SlideShare a Scribd company logo

Top 10 Hacks of the Last Decade

Teleport
Teleport

Security breaches have become a normal part of our lives over the past decade, but each hack comes with its own complications and ramifications. In this webinar, Teleport Tech Writer Virag Mody will dive deep into the details of 10 notable hacks of the past decade, how they happened, and their effects on how we approach cybersecurity. This will include kickstarting new models, turning cybersecurity into a national-security issue, and forcing a conversation around data privacy. The presentation will include breaches from: Solarwinds Panama Papers Operation Aurora Equifax Capital One Cambridge Analytica Virag Mody

1 of 21
Download to read offline
Top 10 Hacks of the
Last Decade
goteleport.com
Top 10 Hacks
Operation Aurora (2010)
Stuxnet (2010)
Mt. Gox (2014)
Panama Papers (2016)
The DNC Hack (2016)
Equifax (2017)
WannaCry (2017)
Cambridge Analytica (2018)
Capital One (2019)
SolarWinds (2020)
1. What happened?
2. How did it happen?
3. What happened afterwards?
Operation Aurora (2010)
How? Aftermath
© Gravitational, Inc. 2020 | goteleport.com
What Happened?
What happened? How did it occur? What happened
afterwards?
● Google, Adobe, Juniper
Networks, Dow Chemical,
Morgan Stanley, and more
● IP Theft - Source code
● Sophisticated
● Internet Explorer
zero-day
● Spear phishing
● JS program
exploited IE zero
day to download
malware
● Malware opened
backdoor for
access and search
internal networks
● BeyondCorp: A new
Approach to
Enterprise Security
(2014)
● Implement Zero
Trust at scale
Stuxnet (2010)
How? Aftermath
© Gravitational, Inc. 2020 | goteleport.com
What Happened?
What happened? How did it occur? What happened
afterwards?
● Computer worm for
industrial SCAD
systems
● Precisely designed to
target specific
configurations
● Error in software
update unintentionally
unleashed the worm on
the internet
● >50% Iran, indonesia,
india, azerbaijan, etc.
● Air-gapped
environment -
Contractor’s USB
● Payload, .lnk file,
rootkit, command and
control network
● Exploited zero-days
and shared secrets
● Slowly manipulated
PLC for centrifuges
● First attack on
industrial
infrastructure
● Highly publicized
(error) =
weaponized
cyberspace
● Kicked off another
arms race
Mt. Gox (2014)
How? Aftermath
© Gravitational, Inc. 2020 | goteleport.com
What Happened?
What happened? How did it occur? What happened
afterwards?
● Largest Bitcoin exchange in
the world stopped all trades
● 850K $BTC stolen (largest
theft to date)
● $450MM in 2014 but >
$34B now
● Only 200K $BTC ever
recovered
● Poorly managed
codebase
● Stole credentials
from an auditor
● Siphoned $BTC
from hot wallet
masked as normal
txs
● Debate over
centralized
exchange - similar
to enterprise
trusting
third-parties for
private data
● Binance /
Coinbase -
Transparent ops +
insured deposit
● Die hard fans =
DEXs
Panama Papers (2016)
© Gravitational, Inc. 2020 | goteleport.com
What happened?
● Law firm - Mossack
Fonseca
● Exposed high-ranking
officials using offshore
companies to hide
income + taxes
● Largest leak in history -
2.6TB of data
Countries implicated in Panama Papers

Recommended

THE DECADE BEHIND AND THE DECADE AHEAD - Saumil Shah
THE DECADE BEHIND AND THE DECADE AHEAD - Saumil ShahTHE DECADE BEHIND AND THE DECADE AHEAD - Saumil Shah
THE DECADE BEHIND AND THE DECADE AHEAD - Saumil ShahNSConclave
 
Year of pawnage - Ian trump
Year of pawnage  - Ian trumpYear of pawnage  - Ian trump
Year of pawnage - Ian trumpMAXfocus
 
Seguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable DataSeguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable DataCristian Garcia G.
 
2012: The End of the World?
2012: The End of the World?2012: The End of the World?
2012: The End of the World?Saumil Shah
 
IoT - the Next Wave of DDoS Threat Landscape
IoT - the Next Wave of DDoS Threat LandscapeIoT - the Next Wave of DDoS Threat Landscape
IoT - the Next Wave of DDoS Threat LandscapeAPNIC
 

More Related Content

Similar to Top 10 Hacks of the Last Decade

MNSEC 2018 - Evolving DDoS Threat Landscape
MNSEC 2018 - Evolving DDoS Threat LandscapeMNSEC 2018 - Evolving DDoS Threat Landscape
MNSEC 2018 - Evolving DDoS Threat LandscapeMNCERT
 
News Bytes by Jaskaran Narula - Null Meet Bhopal
News Bytes by Jaskaran Narula - Null Meet Bhopal News Bytes by Jaskaran Narula - Null Meet Bhopal
News Bytes by Jaskaran Narula - Null Meet Bhopal Jaskaran Narula
 
Security in e-commerce
Security in e-commerceSecurity in e-commerce
Security in e-commerceSensePost
 
Cyber crimes Challenges in Global and Oman
Cyber crimes Challenges in Global and OmanCyber crimes Challenges in Global and Oman
Cyber crimes Challenges in Global and OmanMubarak Al Hadadi
 
CSRF_RSA_2008_Jeremiah_Grossman
CSRF_RSA_2008_Jeremiah_GrossmanCSRF_RSA_2008_Jeremiah_Grossman
CSRF_RSA_2008_Jeremiah_Grossmanguestdb261a
 
How to Create 80% of a Big Data Pilot Project
How to Create 80% of a Big Data Pilot ProjectHow to Create 80% of a Big Data Pilot Project
How to Create 80% of a Big Data Pilot ProjectGreg Makowski
 
[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...
[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...
[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...CODE BLUE
 
On the Bleeding Edge: 8 Predictions for the Internet in 2018
On the Bleeding Edge: 8 Predictions for the Internet in 2018On the Bleeding Edge: 8 Predictions for the Internet in 2018
On the Bleeding Edge: 8 Predictions for the Internet in 2018Cloudflare
 
Arbor Presentation
Arbor Presentation Arbor Presentation
Arbor Presentation J Hartig
 
DataDome's winning deck for 2019 FIC (Cybersecurity International Forum) "Pri...
DataDome's winning deck for 2019 FIC (Cybersecurity International Forum) "Pri...DataDome's winning deck for 2019 FIC (Cybersecurity International Forum) "Pri...
DataDome's winning deck for 2019 FIC (Cybersecurity International Forum) "Pri...DataDome
 
Basic Internet Security (for Association of Bridal Consultants - Italy)
Basic Internet Security (for Association of Bridal Consultants - Italy)Basic Internet Security (for Association of Bridal Consultants - Italy)
Basic Internet Security (for Association of Bridal Consultants - Italy)Marco Marcellini
 
Netpluz Managed SOC - MSS Service
Netpluz Managed SOC - MSS Service Netpluz Managed SOC - MSS Service
Netpluz Managed SOC - MSS Service Netpluz Asia Pte Ltd
 
A CAPTCHA in the Rye
A CAPTCHA in the RyeA CAPTCHA in the Rye
A CAPTCHA in the RyeImperva
 
2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomware2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomwareAlgoSec
 
Renaud Bido & Mohammad Shams - Hijacking web servers & clients
Renaud Bido & Mohammad Shams - Hijacking web servers & clientsRenaud Bido & Mohammad Shams - Hijacking web servers & clients
Renaud Bido & Mohammad Shams - Hijacking web servers & clientsnooralmousa
 
Security Opportunities A Silicon Valley VC Perspective
Security Opportunities  A Silicon Valley VC PerspectiveSecurity Opportunities  A Silicon Valley VC Perspective
Security Opportunities A Silicon Valley VC PerspectivePositive Hack Days
 

Similar to Top 10 Hacks of the Last Decade (20)

MNSEC 2018 - Evolving DDoS Threat Landscape
MNSEC 2018 - Evolving DDoS Threat LandscapeMNSEC 2018 - Evolving DDoS Threat Landscape
MNSEC 2018 - Evolving DDoS Threat Landscape
 
News Bytes by Jaskaran Narula - Null Meet Bhopal
News Bytes by Jaskaran Narula - Null Meet Bhopal News Bytes by Jaskaran Narula - Null Meet Bhopal
News Bytes by Jaskaran Narula - Null Meet Bhopal
 
Security in e-commerce
Security in e-commerceSecurity in e-commerce
Security in e-commerce
 
Cyber crimes Challenges in Global and Oman
Cyber crimes Challenges in Global and OmanCyber crimes Challenges in Global and Oman
Cyber crimes Challenges in Global and Oman
 
Data Leakage Prevention - K. K. Mookhey
Data Leakage Prevention - K. K. MookheyData Leakage Prevention - K. K. Mookhey
Data Leakage Prevention - K. K. Mookhey
 
CSRF_RSA_2008_Jeremiah_Grossman
CSRF_RSA_2008_Jeremiah_GrossmanCSRF_RSA_2008_Jeremiah_Grossman
CSRF_RSA_2008_Jeremiah_Grossman
 
How to Create 80% of a Big Data Pilot Project
How to Create 80% of a Big Data Pilot ProjectHow to Create 80% of a Big Data Pilot Project
How to Create 80% of a Big Data Pilot Project
 
[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...
[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...
[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...
 
On the Bleeding Edge: 8 Predictions for the Internet in 2018
On the Bleeding Edge: 8 Predictions for the Internet in 2018On the Bleeding Edge: 8 Predictions for the Internet in 2018
On the Bleeding Edge: 8 Predictions for the Internet in 2018
 
Having Honeypot for Better Network Security Analysis
Having Honeypot for Better Network Security AnalysisHaving Honeypot for Better Network Security Analysis
Having Honeypot for Better Network Security Analysis
 
The Dangers of Lapto
The Dangers of LaptoThe Dangers of Lapto
The Dangers of Lapto
 
Arbor Presentation
Arbor Presentation Arbor Presentation
Arbor Presentation
 
DataDome's winning deck for 2019 FIC (Cybersecurity International Forum) "Pri...
DataDome's winning deck for 2019 FIC (Cybersecurity International Forum) "Pri...DataDome's winning deck for 2019 FIC (Cybersecurity International Forum) "Pri...
DataDome's winning deck for 2019 FIC (Cybersecurity International Forum) "Pri...
 
Basic Internet Security (for Association of Bridal Consultants - Italy)
Basic Internet Security (for Association of Bridal Consultants - Italy)Basic Internet Security (for Association of Bridal Consultants - Italy)
Basic Internet Security (for Association of Bridal Consultants - Italy)
 
Netpluz Managed SOC - MSS Service
Netpluz Managed SOC - MSS Service Netpluz Managed SOC - MSS Service
Netpluz Managed SOC - MSS Service
 
A CAPTCHA in the Rye
A CAPTCHA in the RyeA CAPTCHA in the Rye
A CAPTCHA in the Rye
 
2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomware2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomware
 
8. cyber51-case-studies
8. cyber51-case-studies8. cyber51-case-studies
8. cyber51-case-studies
 
Renaud Bido & Mohammad Shams - Hijacking web servers & clients
Renaud Bido & Mohammad Shams - Hijacking web servers & clientsRenaud Bido & Mohammad Shams - Hijacking web servers & clients
Renaud Bido & Mohammad Shams - Hijacking web servers & clients
 
Security Opportunities A Silicon Valley VC Perspective
Security Opportunities  A Silicon Valley VC PerspectiveSecurity Opportunities  A Silicon Valley VC Perspective
Security Opportunities A Silicon Valley VC Perspective
 

More from Teleport

Introducing Teleport cloud
Introducing Teleport cloudIntroducing Teleport cloud
Introducing Teleport cloudTeleport
 
Teleport 5.0 release webinar
Teleport 5.0 release webinarTeleport 5.0 release webinar
Teleport 5.0 release webinarTeleport
 
Webinar - 2020-09-23 - Escape the ticketing turmoil with Teleport PagerDuty &...
Webinar - 2020-09-23 - Escape the ticketing turmoil with Teleport PagerDuty &...Webinar - 2020-09-23 - Escape the ticketing turmoil with Teleport PagerDuty &...
Webinar - 2020-09-23 - Escape the ticketing turmoil with Teleport PagerDuty &...Teleport
 
Industry Best Practices For SSH - DevOps.com Webinar
Industry Best Practices For SSH - DevOps.com WebinarIndustry Best Practices For SSH - DevOps.com Webinar
Industry Best Practices For SSH - DevOps.com WebinarTeleport
 
Secure Developer Access at Decisiv
Secure Developer Access at DecisivSecure Developer Access at Decisiv
Secure Developer Access at DecisivTeleport
 
DevOpsTO meetup 2018-08
DevOpsTO meetup 2018-08DevOpsTO meetup 2018-08
DevOpsTO meetup 2018-08Teleport
 
Introduction to Gravitational Teleport
Introduction to Gravitational TeleportIntroduction to Gravitational Teleport
Introduction to Gravitational TeleportTeleport
 

More from Teleport (7)

Introducing Teleport cloud
Introducing Teleport cloudIntroducing Teleport cloud
Introducing Teleport cloud
 
Teleport 5.0 release webinar
Teleport 5.0 release webinarTeleport 5.0 release webinar
Teleport 5.0 release webinar
 
Webinar - 2020-09-23 - Escape the ticketing turmoil with Teleport PagerDuty &...
Webinar - 2020-09-23 - Escape the ticketing turmoil with Teleport PagerDuty &...Webinar - 2020-09-23 - Escape the ticketing turmoil with Teleport PagerDuty &...
Webinar - 2020-09-23 - Escape the ticketing turmoil with Teleport PagerDuty &...
 
Industry Best Practices For SSH - DevOps.com Webinar
Industry Best Practices For SSH - DevOps.com WebinarIndustry Best Practices For SSH - DevOps.com Webinar
Industry Best Practices For SSH - DevOps.com Webinar
 
Secure Developer Access at Decisiv
Secure Developer Access at DecisivSecure Developer Access at Decisiv
Secure Developer Access at Decisiv
 
DevOpsTO meetup 2018-08
DevOpsTO meetup 2018-08DevOpsTO meetup 2018-08
DevOpsTO meetup 2018-08
 
Introduction to Gravitational Teleport
Introduction to Gravitational TeleportIntroduction to Gravitational Teleport
Introduction to Gravitational Teleport
 

Recently uploaded

killing camp week 6 problem - maximal matrix.pdf
killing camp week 6 problem - maximal matrix.pdfkilling camp week 6 problem - maximal matrix.pdf
killing camp week 6 problem - maximal matrix.pdfssuser82c38d
 
SPM 2024 – Overview of and benefits of AI in Product Management
SPM 2024 – Overview of and benefits of AI in Product ManagementSPM 2024 – Overview of and benefits of AI in Product Management
SPM 2024 – Overview of and benefits of AI in Product ManagementISPMAIndia
 
Agile & Scrum, Certified Scrum Master! Crash Course
Agile & Scrum,  Certified Scrum Master! Crash CourseAgile & Scrum,  Certified Scrum Master! Crash Course
Agile & Scrum, Certified Scrum Master! Crash CourseRohan Chandane
 
No more Dockerfiles? Buildpacks to help you ship your image!
No more Dockerfiles? Buildpacks to help you ship your image!No more Dockerfiles? Buildpacks to help you ship your image!
No more Dockerfiles? Buildpacks to help you ship your image!Anthony Dahanne
 
AI Product Management by Abhijit Bendigiri
AI Product Management by Abhijit BendigiriAI Product Management by Abhijit Bendigiri
AI Product Management by Abhijit BendigiriISPMAIndia
 
Automation for Bonterra Impact Management (fka Apricot)
Automation for Bonterra Impact Management (fka Apricot)Automation for Bonterra Impact Management (fka Apricot)
Automation for Bonterra Impact Management (fka Apricot)Jeffrey Haguewood
 
Machine Learning Basics for Dummies (no math!)
Machine Learning Basics for Dummies (no math!)Machine Learning Basics for Dummies (no math!)
Machine Learning Basics for Dummies (no math!)Dmitry Zinoviev
 
Implementing Docker Containers with Windows Server 2019
Implementing Docker Containers with Windows Server 2019Implementing Docker Containers with Windows Server 2019
Implementing Docker Containers with Windows Server 2019VICTOR MAESTRE RAMIREZ
 
Joseph Yoder : Being Agile about Architecture
Joseph Yoder : Being Agile about ArchitectureJoseph Yoder : Being Agile about Architecture
Joseph Yoder : Being Agile about ArchitectureHironori Washizaki
 
P1 Inspection Types in Municity 5 Smartsheet
P1 Inspection Types in Municity 5 SmartsheetP1 Inspection Types in Municity 5 Smartsheet
P1 Inspection Types in Municity 5 SmartsheetMatthewTHawley
 
killingcamp 광고삽입문제 풀이, killingcamp 광고삽입문제 풀이
killingcamp 광고삽입문제 풀이, killingcamp 광고삽입문제 풀이killingcamp 광고삽입문제 풀이, killingcamp 광고삽입문제 풀이
killingcamp 광고삽입문제 풀이, killingcamp 광고삽입문제 풀이ssuser82c38d
 
"Discovery and Delivery through Product IntelliGenAI framework" by Ramkumar A...
"Discovery and Delivery through Product IntelliGenAI framework" by Ramkumar A..."Discovery and Delivery through Product IntelliGenAI framework" by Ramkumar A...
"Discovery and Delivery through Product IntelliGenAI framework" by Ramkumar A...ISPMAIndia
 
Orion Context Broker introduction 20240227
Orion Context Broker introduction 20240227Orion Context Broker introduction 20240227
Orion Context Broker introduction 20240227Fermin Galan
 
The Age of AI: Elevating Experiences & Delivering Customer Value!
The Age of AI: Elevating Experiences & Delivering Customer Value!The Age of AI: Elevating Experiences & Delivering Customer Value!
The Age of AI: Elevating Experiences & Delivering Customer Value!ISPMAIndia
 
"Taking an idea to a Product in Health diagnostics" by Dr. Geetha Manjunath, ...
"Taking an idea to a Product in Health diagnostics" by Dr. Geetha Manjunath, ..."Taking an idea to a Product in Health diagnostics" by Dr. Geetha Manjunath, ...
"Taking an idea to a Product in Health diagnostics" by Dr. Geetha Manjunath, ...ISPMAIndia
 
Product Manager vs Product Owner – Why Do Companies Still Struggle 23 Years A...
Product Manager vs Product Owner – Why Do Companies Still Struggle 23 Years A...Product Manager vs Product Owner – Why Do Companies Still Struggle 23 Years A...
Product Manager vs Product Owner – Why Do Companies Still Struggle 23 Years A...ISPMAIndia
 
Alluxio Monthly Webinar | Why a Multi-Cloud Strategy Matters for Your AI Plat...
Alluxio Monthly Webinar | Why a Multi-Cloud Strategy Matters for Your AI Plat...Alluxio Monthly Webinar | Why a Multi-Cloud Strategy Matters for Your AI Plat...
Alluxio Monthly Webinar | Why a Multi-Cloud Strategy Matters for Your AI Plat...Alluxio, Inc.
 
The Top Outages of 2023: Analyses and Takeaways
The Top Outages of 2023: Analyses and TakeawaysThe Top Outages of 2023: Analyses and Takeaways
The Top Outages of 2023: Analyses and TakeawaysThousandEyes
 
The Game-Changer_ How Software Development Outsource Can Catapult Your Growth...
The Game-Changer_ How Software Development Outsource Can Catapult Your Growth...The Game-Changer_ How Software Development Outsource Can Catapult Your Growth...
The Game-Changer_ How Software Development Outsource Can Catapult Your Growth...emili denli
 

Recently uploaded (20)

killing camp week 6 problem - maximal matrix.pdf
killing camp week 6 problem - maximal matrix.pdfkilling camp week 6 problem - maximal matrix.pdf
killing camp week 6 problem - maximal matrix.pdf
 
SPM 2024 – Overview of and benefits of AI in Product Management
SPM 2024 – Overview of and benefits of AI in Product ManagementSPM 2024 – Overview of and benefits of AI in Product Management
SPM 2024 – Overview of and benefits of AI in Product Management
 
Agile & Scrum, Certified Scrum Master! Crash Course
Agile & Scrum,  Certified Scrum Master! Crash CourseAgile & Scrum,  Certified Scrum Master! Crash Course
Agile & Scrum, Certified Scrum Master! Crash Course
 
No more Dockerfiles? Buildpacks to help you ship your image!
No more Dockerfiles? Buildpacks to help you ship your image!No more Dockerfiles? Buildpacks to help you ship your image!
No more Dockerfiles? Buildpacks to help you ship your image!
 
AI Product Management by Abhijit Bendigiri
AI Product Management by Abhijit BendigiriAI Product Management by Abhijit Bendigiri
AI Product Management by Abhijit Bendigiri
 
Automation for Bonterra Impact Management (fka Apricot)
Automation for Bonterra Impact Management (fka Apricot)Automation for Bonterra Impact Management (fka Apricot)
Automation for Bonterra Impact Management (fka Apricot)
 
Machine Learning Basics for Dummies (no math!)
Machine Learning Basics for Dummies (no math!)Machine Learning Basics for Dummies (no math!)
Machine Learning Basics for Dummies (no math!)
 
eLearning Content Development Company Code and Pixels.pdf
eLearning Content Development Company Code and Pixels.pdfeLearning Content Development Company Code and Pixels.pdf
eLearning Content Development Company Code and Pixels.pdf
 
Implementing Docker Containers with Windows Server 2019
Implementing Docker Containers with Windows Server 2019Implementing Docker Containers with Windows Server 2019
Implementing Docker Containers with Windows Server 2019
 
Joseph Yoder : Being Agile about Architecture
Joseph Yoder : Being Agile about ArchitectureJoseph Yoder : Being Agile about Architecture
Joseph Yoder : Being Agile about Architecture
 
P1 Inspection Types in Municity 5 Smartsheet
P1 Inspection Types in Municity 5 SmartsheetP1 Inspection Types in Municity 5 Smartsheet
P1 Inspection Types in Municity 5 Smartsheet
 
killingcamp 광고삽입문제 풀이, killingcamp 광고삽입문제 풀이
killingcamp 광고삽입문제 풀이, killingcamp 광고삽입문제 풀이killingcamp 광고삽입문제 풀이, killingcamp 광고삽입문제 풀이
killingcamp 광고삽입문제 풀이, killingcamp 광고삽입문제 풀이
 
"Discovery and Delivery through Product IntelliGenAI framework" by Ramkumar A...
"Discovery and Delivery through Product IntelliGenAI framework" by Ramkumar A..."Discovery and Delivery through Product IntelliGenAI framework" by Ramkumar A...
"Discovery and Delivery through Product IntelliGenAI framework" by Ramkumar A...
 
Orion Context Broker introduction 20240227
Orion Context Broker introduction 20240227Orion Context Broker introduction 20240227
Orion Context Broker introduction 20240227
 
The Age of AI: Elevating Experiences & Delivering Customer Value!
The Age of AI: Elevating Experiences & Delivering Customer Value!The Age of AI: Elevating Experiences & Delivering Customer Value!
The Age of AI: Elevating Experiences & Delivering Customer Value!
 
"Taking an idea to a Product in Health diagnostics" by Dr. Geetha Manjunath, ...
"Taking an idea to a Product in Health diagnostics" by Dr. Geetha Manjunath, ..."Taking an idea to a Product in Health diagnostics" by Dr. Geetha Manjunath, ...
"Taking an idea to a Product in Health diagnostics" by Dr. Geetha Manjunath, ...
 
Product Manager vs Product Owner – Why Do Companies Still Struggle 23 Years A...
Product Manager vs Product Owner – Why Do Companies Still Struggle 23 Years A...Product Manager vs Product Owner – Why Do Companies Still Struggle 23 Years A...
Product Manager vs Product Owner – Why Do Companies Still Struggle 23 Years A...
 
Alluxio Monthly Webinar | Why a Multi-Cloud Strategy Matters for Your AI Plat...
Alluxio Monthly Webinar | Why a Multi-Cloud Strategy Matters for Your AI Plat...Alluxio Monthly Webinar | Why a Multi-Cloud Strategy Matters for Your AI Plat...
Alluxio Monthly Webinar | Why a Multi-Cloud Strategy Matters for Your AI Plat...
 
The Top Outages of 2023: Analyses and Takeaways
The Top Outages of 2023: Analyses and TakeawaysThe Top Outages of 2023: Analyses and Takeaways
The Top Outages of 2023: Analyses and Takeaways
 
The Game-Changer_ How Software Development Outsource Can Catapult Your Growth...
The Game-Changer_ How Software Development Outsource Can Catapult Your Growth...The Game-Changer_ How Software Development Outsource Can Catapult Your Growth...
The Game-Changer_ How Software Development Outsource Can Catapult Your Growth...
 

Top 10 Hacks of the Last Decade

  • 1. Top 10 Hacks of the Last Decade goteleport.com
  • 2. Top 10 Hacks Operation Aurora (2010) Stuxnet (2010) Mt. Gox (2014) Panama Papers (2016) The DNC Hack (2016) Equifax (2017) WannaCry (2017) Cambridge Analytica (2018) Capital One (2019) SolarWinds (2020) 1. What happened? 2. How did it happen? 3. What happened afterwards?
  • 3. Operation Aurora (2010) How? Aftermath © Gravitational, Inc. 2020 | goteleport.com What Happened? What happened? How did it occur? What happened afterwards? ● Google, Adobe, Juniper Networks, Dow Chemical, Morgan Stanley, and more ● IP Theft - Source code ● Sophisticated ● Internet Explorer zero-day ● Spear phishing ● JS program exploited IE zero day to download malware ● Malware opened backdoor for access and search internal networks ● BeyondCorp: A new Approach to Enterprise Security (2014) ● Implement Zero Trust at scale
  • 4. Stuxnet (2010) How? Aftermath © Gravitational, Inc. 2020 | goteleport.com What Happened? What happened? How did it occur? What happened afterwards? ● Computer worm for industrial SCAD systems ● Precisely designed to target specific configurations ● Error in software update unintentionally unleashed the worm on the internet ● >50% Iran, indonesia, india, azerbaijan, etc. ● Air-gapped environment - Contractor’s USB ● Payload, .lnk file, rootkit, command and control network ● Exploited zero-days and shared secrets ● Slowly manipulated PLC for centrifuges ● First attack on industrial infrastructure ● Highly publicized (error) = weaponized cyberspace ● Kicked off another arms race
  • 5. Mt. Gox (2014) How? Aftermath © Gravitational, Inc. 2020 | goteleport.com What Happened? What happened? How did it occur? What happened afterwards? ● Largest Bitcoin exchange in the world stopped all trades ● 850K $BTC stolen (largest theft to date) ● $450MM in 2014 but > $34B now ● Only 200K $BTC ever recovered ● Poorly managed codebase ● Stole credentials from an auditor ● Siphoned $BTC from hot wallet masked as normal txs ● Debate over centralized exchange - similar to enterprise trusting third-parties for private data ● Binance / Coinbase - Transparent ops + insured deposit ● Die hard fans = DEXs
  • 6. Panama Papers (2016) © Gravitational, Inc. 2020 | goteleport.com What happened? ● Law firm - Mossack Fonseca ● Exposed high-ranking officials using offshore companies to hide income + taxes ● Largest leak in history - 2.6TB of data Countries implicated in Panama Papers
  • 7. Panama Papers (2016) © Gravitational, Inc. 2020 | goteleport.com How did it occur? ● Outdated Drupal CMS version ● Outdated WP version - Revolution Slider ● Emails not encrypted TLS ● Web servers on same network as mail servers Portal ran outdated Drupal version
  • 8. Panama Papers (2016) © Gravitational, Inc. 2020 | goteleport.com What happened afterwards? ● Reinforce basic principles - segment, encrypt, update software ● Warning - Companies store sensitive customer information ● Illegally obtained info can be evidence
  • 9. DNC Hack (2016) How? Aftermath © Gravitational, Inc. 2020 | goteleport.com What happened? How did it occur? What happened afterwards? ● (1) DNC (2) Clinton Campaign (CC) ● 50K emails published on WikiLeaks ● CC - 2FA, wiped servers, phishing drills ● Fancy Bear targeted private accounts - 50K emails ● Admin credentials to DNC network ● X-Agent and X-Tunnel ● 300GB through buffer servers ● Election cyberwarfare ● Billions spent voter upgrading security infra ● DNC - specialized hardware, cloud, phishing drills
  • 10. Equifax (2017) How? Aftermath © Gravitational, Inc. 2020 | goteleport.com What happened? How did it occur? What happened afterwards? ● One of the largest credit reporting agencies: Sensitive personal + financial info ● 143MM americans - 40% of population ● Address, SSN, driver ID ● Apache - Security notice to patch vuln in Struts ● Remote code injection via HTTP header ● Human error - Equifax did not upgrade ● Hackers scanned for vuln -> Equifax ● DB to DB, extracted data ● Did not renew 3rd party software = did not inspect traffic ● Not much fallout - Stock went down for a few months ● $1.4B in upgrades & $1.4B in claims (~$125/person) ● Legacy co’s slow to modernize - poor implementation / governance
  • 11. WannaCry (2017) How? Aftermath What happened? ● Ransomware attack ● 100,000s of windows machines in 150+ countries ● Ransomed access in return for $BTC - Often not honored ● Mostly UK hospitals, railway networks, and private co’s © Gravitational, Inc. 2020 | goteleport.com Locations affected by WannaCry
  • 12. WannaCry (2017) How? Aftermath How did it occur? ● Shadow brokers stole NSA tools ● NSA inform MSFT about exploit, but not enough time to patch ● EternalBlue - Arbitrary code execution delivered in network packet ● DoublePulsar payload = Backdoor to install WannaCry ● DNS killswitch © Gravitational, Inc. 2020 | goteleport.com Countries implicated in Panama Papers
  • 13. WannaCry (2017) What happened afterwards? ● EB and DP used in NotPetya (2017) ● Critical of NSA ● PATCH Act - Balance vuln disclosure and national security © Gravitational, Inc. 2020 | goteleport.com It was NSA. I saw them do it. What??? Noooo. I wouldn’t spy on you … Remember Snowden? LOLOLOL Yeah. It was NSA. Vote to kick
  • 14. Cambridge Analytica (2018) How? What happened? How did it occur? What happened afterwards? ● Whistle blown on data harvesting op ● 87MM American ● High-def psychographic profiles -> Targeted ads ● 300K users accepted terms of thisisyourdigitallife ● Abusive ToS harvested user and FB Friends data ● Public profile, pages liked, birthday, location ● Access to photos, timeline, and messages ● Not exactly a hack ● $5B fines + regulation ● CCPA (2018) - As California Goes, So Goes the Country ● Changed privacy policies, minimize API access, banning cookies © Gravitational, Inc. 2020 | goteleport.com
  • 15. Capital One (2019) How? What happened? How did it occur? What happened afterwards? ● ex-Amazon employee ● Exploited misconfigured WAF ● 100K SSN & 1MM SIN ● Financial info = CC apps, bank account ● Hacker admitted guilt over GitHub and Slack ● Details not fully disclosed, but expected to be SSRF ● WAF sent HTTP request to Amazon metadata services ● AWS IAM credentials to S3 bucket ● Brought attention to SSRF ● Public clouds communicate through HTTP and assume a degree of trust ● More popular with APIs and SaaS © Gravitational, Inc. 2020 | goteleport.com
  • 16. SolarWinds (2020) How? What happened? How did it occur? What happened afterwards? ● Most consequential hack of all time ● Supply chain attack through Orion software ● 18K customer exposed over months ● Nearly all F500 Co’s and govts ● Trusted component with backdoor to third party servers ● Digitally signed upstream by SolarWind ● SUNBURST - transfer and execute files, reboot, disable services, profile network, exfiltrate data ● Masked data extraction as network traffic part of protocol ● Will require months to understand full extent of damage and years to mitigate/clean ● Adds to growing concern of cyberwarfare © Gravitational, Inc. 2020 | goteleport.com
  • 17. Best Practices © Gravitational, Inc. 2020 | goteleport.com Segmentation ● Networks designed for clustered resources ● API, SaaS, cloud, remote devices ● Interconnectivity means trust in networks deteriorates ● Better yet, don’t trust network at all
  • 18. Best Practices How? © Gravitational, Inc. 2020 | goteleport.com Secrets ● Individualized, rotated, automated, stored, encrypted ● Infrastructure packaged and scaled up and down ● End up sharing static credentials - hard coded or on multiple client machines
  • 19. Best Practices How? © Gravitational, Inc. 2020 | goteleport.com RBAC ● Credentials have two basic levels: privileged and unprivileged ● Different segments within unprivileged ● Follow PoLP ● Requires identity information, but most secrets are arbitrary strings (ssh, bearer)
  • 20. How? © Gravitational, Inc. 2020 | goteleport.com
  • 21. Thanks for stopping by! Check your email for the whitepaper