Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

NASA Cyber Security Webinar: Phishing Detection Strategies

369 views

Published on

This was a cyber security webinar for NASA on Phishing Detection Strategies. It was done on 27 July 2017 by Hoala Greevy, Founder CEO of Paubox, Inc.

Published in: Education
  • Did you try ⇒ www.WritePaper.info ⇐?. They know how to do an amazing essay, research papers or dissertations.
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

NASA Cyber Security Webinar: Phishing Detection Strategies

  1. 1. Phishing Detection Strategies For: NASA 27 July 2017 @pauboxhq
  2. 2. Hoala Greevy Founder CEO, Paubox, Inc. - HIPAA Compliant Email Made Easy. 18 years’ experience in email security & encryption. Phishing & Fishing expert. =) @PAUBOXHQ
  3. 3. I. What is Phishing Today? II. Threat Landscape III. Best Practices IV. Looking Ahead Agenda
  4. 4. I. What is Phishing Today? Overconfidence Dilemma Display Name Spoofs Ransomware stealing thunder
  5. 5. I. What is Phishing Today? It’s always been about the $$$.
  6. 6. I. What is Phishing Today? In some cases it’s about data theft.
  7. 7. I. What is Phishing Today? And now it’s about Politics too.
  8. 8. I. What is Phishing Today? Source: Fortune
  9. 9. Overconfidence Dilemma 2017 phishing study University of Texas at San Antonio Source: Science Daily
  10. 10. Overconfidence Dilemma Fatal Flaw: Most people believe they are smarter than the criminals perpetrating them. Source: Science Daily
  11. 11. Display Name Spoofs 91% of phishing attacks Highly targeted Impersonates someone familiar to the recipient (usually C-Level)
  12. 12. II. Threat Landscape
  13. 13. Top Phishing Subject Lines 2017 Source: Fortune Free online phishing test April – June 2017 6.6M phishing emails 2M inboxes
  14. 14. Source: Fortune
  15. 15. Breakdown The Subject Line is Important. Urgent / Alert / Immediately
  16. 16. NASA Phishing Attack (2015) Source: IT Security Threat: Phishing Email – NASA HQ
  17. 17. NASA Phishing Attack (2015) Source: IT Security Threat: Phishing Email – NASA HQ Display name spoof (System Admin) No spelling errors Most likely trying to gain access to mailboxes
  18. 18. Google Docs Phish Shut down quickly. Yet millions affected. Named the app Google Docs Source: Wired
  19. 19. Ransomware 2015: 1K daily attacks 2016: 4K daily attacks 2017: ?
  20. 20. WannaCry at a Glance Stolen NSA tools North Korea GDP 150 countries At least 230K infected
  21. 21. Big Tech Companies Get Hit Too
  22. 22. Facebook & Google Phished Each paid nearly $100M in fake invoices Impersonated Quanta Computer Most funds recovered Source: The Guardian
  23. 23. Insider Threat
  24. 24. Office 365 Accounts Hacked Wire transfer request sent from actual HR employee mailboxes 18,000 accounts affected (why so many?) Source: SC Magazine
  25. 25. Politics
  26. 26. The Perfect Weapon* Cheap Hard to see coming Hard to trace * NY Times
  27. 27. Let’s Dive In
  28. 28. Domain Name Shell Game http://shop.radioactivegamingeu.com Resolves to: 104.31.65.24 104.31.64.24
  29. 29. Who owns these IPs? 104.31.65.24 104.31.64.24
  30. 30. Cloudflare Legitimate CDN provider
  31. 31. III. Best Practices Google Safe Browsing Macro Policy Level Up User Training (hold contests) Nuclear Option: Macs only?
  32. 32. Google Safe Browsing It’s Free & Constantly Updated Lots of data sources (over 1B users) Used in Chrome, Firefox & Safari Can be used in Email too Source: Google Safe Browsing
  33. 33. Macro Policy Re: allowing macros via attachments Does the business downside now outweigh the upside? Blog post: We’re Clamping Down on Deadly Macros and Ransomware
  34. 34. Arthur Ream CISO, Cambridge Health Alliance Steak Dinner phishing bounty Source: HIMSS Privacy and Security Forum in Boston
  35. 35. Nuclear Option: Macs only? Something to think about
  36. 36. IV. Looking Ahead 2FA by default Clamp down on Domain Registrars Google Safe Browsing API
  37. 37. 2FA by Default Two Factor Authentication Something you know -and- Something you have
  38. 38. Domain Registrars It’s too easy to register a domain name No checks on identity Why is it automated?
  39. 39. Google Safe Browsing API Huge Dataset Constantly updated Very accurate
  40. 40. IV. Looking Ahead Machine Learning FTW Death of the Appliance (Cloud will win) Port-based Geographic Segmentation
  41. 41. Machine Learning FTW wellsfarg0.com well5fargo.com w3llsfargo.com
  42. 42. Death of the Appliance Cloud will win Nearly zero access to Machine Learning
  43. 43. Port-based Geographic Segmentation Do NASA users check email from Russia?
  44. 44. Mahalo! @hoalagreevy www.paubox.com

×