Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

R u hacked

1,338 views

Published on

Summary Security Incident Trend in Thailand 2015.

Published in: Technology
  • Be the first to comment

R u hacked

  1. 1. R U Hacked? You website has gone? Sumedt Jitpukdebodin Senior Security Researcher CompTIA Security+, LPIC-1 , NCLA, C|EHv6, eCPPT, eWPT, IWSS, CPTE, GIAC GPEN
  2. 2. Whoami Name: Sumedt Jitpukdebodin Jobs: Senior Security Researcher Nonprofit jobs: OWASP Thailand - Leader Technical Part, admin of 2600Thailand Hobby: Hacking stuff, Malware analysis, Python programming, read the security news, etc.
  3. 3. #redpill 2016
  4. 4. #redpill 2016
  5. 5. Agenda The rise of cybersecurity Internet of things Ransomware DDoS Web Application Attack Conclusion
  6. 6. The rise of cybersecurity
  7. 7. Trend of technology 2015 Computing Everywhere Internet of things 3D Printing Advanced, Pervasive and Invisible Analytics Context-Rich Systems Smart Machines Cloud/Client Computing Software-Defined Applications and Infrastructure Web-Scale IT Risk-Based Security and Self-Protection • Reference:: http://www.itbusinessedge.com/slideshows/top-10-strategic-technology-trends-for-2015-02.html
  8. 8. Internet of things around the world
  9. 9. Internet of things in Thailand
  10. 10. More detail of Internet of Things
  11. 11. Easy to hack, right?
  12. 12. Ransomware
  13. 13. Well-known ransomware TorrentLocker (CryptoLocker) CryptoWall (Crowti) CTB-Locker
  14. 14. Top 10 Ransomware By Microsoft
  15. 15. CryptoWall
  16. 16. CrytoLocker
  17. 17. Android/Lockerpin.A
  18. 18. iOS Ransomware
  19. 19. Why it’s so famous?
  20. 20. Attacking with Ransomware Phishing Attack with attachment file Website Attack (Exploit Kit) (New) Mobile Application Attack
  21. 21. Demo for simple phishing
  22. 22. Demo with WINRAR exploit
  23. 23. What can I do about it? Backup your data Show hidden file-extension Filters EXE in email Disable files running from AppData/LocalAppData folders Use the CryptoLocker Prevention Kit(http://community.spiceworks.com/topic/396103-cryptolocker- prevention-kit-updated) Disable RDP Patch or update software Use a AntiVirus Scan the file with many online scanner (http://www.virustotal.com, https://malwr.com) Use System Restore to get back to a known-clean state
  24. 24. Denial of Service (DoS) By VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VOLUME 2, ISSUE 3 – 3RD QUARTER 2015
  25. 25. Attack Size BPS By ATLAS Q2 2015 Global DDoS Attack Trends (http://www.slideshare.net/Arbor_Networks/atlas-q2-2015final)
  26. 26. Largest Attack Sizes Year on Year by Arbor
  27. 27. Top source of DDoS
  28. 28. DDoS in Thailand
  29. 29. Attacking with DDoS Cybercrime-as-a-service Zombie or Botnet Tools
  30. 30. Cybercrime as a service
  31. 31. DDoS as a service
  32. 32. DDoS by Tool
  33. 33. DDoS by Tool (2)
  34. 34. Logstalgia Analysis
  35. 35. What can I do about it? Black-Holing Firewall ACL Intrusion Detection/Prevention Systems Servers tuning DDoS Mitigating Appliances + Scrubbing Centre Buy more link
  36. 36. Web Application Attack
  37. 37. Web Application Attack
  38. 38. Hosting service Attack
  39. 39. When will you get hack? Digital Ocean Incident Try to attack the VPS after 10 minutes Got root in 2 days Use the host to be the botnet in 1 days after got root.
  40. 40. Brute forcing Log
  41. 41. Got root Log
  42. 42. Using VPS to be a DDoS Tool
  43. 43. Damage of website got hack Defame the company [Defacement] Stealing information Stealing internal information Use as DDoS Tool Spread the malware
  44. 44. Web Application Defending Secure Coding Web Application Firewall Penetration Testing
  45. 45. Conclusion More awareness, more security Don’t have anything secure 100%, we just want to closely 100% Always think like an attacker perspective. Risk Management
  46. 46. Question and answer time.

×