2. 2
About MNX
Managed IT
ServicesCybersecurity & IT Support
Cloud Hosting
Infrastructure as a Service
Business Voice
Cloud based Phone
Solution
mnxsolutions.com
mnx.io
mnxvoice.com
14. 14
The Dark Web
The dark web is part of the internet that isn't
visible to search engines and requires the use
of an anonymizing browser called Tor or I2P
to be accessed.
17. 17
Tor
• The name is derived from an acronym for the
original software project name "The Onion
Router”
• Using Tor makes it more difficult to trace Internet
activity to the user
• Developed in mid 90’s with the purpose of
protecting U.S. intelligence communications online
24. 24
• Personal email with @mail.I2P addresses
• Hosting of a personal hidden service or
“eepsite” with a .I2P suffix
• File sharing via BitTorrent clients
• Encrypted cloud file storage software
• Real-time chat functions
I2P (garlic)
26. 26
• SecureDrop is an open source whistleblower
submission system
• Safely and anonymously receive documents and tips
from sources
• Used at over 50 news organizations worldwide,
including The New York Times, The Washington
Post, ProPublica, The New Yorker, and The Intercept
secrdrop5wyphb5x.onion
43. 43
For hackers, you could be a
tributary to a larger river.
They’re looking at you as a way
to get to somebody you work for,
someone in your family or some
organization in your network
52. 52
“If you don’t have a tool or technology that
enables protection from data loss, how will your
business survive?
Data is digital currency; it is imperative to
protect it. Everything else in security is
tangential to this critical point.” -- Forrester Consulting
56. 56
Incident Response Plan
Develop an incident response plan and assume that
cyber security incidents will occur and have a plan
on how to respond and recover from them.
57. 57
Auto Patch
It is recommended that organizations enable
automatic updates for all software and hardware
and use tools and KPI’s to report on anomalies.
58. 58
Security Awareness Training
As a first line of defense, organizations should train
employees on basic security practices. Organizations
should focus on practical and easily implementable
measures.
60. 60
Cyber Drills
Cyber response drills are as essential as fire drills.
The risk for cyber breaches can easily eclipse the risk
of other cost-crippling events like natural disasters
and fires.
Personal risk also increases for executives and
leaders who are ultimately being held responsible for
protecting their organization’s data.
61. 61
Security KPI’s
Level of preparedness: How many devices on your network are missing patches?
Unidentified devices on the internal network: How many of these devices are on your
network that probably do not meet your security standards?
Intrusion attempts: How many times have bad actors tried to breach your networks?
Days to patch: How long does it take your team to implement security patches?
Cyber security awareness training results: Trending up/down?
Percentage of backup restore tests in last 48 hours: 100%.
Review for recent cyber security news, and replace slides as necessary... talk about the most recent attacks, and tailor for your audience..
i.e. For dentists, lawyers, CFO's, etc.. and make a personal connection to the audience.
Yesterday, 30M cards went up for sale on the dark web
Maze ransomware website, talk about how maze is a new threat and even if they have good backups they need to rethink how they approach security
A few headlines pulled this week.
- This is one of the first reported incidents where the hackers targeted the patients, rather than just the provider.
-- your business may be protected, but what about your employees home networks?
-- kids coul dbe the weakest link, bringing things into your home network, that jump to your work devices
What about their mobile devices?
Mobile endpoint protection..
Similarly, a medical office, based in California, reached the same conclusion deciding to shut down after they were infected with ransomware and lacked the funds to pay the ransom.
.. it is not a matter of “if” but “when,” you will fall victim to a cyber-attack.
.. and with the proper planning, you can limit the blast radius of an attack.
-- what if your cyber security practices we're used to differentiate your business from your competitors?
Like an iceberg..
On the surface are public websites you visit everyday (bing, google, wikipedia).
Below that on the Deep Web, would be protected data or private data on internal servers
Dark web -- accessed by Tor or I2P
Pseudo anonymous
- Bitcoin addresses are not tied to the identity of users
- transactions are not tied to the identity of users either
- Bitcoin transaction data is transmitted and forwarded by nodes to a random set of nodes on the peer-to-peer network
Litecoin, & Monero too!
Protect US intelligence communications
About 3000 Guard nodes today
About 1000 Exit nodes..
About 6500 total nodes.
duckduckgo
The invisible internet project.
A few more features than tor
Some example markets on the Dark web, and how the business data is being sold
Example of a darkweb market home page.. Drugs for sale
Example item for sale on the dark web,
Another example for a Georgia hospital, with details of employees for sale
It gets worse, you don’t even need to be good or a sophisticated attacker – just purchase access to deploy your ransomware!
.. Another example up for purchase
Wild wild west..
Attacks happening against your network, nearly constantly..
Hopefully you deal with level 1 & 2 attackers.. Because where most small business security is today – they stand no chance.
Help them understand, they may not be the target.. But they have valuable information
- Tell a security story you are familiar with
discuss recent phishing campaign against a company, and how bad they were, and how you improved it..
Email phish #1 cuplrit
Cybercrime has exceeded drug trafficking crimes in total value.
56% of data breaches took more than a month to discover!
.. Some more stats to describe why managed IT and patch management is important
.. Again..
- phone fraud, using social engineering over the telephone.
credit card fraud division called, warning about a suspicious transaction.
They offered to cancel the transaction, but in order to verify his identity they asked him to read back a code they texted him.
What actually happened was they hit reset password on the official credit card website and selected the text message verification option.
Once he read the code back to them they were able to reset the password, lock him out of his credit card account, and purchase several new iPhones.
Even though he had 2-factor authentication they were able to fool him using social engineering…
Found this story on the web; might be interesting to tell a personal story here.
This is where you can add how YOU will help.. And what makes you different. Connect your ideas to your audience.
Be sure to signup for their monitoring service
Password manager
We’ve moved from if to when.. And now lets control the blast radius.