TWEET: WHAT I SAY OR WHAT YOU’D LIKE ME TO SAY, BUT USE THE HASHTAG
  • WHO AM I?
  • HUSBAND
    FATHER OF TWO
    STARTED WORKING WHEN I WAS 14 (1994) SELLING CANDLES
  • I LOVE PHOTOGRAPHY AND SOCIAL PROJECTS.
  • LIVED FOR A WHILE IN :
    ROMANIA,
    GERMANY,
    ITALY,
    AUSTRIA,
    USA
    AND BACK TRANSYLVANIA (DRACULA A MYTH) - A HISTORICAL REGION OF ROMANIA
  • I LIVE IN THE CITY OF CLUJ NAPOCA, ROMANIA
  • 18+ YEARS OF INTERNET, MEDIA, ONLINE MARKETING AND SOCIAL MEDIA
    - WORKING AS A SOCIAL MEDIA SPECIALIST AND BRAND EVANGELIST AT SUCURI
  • I DON'T EAT PORK

    WHO ELSE? [RAISE HANDS]
  • OR SEA FOOD

    ALL IN FAVOR? [RAISE HANDS]
  • I LOVE COCA-COLA
  • WHEN I CLEAN THE BATHROOM
  • MY FIRST WORDPRESS INSTALL: 2009

    WHO ELSE INSTALLED WORDPRESS FOR THE 1ST TIME IN 2009? [RAISE HANDS]
  • - I STARTED LOOKING INTO CMS-ES WHEN I NEEDED A WEBSITE FOR THE SHOEBOX PROJECT THAT MY WIFE AND I STARTED IN ROMANIA IN 2006

    > VIDEO INTRO PLAYS

  • > VIDEO INTRO PLAYS
  • WHAT IS SHOEBOX:
    2006 IN FAMILY
    2015: 100.000+ BOXES || 19 COUNTRIES, 203 CITIES AND 416 COLLECTION CENTRES.

    SO WE WANTED A WEBSITE
  • SO WHAT DO YOU DO IN ORDER TO GET ONLINE?

    1. BUY DOMAIN NAME (OR GET ONE FREE)
    2. BUY CHEAP HOSTING (CHARITY)
  • HOST USES CPANEL
  • CPANEL HAS SOFTACULOUS INSTALLED

    SOUNDS FAMILIAR? [RAISE HANDS]
  • CMS SECTION HAS WORDPRESS > ONLINE IN 5 MINUTES!
  • STARTED SHOEBOX.RO ON DECEMBER 7, 2009.

    BASIC WORDPRESS INSTALL, FREE THEME FROM VLADSTUDIO.COM
  • 2009-2014: CONTINUOUS IMPROVEMENTS, CHANGED THEME, ADDED USERS.

    AS I WAS LEARNING MORE ABOUT WORDPRESS I STARTED HELPING OTHERS TO GET ONLINE (PAID OR VOLUNTEER)

    - BUT THEN SOMETHING HAPPENED THAT I WASN’T PREPARED FOR: [ BIG PAUSE ]
  • DECEMBER 22, 2014, 4 AM: WEBSITE HACKED, BLACKLISTED BY GOOGLE, SOON TO BE SUSPENDED BY HOST

    BEEN THERE? [RAISE HANDS]
  • WHAT TO DO?

    I KNEW THE WEBSITE WAS HACKED. TRYING TO FIX IT MYSELF, FOR 2 DAYS, ENDED UP AS BEING HACKED AGAIN BY ANOTHER HACKER TEAM.
  • FOUND SUCURI

    AND
  • HAD LIVE CHAT

    EXPLAINED MY PROBLEM

    2 HOUR LATER THE WEBSITE WAS CLEAN AND BACK ONLINE
  • ON JAN 2015 AS WE WERE PUTTING TOGETHER THE REPORT FOR SHOEBOX 2014, I BEGAN LOOKING INTO SUCURI, MY SAVIOUR, AND FOUND THIS SOCIAL MEDIA FULL TIME REMOTE JOB.

    ONE EMAIL AND 3 INTERVIEWS LATER THIS HAPPENS:
  • [PHOTO OF SUCURI SHIRT POCKET] "IT'S NOT THE SAME SHIRT, WE DO HAVE SEVERAL FOR EACH EMPLOYEE“!

    LEFT MY CORPORATE 9-5 JOB FOR A FRESH START. NEVER LOOKED BACK.

    AND IT ALL STARTED A YEAR BEFORE, WITH BEING HACKED.
  • BRAND EVANGELIST AT SUCURI, FULL TIME, WORKING FROM HOME.

    LOTS OF TRAVEL AND EVENTS, MEETING PEOPLE, NETWORKING, PROMOTING A SAFE INTERNET AND SECURE POSTURE FOR WEBSITE OWNERS.

    I DO OTHER STUFF AS WELL: SPEND TIME WITH MY KIDS, TAKING INSTAGRAM PHOTOS (A RECENT HOBBY)
  • AND IF ANY OF YOU IS INTERESTED IN BEING OUR COLLEAGUE, WE ARE CURRENTLY HIRING!
  • NOW LET’S SEE WHY BEING HACKED WAS A GOOD THING FOR ME
  • GAVE ME THE OPPORTUNITY TO DO SOME RESEARCH INTO WEBSITE SECURITY

    - TERMS LIKE : “SECURITY SHORTLIST”, “SECURED WORDPRESS HOSTING”, “FIREWALL”, “SHELL ACCESS”, “PLUGINS AND THEMES VULNERABILITIES” ETC
  • MAKE MONEY OFF YOUR WEBSITE OR ITS RESOURCES

    EARNING POTENTIAL BASED ON STEALING INFORMATION (DATA EXFILTRATION)

    IMPRESSIONS BASED AFFILIATE MARKETING SCHEME

    CRIMINAL ENTERPRISES
  • MAKE MONEY OFF YOUR AUDIENCE

    EXTREMELY VALUABLE TO ATTACKERS

    ABILITY TO TAKE ADVANTAGE OF THE TRUST YOU’VE BUILT WITH YOUR FOLLOWERS/CUSTOMERS
  • MAKE MONEY OFF YOUR RESOURCES

    ABUSE OF THE INFRASTRUCTURE SUPPORTING YOUR WEBSITE

    INTEGRATE INTO LARGER CRIMINAL NETWORKS (AKA BOTNETS)

    ONCE WE ARE ONLINE WE ARE A PART OF A MUCH LARGER ECOSYSTEM AND OUR RESPONSIBILITIES EXPAND BEYOND THE WEBSITE
  • NOT ABOUT MAKING MONEY (FINALLY!!!)

    BORED, WHY NOT?

    IF IT ALLOWS ME ACCESS, WHY WOULDN’T I GO IN?

    BADGE OF HONOR AMONGST PEERS

    WHO HERE HAS A BACKUP SOLUTION IN PLACE ON THEIR WEBSITE? [RAISE HANDS]
  • WHAT EXACTLY CAN THE HACKERS DO TO YOUR ENVIRONEMENT?
  • IN THE CASE OF AN INFECTION OR HACK THE THINGS WE DO NOT SEE ARE SOMETIMES MUCH MORE IMPORTANT AS THE THINGS WE DO SEE

    WE NEED TO PAY ATTENTION TO POSSIBLE CONNECTIONS TO OTHER SITES (BOTNETS) AND HIDDEN BACKDOORS ETC
  • 7 LARGE INFECTION TYPES

    IF THEY CAN MAKE IT WITH ONE THEY WILL TRY ALL, WHAT IF IT WORKS?

    VARIOUS RELATIONSHIPS BETWEEN THESE TYPES OF ATTACKS AND THE HACKERS’ MOTIVATION

    WHO CAN DEFINE EACH TYPE OF ATTACK [RAISE HANDS]
  • WE BREAK DOWN THE IMPACTS OF A HACKED WEBSITE INTO 2 DISTINCT CATEGORIES:

    BUSINESS: BRAND, ECONOMIC, EMOTIONAL DISTRESS

    TECHNICAL: WEBSITE BLACKLISTING, SEO IMPACTS, VISITOR COMPROMISE
  • YOUR BRAND IS MADE UP OF THE UNIQUE USER EXPERIENCE YOU OFFER THRUGH YOUR DESIGN, CONTENT, PRODUCT OFFERING AND SERVICE

    WEBSITE PLAYS A CRITICAL PART IN THE BRAND REPUTATION

    LOSS OF TRUST CAN DRIVE PEOPLE AWAY FROM YOUR WEBSITE, LOOKING FOR ALTERNATIVES

    AUDIENCE SINCE 2011/2012 HAS GREATER TOLERANCE FOR WEBSITE COMPROMISE IF THEY ARE EXPLAINED WHAT HAPPENED
  • OUR RESEARCH SHOWS 90% DROP IN TRAFFIC IMMEDIATELLY AFTER A COMPROMISE, GOING UP IF THE WEBSITE IS ALSO BLACKLISTED

    YOUR SITE GENERATES SOME FORM OF REVENUE (DIRECT OR INDIRECT), THIS IS WHY YOU KEEP IT ONLINE

    COSTS ASSOCIATED WITH POST-COMPROMISE SERVICES, TO INCLUDE TIME/MONEY SPENT ON TOOLS, EDUCATION AND CONSULTATION
  • ANXIETY: NOTHING EVER GOES FAST ENOUGH

    CONFUSION: UNCLEAR WHAT STEPS TO TAKE, WHO TO TALK TO, WHERE TO START

    ANGER: YOU WANT TO REACH ACROSS THE WORLD AND SHAKE SOMEONE

    SADNESS: A GENERAL FEELING OF OVERWHELMED, BURNOUT, EXHAUSTED

    DISTRUST: AN EROSION OF TRUST IN TECHNOLOGY, INTERNET, PEOPLE
  • PEOPLE NO LONGER REACH YOUR WEBSITE

    BLACKLISTING GOES BEYOND SEARCH ENGINES (GOOGLE, BING) AND CAN BE FOUND IN ANTIVIRUSES (NORTON, MCAFEE, MALWAREBYTES ETC)

    CAN LEAD TO YOUR WEBSITE BEING FLAGGED GLOBALLY IN LARGE NETWORKS (CISCO, WEBSENSE ETC)

    WHO HERE HAD THEIR WEBSITE BLACKLISTED? [RAISE HANDS]
  • THE ABILITY TO CONTROL WHAT SEARCH ENGINES SEE WHEN THEY CRAWL YOUR WEBSITE, LEADING TO DIRTY SEARCH ENGINE RESULT PAGES (SERP), IMPACTS TO YOUR DOMAIN AUTHORITY AND VALUE

    INJECTION OF KEYWORDS: VIAGRA, CIALIS, CASINO, GUCCI BAGS, USING THESE TO REDIRECT YOUR SITE TO OTHER SITES

  • MALWARE DISTRIBUTION VIA “DRIVE BY DOWNLOADS”, ATTEMPTS TO INSTALL MALWARE DISGUISED AS GOOD SOFTWARE

    WEBSITES CAN BE USED TO ATTACK BROWSER PLUGINS LIKE JAVA, FLASH ETC

    COMPROMISE INCLUDE DISTRIBUTION OF RANSOMWARE: PAY TO UNLOCK YOUR COMPUTER FILES
  • SINCE BEING HACKED ALLOWED ME TO BE IN THE POSITION OF GETTING A JOB WITH A WEBSITE SECURITY COMPANY AND FINDING OUT ALL THIS INFORMATION, I FEEL IT AS A RESPONSIBILITY AND IT IS A PLEASURE TO TRAVEL THE WORLD, GO TO EVENTS LIKE WORDCAMP NUREMBERG AND SHARE MY EXPERIENCE AND ENCOURAGE WEBSITE OWNERS TO

    THINK ABOUT WEBSITE SECURITY
  • AS A WEBSITE OWNER, YOU ARE CONSTANTLY EVOLVING, ADAPTING TO NEW THREATS AND HACKING TECHNIQUES

    ESTABLISH PROCESSES: IF A HACK DOES HAPPEN, WHAT DO I DO, WHO DO I GO TO, WHAT RESPONSE MECHANISM DO I LEVERAGE?

    BEST PRACTICES: LEAST PRIVILEDGE ACCESS ETC
  • PEOPLE THINK THAT IF THEY FIND THE RIGHT COMBINATION OF TOOLS, THE PERFECT PLUGIN ETC, ALL THIS WILL STOP

    BUT IN REALITY THIS IS HOW THE WORLD LOOKS LIKE: [NEXT SLIDE]
  • SECURITY IS NOT JUST AROUND THE PEOPLE

    OR JUST ABOUT PROCESSES

    NOT EVEN ONLY THE TECHNOLOGY

    INSTEAD IT IS A COMPLEX SIMBIOTIC RELATIONSHIP BETWEEN ALL THESE 3 COMPONENTS.

    ON THEIR OWN, NONE CAN SAVE YOU
  • SECURITY IS NOT A DO IT YOURSELF (DYI) PROJECT

    NOT EVERYONE LIKES SECURITY

    ONLY A FEW SELECT PEOPLE DO AND WE SHOULD LET THEM DO IT AND HELP US STAY SAFE
  • WHERE TO FIND ME:

    Twitter: @adspedia

    Instagram: @adspedia

    Email: valENTIN@SUCURI.NET
  • ANY QUESTIONS?
  • SECRET PRIZE FOR BEST QUESTION GOES TO…
  • Why being hacked turned out to be the best thing that happened to me

    1. 1. HELLO WordCamp Nüremberg! #WCNBG
    2. 2. WHO AM I? VALENTIN VESA
    3. 3. FIRST WORDPRESS INSTALL: 2009
    4. 4. SHOEBOX PROJECT & WORDPRESS
    5. 5. WORKING FOR SUCURI
    6. 6. WHY BEING HACKED WAS A GOOD THING?
    7. 7. 1. RESEARCH
    8. 8. 2. MOTIVATION WHY DO HACKERS HACK?
    9. 9. 2. MOTIVATION 2.1. REVENUE
    10. 10. 2. MOTIVATION 2.2. AUDIENCE
    11. 11. 2. MOTIVATION 2.3. RESOURCES
    12. 12. 2. MOTIVATION 2.4. WHY NOT?
    13. 13. 3. THINGS THEY DO UNDERSTANDING THE TACTICS
    14. 14. INFECTION TYPES MALWARE DISTRIBUTION SEARCH ENGINE POISONING PHISHING LURES RANSOMWARE DDoS/BOTS/BACKDOORS DEFACEMENT SPAM EMAIL
    15. 15. 4. IMPACTS OF COMPROMISE BUSINESS & TECHNICAL
    16. 16. BUSINESS IMPACTS BRAND REPUTATION
    17. 17. BUSINESS IMPACTS ECONOMIC
    18. 18. BUSINESS IMPACTS EMOTIONAL DISTRESS
    19. 19. TECHNICAL IMPACTS WEBSITE BLACKLISTING
    20. 20. TECHNICAL IMPACTS SEO IMPACT
    21. 21. TECHNICAL IMPACTS VISITOR COMPROMISE
    22. 22. SECURITY IS NOT A STATE IT’S A CONTINUOUS PROCESS.
    23. 23. TECHNOLOGY WILL NEVER REPLACE YOUR RESPONSIBILITY AS A WEBSITE OWNER!
    24. 24. SECURITY IS NOT A DO IT YOURSELF (DYI) PROJECT TONY PEREZ – SUCURI CEO
    25. 25. WHERE TO FIND ME: Twitter: @ADSPEDIA Instagram: @adspedia Email: valENTIN@SUCURI.NET

    ×