CYBER ATTACK SCENARIOS - Part 1: Building The Red Team

0 1 1 0 1 0 0 0 1 1 0 1 1 1 0 0 1 0 0 1 1 1 0
1 0 0 1 1 1 0 1 0 1 1 0 1 0 1 1 1 0 0 0 0 1
1 1 0 1 1 1 0 0 1 0 0 1 1 1 0 1 0 1 1 0 1 0 1
C Y B E R
A T T A C K
SCENARIOS
p e t e r c o c h r a n e . c o m
Prof Pet er Coch rane OBE

STUDENT ALERT
This Lecture is a primarily a RED TEAM exercise
where we move between reviewing the field to a group
looking to create a new Cyber Attack Business
Be prepared to adapt an attacker mind-set and to think
the unthinkable!
The process will be highly interactive and to fully
understand you will have to fully engage
Te
xt

Fun
Fame
Notoriety
Vandalism
Limited Skills
Limited Resources
Tend to be Sporadic
Rogue States
Criminals
Hacker Groups
Hacktivist
Amateurs
Money
Sharing
Organic
Dispersed
Unbounded
Huge Effort
Progressive
Cooperatives
Self Organising
Vast Resources
Massive Market
Aggregated Skills
Semi-Professional
Substantial Networks
Skilled
Political
Idealists
Emotional
Relentless
Dedicated
Cause Driven
Vast Networks
Varied Missions
Targeted Attacks
Evolving Community
Drugs
Fraud
Global
Extreme
Extortion
Business
Unbounded
Professional
Well Managed
Well Organised
Ahead of the Curve
Orchestrated Effort
Extremely Profitable
Syndicated Resources
Massive Attack Surface
Vast up-to-date Abilities
Covert
Money
WarFare
Influence
Pervasive
Disruption
Espionage
Professional
Sophisticated
Well Organised
Extreme Creativity
Political Influencers
~Unlimited Resources
Tech/Thought Leaders
Regime Destabilisation
Population Manipulation
Military and Civil Domains
Where do we start?
T h e s p e c t r u m & S c a l e o f A t t a c k e r s !

Fun
Fame
Notoriety
Vandalism
Limited Skills
Limited Resources
Tend to be Sporadic
Rogue States
Criminals
Hacker Groups
Hacktivist
Amateurs
Money
Sharing
Organic
Dispersed
Unbounded
Huge Effort
Progressive
Cooperatives
Self Organising
Vast Resources
Massive Market
Aggregated Skills
Semi-Professional
Skilled
Political
Idealists
Emotional
Relentless
Dedicated
Cause Driven
Vast Networks
Varied Missions
Targeted Attacks
Evolving Community
Drugs
Fraud
Global
Extreme
Extortion
Business
Unbounded
Professional
Well Managed
Well Organised
Ahead of the Curve
Covert
Money
WarFare
Inﬂuence
Pervasive
Disruption
Espionage
Professional
Sophisticated
Well Organised
Extreme Creativity
Where do we start?
T h e s p e c t r u m & S c a l e o f A t t a c k e r s ! Military
Nat Defence
Intelligence
Services
Terrorists

Fun
Fame
Notoriety
Vandalism
Limited Skills
Limited Resources
Tend to be Sporadic
Rogue States
Criminals
Hacker Groups
Hacktivist
Amateurs
Money
Sharing
Organic
Dispersed
Unbounded
Huge Effort
Progressive
Cooperatives
Self Organising
Vast Resources
Massive Market
Aggregated Skills
Semi-Professional
Skilled
Political
Idealists
Emotional
Relentless
Dedicated
Cause Driven
Vast Networks
Varied Missions
Targeted Attacks
Evolving Community
Drugs
Fraud
Global
Extreme
Extortion
Business
Unbounded
Professional
Well Managed
Well Organised
Ahead of the Curve
Covert
Money
WarFare
Inﬂuence
Pervasive
Disruption
Espionage
Professional
Sophisticated
Well Organised
Extreme Creativity
Where do we start?
Medium
Game
Medium
Gain
Short
Game
Low
Gain
Long
Game
Massive
Gain
Boy In a
Bedroom
Start Up
Small
Business
Medium
Business
Large
Business
Global
Business
Public
Bodies
Military
Nat Defence
Intelligence
Services
Terrorists

Fun
Fame
Notoriety
Vandalism
Limited Skills
Limited Resources
Tend to be Sporadic
Rogue States
Criminals
Hacker Groups
Hacktivist
Amateurs
Money
Sharing
Organic
Dispersed
Unbounded
Huge Effort
Progressive
Cooperatives
Self Organising
Vast Resources
Massive Market
Aggregated Skills
Semi-Professional
Skilled
Political
Idealists
Emotional
Relentless
Dedicated
Cause Driven
Vast Networks
Varied Missions
Targeted Attacks
Evolving Community
Drugs
Fraud
Global
Extreme
Extortion
Business
Unbounded
Professional
Well Managed
Well Organised
Ahead of the Curve
Covert
Money
WarFare
Inﬂuence
Pervasive
Disruption
Espionage
Professional
Sophisticated
Well Organised
Extreme Creativity
Where do we start?
Medium
Game
Medium
Gain
Short
Game
Low
Gain
Long
Game
Massive
Gain
Boy In a
Bedroom
Start Up
Small
Business
Medium
Business
Large
Business
Global
Business
Public
Bodies
Military
Nat Defence
Intelligence
Services
Terrorists
Zip Planning
Opportunistic
Vision
Plan
£0
Vision
Mission
Partners
Plan £X
MD CEO
Board
Investors
R&A £XX
Military
Civil Service
Fully Funded
MD CEO
Board
Investors
Management
MD CEO
Board
Divisions
Management

F r e e d o m s
W h a t c a n b e d o n e ?
Rogue States
Criminals
Hacker Groups
Hacktivist
Amateurs
Terrorists
Intelligence
Services
Military
National
Defence
Police
Government
Bounded and constrained by
G e n e v a C o n v e n t i o n , l e g a l
s y s t e m s , h u m a n m o r a l i t y ,
s o c i a l n o r m s a n d p u b l i c
opinion/acceptability…
Unbounded & unconstrained
Subject to nothing & no one!
D e f e n d e r s

F r e e d o m s
W h a t c a n b e d o n e ?
Rogue States
Criminals
Hacker Groups
Hacktivist
Amateurs
Terrorists
Intelligence
Services
Military
National
Defence
Police
Government
Bounded and constrained by
G e n e v a C o n v e n t i o n , l e g a l
s y s t e m s , h u m a n m o r a l i t y ,
s o c i a l n o r m s a n d p u b l i c
opinion/acceptability…
Unbounded & unconstrained
Subject to nothing & no one!
I n
f
i n
i t
e
f r
e
e
d
o
m
f
i n
i t
e
l i m
i t
e
r
s
D e f e n d e r s

a s s u m i n g
A t T a c k e r
M I N D S E T S
W E A R E T H E
R E D T E A M
This turns out to be a really good
stance in trying to understand
the motivations, methods,
structures and ethos of this ‘Dark
Side’ of humanity and how they
contrast with the governments,
institutions, industries, and
peoples they attack and exploit!
Fr
o
m
h
er
e
o
n
w
e
s
p
ea
k
A
N
D
th
in
k
a
s
if
w
e
a
r
e
b
la
c
k
h
a
ts
/a
tta
c
k
er
s
r
ev
iew
in
g
a
n
d
p
la
n
n
in
g

Th
es
e
a
r
e
th
e
s
m
a
ll
fr
y
a
n
d
p
r
o
fes
s
io
n
a
ls
d
o
n
o
t
fa
ll
in
to
th
is
lea
g
u
e
Th
ey
d
o
n
’t
g
et
a
r
r
es
ted

A t t a c k e r
Clarity of purpose is a must !
This is a minimal requirement before
we start any form of enterprise - and
time needs to be devoted to
thinking, examining, evaluating every
aspect if we are to achieve success !
What is our target sector to be?
What role are we aiming for?
What are the tools we have ?
What is our unique offering ?
Why choose a given sector?
How are we going to enter?
How do we select targets?
How are we to attack?

T O S u c c e e d
Essential to be professional & dedicated
Deﬁnes the desired future
position of the company
Details the company’s business
objectives, ambition and ethos
General process/action(2) necessary
to realise goals/long-term mission
An ordered fine grain detailing/list of
all that has to be done to achieve the
objectives including all contingencies
“ Great success does not happen by accident,
it demands great effort, good investment,
dedication to achieving the vision, professional
management and leadership”

S e r i o u s
We have to be professional
“ All the failed start up
ventures I have engaged
with have suffered poor
or inadequate stafﬁng
and/or management,
funding or marketing ,
and at no time was it
the idea or the tech
after due diligence had
been completed”
“ We can learn a lot
from the study of those
that have gone before”

Business Model
Who to attack - the why, how and what
Like business or armies: Professionals do not
waste resources or act in some random way:
they have a Vision, Mission and a Plan!

Business Model
Who to attack - the why, how and what
Like business or armies: Professionals do not
waste resources or act in some random way:
they have a Vision, Mission and a Plan!
Methodologies
Access Points
When/Where/
How/Teams &
Tools/Duration
Choose a Target: and Research,
Assess Value/Worth and Potential
RoI Quantify and Identify all
Vulnerabilities/key opportunities
Retribution, Disruption, Discrediting,
Behavioural Change, Political Steer/
Gain, Commercial Damage, Reputation
Damage, Business Disabling, Money
Making, Propaganda +++++
Political, Economic, Market,
Societal, Criminal Superiority,
Global Order Change, Regime
Change+++++

MODUS OPERANDI ?
Professional = success/profitable
Ape small, medium, large, national,
multinational scale operations/business
structures/practices with management
chain, people recruiting and investments!
Political, Economic, Market, Societal, Criminal Superiority, Global Order Change, Regime Change+++++
Recruit those who worked in legitimate
businesses attended Business School,
served in the Military & have been
well trained & educated to meet
commercial and defence needs
Recruit well educated and
qualified/experienced tech
teams with deep knowledge
of defence/attack methods

target space
Published industry surveys help !
Organisations advertise where they are strong
and where they are weak, who is rich and who is
poor, and the likely attack complexity/challenges
The commercial media provide company/product/sales reviews, and
then there is the Stock Market for Valuations and Share Price.
Companies House (UK), and The Securities & Exchange
Commission USA hold all Company returns
(Reports and Accounts) available
for public inspection!

Pick a target
Who to attack - the why and how
We need to know and understand the target
in order to formulate and execute an effective
attack and realise the desired outcome/RoI
Objective: Deﬁne precisely what is to be achieved - The RoI
Target: Research, Assess RoI, Quantify, Identity Weaknesses and Opportunities
Plan: Methodology, Point of Access, Tool(s) to be Deployed, When and Duration
Deployment: Proceed as planned but be prepared to adapt in real time
Ongoing: IFF successful/targets met - step and repeat , IFF not move on

C R A z y ta r g e t s
Published and advertise what they do!
Organisations give away so much
information and we can infer where they
are strong/weak, how rich/poor they are,
and the likely attack complexity/effort
required
Trade Press: Service and Supplier deals and contracts visible
Tech Papers: System and network detail - ie Block Chain Conﬁgs
Job Adverts: Deﬁne experience and expertise and experience requirements
WebSites: Often detail/divulge some customer, supplier, data operational info
Presentations: Business models, modes of operation, mobility, equipment, nets
Tech Support: So very knowledgable and helpful…along with Sales/Marketing

S i t e M a p s
These are so very handy!
Many big organisations are so very helpful in revealing
how they are organised and provide short cuts to
every corner of their on-liner and campus empires
https://www.bp.com/en/global/corporate/site-map.html
https://www.ourtesco.com/our-facilities-at-welwyn/interactive-3d-map/
https://www.tesco.com/help/site-map/
https://www.att.com/sitemap/
https://www.next.co.uk/site-map
S
m
a
l
l
s
a
m
p
l e

govuk should be gov.uk
D E S I G N G U I D E S
Suppose you want to spoof a site !
Many big organisations are so very helpful
how they are organised and provide sh
every corner of their on-liner and campus
https://design.tax.service.gov.uk/hmrc-content-style-guide/
https://designnotes.blog.gov.uk/2014/02/18/two-new-design-guides/
DVLA:Your outstanding vehicle tax refund from an overpayment is pending.
Please visit our secure link to process https://dvla.govuk-ol11.com/?c=2
ON MY SCREEN THIS WEEK: Nice Web Site :-)
Really!
https://design-system.service.gov.uk/sitemap/

govuk should be gov.uk
D E S I G N G U I D E S
Suppose you want to spoof a site !
Many big organisations are so very helpful
how they are organised and provide sh
every corner of their on-liner and campus
https://design.tax.service.gov.uk/hmrc-content-style-guide/
https://designnotes.blog.gov.uk/2014/02/18/two-new-design-guides/
DVLA:Your outstanding vehicle tax refund from an overpayment is pending.
Please visit our secure link to process https://dvla.govuk-ol11.com/?c=2
ON MY SCREEN THIS WEEK: Nice Web Site :-)
Really!
https://design-system.service.gov.uk/sitemap/
W
E
c
a
n
D
0
M
U
C
H
b
e
t
t
e
r
T
h
is
is
a
l
a
z
y
d
e
s
ig
n
e
r

Windfalls
Just endless stuff !
We can buy acres of this
on the DarkWeb!

Windfalls Beyond belief
An infinity of personal accounts and passwords
We can buy acres of this
on the DarkWeb!

CRAzy Behaviour
Just a few samples of on-line tips!
Organisations give away so much
information and we can infer where they
are strong/weak, how rich/poor they are,
and the likely attack complexity/effort
required
https://aws.amazon.com/solutions/case-studies
Based on monthly spend: the top 10 Amazon AWS customers:
•Turner- $10 M
•BBC - $9 M
•Baidu - $9 M
•ESPN - $8 B
•Netﬂix - $19 M
•Twitch - $15 M
•LinkedIn - $13 M
•Facebook - $11M
https://cloud.google.com/customers
https://www.ibm.com/cloud/case-studies/

W at c h & L i s t e n
In public and on line - unguarded chatter
Very few organisations give their
people any form of security training or
advice on travel and meetings and they
divulge so much when asked!
Social Media
Restaurants
Coffee Shops
Friends/Relatives
Gatherings/Events
Meetings of all kinds
++++++
So much can be gained from the minor investment of a few drinks,
a meal, the hire of a professional snooper, direct purchases on the
Dark Web et al

H a c k e r A n a t o m y
A s k i l l e d s p e c i a l i s t f o r h i r e a n y t i m e

Cyber Crime Market
W h a t ’ s o u r % t a r g e t o f t h i s g i a n t p o t ?
“With entry costs relatively low and proﬁts exceeding those of
traditional crimes, cyber is an attractive choice for most criminals.
Thus, we can expect cybercrime cases to reach new heights in 2020.”

Cyber Crime Market
W h a t ’ s o u r % t a r g e t o f t h i s g i a n t p o t ?
traditional crimes, cyber is an attractive choice for most criminals.
Thus, we can expect cybercrime cases to reach new heights in 2020.”
C re a t i n g a n e w ‘ D a r k B u s i n e s s’
d e m a n d s t h a t s t u d y & f u l l y u n d e r s t a n d t h e
o p p o r t u n i t y s p a c e & c o m p e t i t i o n

Assessment
M a r k e t R e a l i t y 2 0 2 0
Attacks escalating
Target surface growing
Attackers winning the war
Attacker rewards up by the year
Defenders have ineffective defences
Targets not collaborating or sharing
Defenders disorganised and underinvesting
People remain the biggest attack opportunity
All security tools still reactive and mostly outdated
An open/collaborative attacker market is far superior
CyberCrime economy is now eligible to join G8 !

Assessment
M a r k e t R e a l i t y 2 0 2 0
Attacks escalating
Target surface growing
Attackers winning the war
Attacker rewards up by the year
Defenders have ineffective defences
Targets not collaborating or sharing
Defenders disorganised and underinvesting
People remain the biggest attack opportunity
All security tools still reactive and mostly outdated
An open/collaborative attacker market is far superior
CyberCrime economy is now eligible to join G8 !
A
G
r
ea
t
O
p
p
o
r
tu
n
ity
s
p
a
c
e
fo
r
a
n
y
n
ew
ed
u
c
a
ted
c
a
p
a
b
le
a
n
d
in
n
o
v
a
tiv
e
en
tr
a
n
t
S
ta
r
tu
p

SCENARIOs
Description of possible events
Creation Mechanisms:
•Thinking
•CopyCat
•Searching
•Workshops
•Wargaming
•Consultants
•Brainstorming
•BrownPaper Fair
•Post It Note Panic
•Follow The Heard
•Dynamic Reactivity
Can we ‘dream up’ and consider all the potential
possibilities that we might exploit as attackers ?

SCENARIOs
Description of possible events
Creation Mechanisms:
•Thinking
•CopyCat
•Searching
•Workshops
•Wargaming
•Consultants
•Brainstorming
•BrownPaper Fair
•Post It Note Panic
•Follow The Heard
•Dynamic Reactivity
Can we ‘dream up’ and consider all the potential
possibilities that we might exploit as attackers ?
M
e
T o o
O R
N O T
M
e
T o o
V i s i b l e
I n v i s i b l e
o b l i q u e

P r i m e M o t i v a t i o n s
A re we b r i n g i n g a n y t h i n g n e w t o t h e g a m e ?
https://www.helpnetsecurity.com/2017/01/11/ransom-motivation-behind-cyber-attacks/
Prime Motivation
Making $$$$
Prime Motivation
Trade Secrets
Military
Security
Prime Motivation
Domination and
TakeOver

P r i m e M o t i v a t i o n s
A re we b r i n g i n g a n y t h i n g n e w t o t h e g a m e ?
Prime Motivation
Making $$$$
Prime Motivation
Trade Secrets
Military
Security
Prime Motivation
Domination and
TakeOver
If
w
e
a
r
e
a
n
ew
s
ta
r
t
s
h
o
r
t
o
f
fu
n
d
s
w
e
n
eed
s
o
m
e
q
u
ic
k
a
n
d
d
ir
ty
to
g
et
s
o
m
e
b
itc
o
in
fa
s
t

P r i m e m e t h o d s
A r e w e t o b e c r e a t i v e o r ‘ M e To o ’

P r i m e m e t h o d s
A r e w e t o b e c r e a t i v e o r ‘ M e To o ’
s
im
p
le
s
in
g
le
h
it
o
r
c
o
n
tr
iv
ed
/c
o
n
v
o
lu
ted
m
u
lti/c
o
m
b
in
a
to
r
ia
l
h
its
w
ith
p
r
o
v
en
tec
h

T h e T a r g e t s
Who/What do we want to attack?

T h e T a r g e t s
Who/What do we want to attack?
S
o
ft
a
n
d
r
ic
h
is
th
e
o
b
v
io
u
s
a
n
s
w
er
h
er
e
b
u
t
th
e
p
o
ten
tia
l
R
o
I
is
th
e
in
v
er
s
e
o
f
d
efen
s
iv
e
w
ea
k
n
es
s

A l a r g e f i n a n c i a l P OT
A w e l l d e f e n d e d c o r e & w i d e o p e n p e r i p h e r y !

A target rich opportunity:
• Wealthy technophobic (organisation?) customers
• Processes, protocols and methodologies well known
• Millions of people involved with dispersed ofﬁces
• Multiple points of access PSTN, VOIP, Network+
• Staff trained to help customers BIG and small
++++
• Many possible attack modes: Phishing, Whaling,
Malware, Man-in-the-Middle, Insider, Contractor,
bribery, corruption, coercion

A target rich opportunity:
• Wealthy technophobic (organisation?) customers
• Processes, protocols and methodologies well known
• Millions of people involved with dispersed ofﬁces
• Multiple points of access PSTN, VOIP, Network+
• Staff trained to help customers BIG and small
++++
• Many possible attack modes: Phishing, Whaling,
Malware, Man-in-the-Middle, Insider, Contractor,
bribery, corruption, coercion
n
o
t
ex
a
c
tly
v
ir
g
in
ter
r
ito
r
y
b
u
t
n
o
t
s
o
ta
r
g
eted
a
s
w
e
m
ig
h
t
ex
p
ec
t
a
n
d
th
u
s
w
o
r
th
c
o
n
s
id
er
in
g

“Exploit disguise, camouﬂage, human fallibility, do
the unexpected - exploit ﬁrst mover advantage”
A t t a c k e r A d v a n t a g e
U n b o u n d e d l e ve ra g i n g e ve r y d e g re e o f f re e d o m
“Weaponise the position, knowledge, expectation,
and easy to access resources of targets”
“Take advantage of surprise in the time, place,
method and direction of attack”
“If possible design attack modes that can go
undetected to be utilised many times and/or remain
dormant until triggered

“Exploit disguise, camouﬂage, human fallibility, do
the unexpected - exploit ﬁrst mover advantage”
A t t a c k e r A d v a n t a g e
U n b o u n d e d l e ve ra g i n g e ve r y d e g re e o f f re e d o m
“Weaponise the position, knowledge, expectation,
and easy to access resources of targets”
“Take advantage of surprise in the time, place,
method and direction of attack”
“If possible design attack modes that can go
undetected to be utilised many times and/or remain
dormant until triggered
Th
e
id
ea
l
s
c
en
a
r
io
is
to
a
tta
c
k
/s
u
c
c
eed
a
n
d
m
o
v
e
o
n
u
n
d
etec
ted
a
n
d
th
en
r
ep
ea
t
la
ter

M o r e w i s d o m s
A 650 BC book really worth reading
“All warfare is based on deception”
“The whole secret lies in confusing the target(s), so that
he cannot fathom our real intent.”
“Engage target(s) with what they expect; it is what they
are able to discern and conﬁrms their projections. It
settles them into predictable patterns of response,
occupying their minds while you wait for the extraordinary
moment — that which they cannot anticipate.”
Audio Book
https://www.youtube.com/watch?v=X7rhovBK_eA

S tat u s Q u o
D i s t r i b u t i o n o f a t t a c k s
http://www.wordlistresearch.com/2017
B ro w s e rO t h e r s
S c a m
W W W
M a l w a r e
Wo r m
B r u t e F o rc e
D D o S
A n i n d i c a t i v e a n a l y s i s o f a v a s t
n u m b e r o f r e p o r t s g i v i n g g u i d a n c e
i n o u r d e c i s i o n m a k i n g

market potent ial
R e l a t i v e 2 0 1 9 C y b e r E a r n i n g s
https://bit.ly/2Uu0QaD
traditional crimes, cyber is an attractive choice and we can expect
cybercrime cases to reach new heights in 2020 and beyond.”

market potent ial
R e l a t i v e 2 0 1 9 C y b e r E a r n i n g s
traditional crimes, cyber is an attractive choice and we can expect
cybercrime cases to reach new heights in 2020 and beyond.”
C
y
b
er
C
r
im
e
is
th
e
s
in
g
le
b
ig
g
es
t
a
n
d
m
o
s
t
s
u
c
c
es
s
fu
l
b
u
s
in
es
s
o
n
th
e
p
la
n
et

W h e r e d o w e f i t ?
2 0 1 9 R e l a t i v e E a r n i n g s b y S i l o
Cyber-crime groups operate as regular companies
hiring specialised staff and management. Some have
public personas to maintain a good reputation. Most
of their sales are on the dark web - reputation is key.

W h e r e d o w e f i t ?
2 0 1 9 R e l a t i v e E a r n i n g s b y S i l o
Cyber-crime groups operate as regular companies
hiring specialised staff and management. Some have
public personas to maintain a good reputation. Most
of their sales are on the dark web - reputation is key.
C
y
b
er
C
r
im
e
h
a
s
s
o
m
e
o
f
th
e
b
es
t
b
u
s
in
es
s
p
r
a
c
tic
es
/m
a
n
a
g
er
s
a
n
d
EV
IL
p
eo
p
le
o
n
th
e
p
la
n
et

d a r k w e b
U l t i m a t e To o l B o x
Cheat Sheet: https://tek.io/2UhhRpA
A TOR (or similar) Browser or similar required to gain access
WARNING
This is the Devils Domain - SEE NEXT SLIDE
Fully developed hacker tools
Tech support and tutorials
Latest attack tips & methods
Consultant hackers for hire
Password/Account databases
R&D Programmes to join
Investors and money handling
+++++
On-line SuperStore for the hacker and criminal
communities with a vast army of professional
contributors and leading edge products

STUDENT WARNING
I d o n o t re c o m m e n d e n t e r i n g t h i s d o m a i n , BU T i t i s t h e o n l y
re a l wa y o f a p p re c i a t i n g t h e f u l l p o t e n t i a l - S O i f yo u d o
d e c i d e t o h a ve l o o k , t h e n :
1) Use an old machine/fake ID in a coffee shop
2) Have your camera, mic, tracking turned off
3) Make sure all location service options are off
4) Employ security (Norton et al) throughout
5) Only have a single app (TOR) installed
6) DO NOT complete any transactions
7) Reveal no personal info whatsoever
8) Factory reset machine when done
9) Security scan machine on boot
RECOMMENDATION: Enter, take a look, get a taste, get out

M O R E R E A D I N G
O t h e r d i m e n s i o n s o f D a r k N e t s
How the Dark Web works (ZDNet)
10 things you didn't know about the Dark Web (ZDNet)
This dark web market is dedicated to compromising your emails (ZDNet)
Dark Web 101:Your guide to the badlands of the internet (CNET)
The United Nations: "We're all facing the same global cyber-threat" (TechRepublic)
Four misleading myths about the Dark Web (TechRepublic)
The light side of the Dark Web (TechRepublic)
IBM Security takes us on a tour of the Dark Web (TechRepublic)

2019 TOP 10 ATTACKS
Human instinct, emotion, rational is at the wheel
The skilled attackers have
access to a global market
of data and well honed
tools via the Dark Web
•Malware: A growing catalogue of brutality and sophistication
•Phishing: Preying on the naive, gullible, tired, unprepared
•Man-in-the-Middle: Pretending to be someone/something else
•Denial of Service: Disrupting business, services, access, nets
•SQL Injection: Introduces false instructions and requests
•Zero/Day One: Invisible and lying in wait for an opportunity
•Cross Scripting: Reprogramming appearance/purpose/function
•ID Spooﬁng: Log-On illegal access/entry to accounts and sites
•Password: Stolen, Brute Force, Cracked, Directory Trial & Error
•Drive By: Malicious script embedded in an insecure website

2019 TOP 10 ATTACKS
Human instinct, emotion, rational is at the wheel
The skilled attackers have
access to a global market
of data and well honed
tools via the Dark Web
•Malware: A growing catalogue of brutality and sophistication
W
e
h
a
v
e
to
d
ec
id
e
to
fo
llo
w
th
e
c
r
o
w
d
o
r
a
d
o
p
t
a
d
iffer
en
t
s
tr
a
teg
y
/a
p
p
r
o
a
c
h

Why attack ?
What is the primary motivation

Why attack ?
Always nice to have a target in mind!
Really useful for
business planning !

Why attack ?
Always nice to have a target in mind!
Really useful for
business planning !
Yummy!
>100Bn by 2525
>1000Bn by 2030
What a great and growing
attack portal !

attack TYPE?
A b ro a d c h u rc h o f o p t i o n s
Most attack modes are easily detected and
rendered visible, but there are skilled and
undetected attackers who come and go…&
the damage shows up (much) later !
•Unauthorised access to a digital network, system and/or its data
•To access personal/secure people/businesses information
•Hacking for criminal/illegal/unsolicited purposes
•Unauthorised use of a computer/network
•Malware installation/infection
•Denial of service
•Mischief
•++++
The intentional distortion of
communication and the
purposeful corrupting of
data can be devastating
for societies, commerce &
democracy, but proﬁtable
for Dark Businesses

attack TYPE?
A b ro a d c h u rc h o f o p t i o n s
Most attack modes are easily detected and
rendered visible, but there are skilled and
undetected attackers who come and go…&
the damage shows up (much) later !
•Unauthorised access to a digital network, system and/or its data
•To access personal/secure people/businesses information
•Hacking for criminal/illegal/unsolicited purposes
•Unauthorised use of a computer/network
•Malware installation/infection
•Denial of service
•Mischief
•++++
The intentional distortion of
communication and the
purposeful corrupting of
data can be devastating
for societies, commerce &
democracy, but proﬁtable
for Dark Businesses
M
is
c
h
ief
c
a
n
b
e
a
p
o
w
er
fu
l
w
a
y
o
f
c
r
ea
tin
g
d
is
tr
a
c
tio
n
fr
o
m
th
e
m
a
in
ev
en
t

R a n d o m H a c k s
Domain of the opportunistic amateur
The small fry nuisance that occasionally
strike it lucky and gain access to web sites
and other facilities and get headline
coverage/featured in the media
“ A keyboard is a very poor substitute
for thinking, investigating, planning,
and a good business model”
“ But very occasionally this army of
hams stumble onto something useful -
and we should watch them just in case”

R o g u e S t a t e
Military-business professional approach
May be military and/or security service
based or indeed outsourced to peripheral
pseudo-companies in or out of country
Their vision, mission and plan is generally
wide and diverse with everything from stealing
money and intellectual property to military
defence/attack, political subversion and
regime change…
Beyond technology we might expect spies,
collaborators, plants, blackmail victims, the
duped and more/much worse

Every malware type is speciated
and we are also seeing a deal of
interbreeding using Artiﬁcial Life
Top 10 Malware 2019
A highly dynamic profile changing by the Quarter

Every malware type is speciated
and we are also seeing a deal of
interbreeding using Artiﬁcial Life
Top 10 Malware 2019
A highly dynamic profile changing by the Quarter
Th
is
is
s
u
c
h
a
s
a
fe
a
r
ea
to
en
g
a
g
e
in
a
s
th
e
s
o
u
r
c
e
c
a
n
r
em
a
in
h
id
d
en
w
h
ils
t
b
o
ts
d
o
a
ll
th
e
w
o
r
k

Almost everything imaginable is
available at a price on The Dark Net
including ‘call-off-contact’ support,
workforce and consultants!
Assembling a Tool Box
What can we access and exploit that involves no work?
Let’s make a start by looking at the
most popular recently in use but
not forget that a lot of the old can
be got at zero, or near zero costs &
reused, resurrected, repurposed,
modiﬁed, and used as ‘seeds’ for
new conﬁgurations and types!

Attack Tools 2020
Just one of numerous ‘stores’ on the Dark Web
We don’t have to code as we can
download all the tools required to
become a super Hack - and there
are skilled ‘dark consultants’
available for hire if help is needed!

M a l w a r e / O S
Attacks by Mobile Device
Android
Windows
Other
iPhone
>20M Species of
Malware Recorded
for Android Alone
Best Ball Park Estimate
of different/speciated
malware types >60M
This is fundamentally a
display of basic design
weakness and a good
indicator of where to
focus attacks!
Where should we target if you
were are to maximise the RoI
and minimise the cost of entry?

To o l s c r e at i o n
A well funded/distributed global industry
Growth curve for just one mobile sector
and one particular OS up to early 2019
extracted from operational data
Extrapolating out to the
end of 2020 and this will
have grown to ~ 35k
Number of new &
speciated tools

Attack Tools 2020/1
A ‘very small’ sample of what is available

Attack Tools 2020/2
A ‘very small’ sample of what is available

So how good is IT all
E x h a u s t i v e d e s c r i p t i o n s / f e a t u r e s l i s t

Airbash Auto W PA PSK
Captures the full handshake script reveals client

hacker e d uc at i on
Qui te an online ‘University’ Availa ble

YEAR-ON -Y e ar
Attack tool rankings change
“Follow the ﬂow - Go with what is
working and realising a good RoI”

Defence Rating
Directly related to target wealth!

Defence Rating
Directly related to target wealth!
R
ic
h
C
o
u
n
tr
ies
w
ith
g
o
o
d
d
efen
c
es
o
ffer
v
er
y
b
ig
r
ew
a
r
d
s
IFw
h
en
a
s
u
c
c
es
s
is
r
ea
lis
ed
p
o
o
r
C
o
u
n
tr
ies
w
ith
p
o
o
r
d
efen
c
es
s
ee
v
er
y
s
m
a
ll
r
ew
a
r
d
s
ev
en
w
h
en
s
u
c
c
es
s
es
a
r
e
p
len
tifu
l

Attack strategies
M i n d g a m e s b a s e d o n w h a t we k n o w
•Access: A growing catalogue of brutality and sophistication

t h e w e a k e s t L i n k
Pe o p l e a r e b y f a r t h e s i n g l e b i g g e s t r i s k
I n o r g a n i s a t i o n s l a r g e a n d
s m a l l , i t o n l y t a k e s o n e t o
m a k e a n e r r o r, b e c o m e
c o r r u p t e d , g e t u p s e t ,
g i v e i n t o t e m p t a t i o n ,
t u r n t o t h e D a r k S i d e !
“ Pe o p l e a re i n h e re n t l y k i n d a n d h e l p f u l
a n d w i l l r u s h t o y o u r a i d s h o u l d t h e y
t h i n k y o u a r e h a v i n g d i f f i c u l t y o r a n d
s o m e k i n d o f d i f f i c u l t y ”
“ T h e y a re a l s o ve r y p l e a s e d t o f o l l o w
y o u r i n s t r u c t i o n s i f t h e y p e r c e i v e t h a t
y o u a r e k i n d a n d t r y i n g t o h e l p t h e m ”

Exploiting Human traits
D y n a m i c a n d N o n - L i n e a r - E a s y t o A c c e s s
Sa
http://www.wordlistresearch.com/2017/12/negative-words
H
app
ignoran
vengef
trustin
corruptibl
helpfuinnocen
careles
gullible
fallibl
kin
carin
Naiveunthinkin
frustrate
reckless
unaware
competitiv
depresse
angr
caring
carefuldeceptive
crafty
selﬁsh
selfless
cunning
sill
dum
scheming
open
close

W e a k P a s s w o r d s
C a t a l o g u e s a va i l a b l e o n t h e D a r k We b
People in organisations and at
home use these and make
their accounts easy to crack

O p e n & C l o n e d
C a t a l o g u e s o n t h e D a r k W e b
Vast amounts of our data are public
or have been stolen and/or cloned

enraged employee
F r u s t r a t e d b y f a i l u r e t o a d v a n c e
Feels unappreciated and undervalued
Always overlooked for promotion
Really dislikes management chain
At odds with the company values
Stays on site & creates damaging failures and/or data changes
Leaves the company and plants software bombs/backdoors
Open to bribery and corruption and the stealing of IP

i n n o c e n t e m p l o y e e
Feels insecure and has become over helpful
Naive, open, careless, needs to be seen to be useful
Gullible and careless with information
Talks too much when care is needed
Unquestioning and so very supportive
Random information and data
Tends to be careless and make mistakes
Open to being ‘steered’ by a skilled manipular

M a l i c i o u s e m p l o y e e
Hates successful, happy, people & feels cheated
Perhaps a bad, poor, disrupted, deprived home/childhood/education
Probably something of a social misﬁt and/or sociopath/psychopath
Likely intolerant less empathic - with fewer friends than most
Normally angry and upset about almost everything
Random acts of physical and software damage
Open to suggestion and acting as an agent of crime
Open to bribery and corruption and the stealing of almost anything

H O N E Y P O T S
Applies equally to both sexes
Older man - younger woman
Older woman - younger man
Careless talk, briefcase, laptop access
Access to some informal meetings
Overhearing telephone calls
Listening device planting
Geo tracking/bugging
Spyware install
Long term investment and
strategy most often used
by rogue states for .Gov
& industrial spying with
operations spanning years

T h e V i s i t o r S
Consultants, Contractors, Temps
Long term investment and
strategy most often used
by rogue states for spying
government & industrial
spying operations spanning
tears
On site(s) and embedded inside the company
Online and general info/document access
Engaged with management/workforce
Hidden cameras and sound recording
Eyes and ears engaged 24 x 7
HD/Thumb Drive Theft
Bugging device planting
Software installs
+++++
Rogue States, Criminals, Hackers
Opportunists, The Corrupted and
Corruptible

A long-game investment by rogue states
Enjoy a normal (looking) career and life
Undercover for their country full-time
Likely to progress and be promoted
Fully trusted as team members
Usually well educated/capable
Seldom engage in sabotage
Mainly gathering data/info
+++++
S p o t T h e S p y
Recruited in as bona fide employees

Wireless to 3,4,5G, WiFi connection wide
open to theft, eaves dropping, link hacking
device in hand
N o w t h e d o m i n a n t m o d e

Cyber Risk
Realities
opportunity space
V i r t u a l a t t a c k s m o s t l y f a v o u r e d

S tat u s Q u o
C y b e r C r i m e E c o n o m y
E A S Y E N T R Y 1
M o s t l y v e r y p o o r p r o t e c t i o n
B e h i n d t h e
F i r e W a l l
i n o n e
s m a l l
s t e p
N o P a s s w o rd s
E a s y P a s s w o r d s
F a c t o r y D e f a u l t

E A S Y E N T R Y 2
M o s t l y v e r y p o o r p r o t e c t i o n

E A S Y M o n e y
L o w c o s t h u m a n / ro b o t a t t a c k s

P h i s h i n g
E x p o n e n t i a l G r o w t h
Always in a race against security teams
looking to shut them down
Security teams report phishing URLs
regularly, but some use web hosts/domains
that ignore reports
Most kits have a short life, and the phishing
window is growing smaller
H i g h l y s u c c e s s f u l / p r o f i t a b l e ;
a n d v e r y e a s y t o a u t o m a t e f o r
e M a i l , T X T a n d s p e e c h

P h i s h i n g
E x p o n e n t i a l G r o w t h
o f S p e c i e s s e e s a ra p i d
S h o r t e n i n g L i f e t i m e s
Days to Deactivation
Cumulative%ofKitsDeactivated
25%
50%
75%
100% Cumulative % of kits deactivated
0 40 80 120 160 200

P h i s h i n g
E x p o n e n t i a l I n n o v a t i o n
Akamai

soft target 1
Ol d p eople and technophobes
Potential RoI
Savings + Pension Pot +
Bank + Cards + eAccounts
Point of Access
Old laptop with no SW updates
Ineffective Malware Protection
Ineffective firewall and Passwords
Default settings on smart TV et al
WiFi visible and easily accessible
Already part of a BOTNET…
Human Weakness
Kind, Helpful, Compliant!
Naive, uneducated, unaware
Subject to Phishing, SPAM, SCAM,
Below par passwords/security settings
Passwords recorded in a little book
Prone to being taken in by:
MS Support, ISP Fault/Testing/
Service Cut Off, A call from
the bank …

soft target 2
Hard working & busy families
Potential RoI
Savings + Services + Sales
Bank + Cards + eAccounts
Point of Access
PC, laptop, tablets, games consoles
Ineffective FireWalls and Malware
Protection across multiple machines
and platforms, weak/no passwords
WiFi @ home and mobile - visible
and easily accessible
Human Weakness
Busy tired parents + innocent children
Not well educated/fully aware,
disconnected from children activity.
Unable to keep up with software/OS
upgrades across all machines, no one
has oversight…
Passwords used multiple times
Spoof URL, RansomeWare, Freebies
and low cost kit Day One plus too
good to be true offers, Surveys…

soft target 3
The frantic/busy mobile worker
Potential RoI
Customer, Project, Contract,
Sales, Production, Delivery
Data +Account/Co Access
Point of Access
Laptop, tablet, mobile(s), open Blue
Tooth/WiFi, weak MalwareProtection
across multiple machines/platforms,
repeated/reused simple passwords,
automated log on to known/regular
wifi providers
Human Weakness
Busy, in a hurry, stressing environment
Not well trained, briefed, supported
Subject to Phishing, SPAM, SCAM,
Below par passwords/security settings
Spoof WiF, URL, Device Request
to Link, blind to shoulder surﬁng
and device theft + USB Plants…

soft target 4
T h e S M E / S t a r t U p S e c t o r
Potential RoI
B i l l i n g +eAccounts+Bank+IP+
User/Customer Info
Point of Access
Laptop, tablet, mobile(s), open Blue
Tooth/WiFi, weak MalwareProtection
across multiple machines/platforms,
passwords/access management, many
visitors and meetings, automated log
on to known/regular wifi providers
Human Weakness
Busy, in a hurry, stressed environment
Equipment self provision, sharing
culture, subject to Phishing, SPAM,
SCAM, numerous home and office
wifi appliances et al
No dedicated security team and no
oversight
Spoof WiF, URL, Device Request to
Link, blind to shoulder surﬁng and
device theft + USB Plants…

T h e V I S I TO R ( S )
S a l e s m a n , C o n t r a c t o r + +
Potential RoI: Collects random/
targeted info-Plants, USB/LAN
Dongles - removes drives/discs
Human Weakness Exploitation
Escorted/Freedom of movement -
allowed to be alone, given LAN/Net
access, observes screens, fax, papers,
whiteboards. Conversations overhead
vacuum up all logistic and other info,
observes personal device numbers,
brand variations, mobiles & cameras
for that later planning of an attack
Inadequate visitor checks/validation in
the interest of serving a fast moving
economy and relationships
Spoof WiF, URL, Device Request
to Link, shoulder surﬁng blind &
device theft + USB Plants…

h a r d ta r g e t 1
C o mpanies that don’t divulge detail
How is the
Network
Conﬁgured?
All protected by strong
encryption 128/256 keys
and disparate routing

h a r d ta r g e t 3
L a r g e / I n t e r n a t i o n a l C o m p a n i e s What is actually
in this Cloud?
All protected by strong
encryption 128/256 keys
and disparate cloud
connects

T h e soft SIDE OF HARD
L o c a l L o o p , H o m e , M o b i l e , W i F i , B l u e To o t h , L A N
VPN
PN
VPN
PN
Dedicated
Fibre
VPN
PN
Dedicated
Fibre
VPN
PN
VOIP Network Service
Reseller
with direct routing

T h e soft SIDE OF HARD
L o c a l L o o p , H o m e , M o b i l e , W i F i , B l u e To o t h , L A N
VPN
PN
VPN
PN
Dedicated
Fibre
VPN
PN
Dedicated
Fibre
VPN
PN
VOIP Network Service
Reseller
with direct routing
Inherently
Insecure
Wired
&
Wireless
Inherently
Secure
Fibre
PN/VPN
Strong
Encryption
Hidden
VPN &
Routings

R E A L L Y h a r d t a r g e t s
G o ve r n m e n t , I n s t i t u t i o n s , M i l i t a r y, I n f ra s t r u c t u re + +
N o t re a l l y a g o o d i d e a t o a t t a c k : T h e f o rc e s
o f M I 5 , M I 6 , G C H Q , Po l i c e w o u l d r a i n d o w n !
T h i s d o m a i n i s o n e f o r t h e r o g u e s t a t e s & t h o s e
t h o s e c o n t e m p l a t i n g s o m e f o r m o f w a r / s a n c t i o n s

T I M E TO AT TAC K
O n t h e b a s i s o f w h a t
w e h a v e c o v e r e d s o f a r !

STUDENT Attack Scenario
O u r s e l e c t e d / r i c h Ta r g e t s : R e t a i l , S M E s , L o g i s t i c s
A l l Ta r g e t s a r e p r o f i t a b l e a n d o p e n t o r a n s o m a t t a c k s
T h e y c a n s u r v i v e a a 2 0 - 2 5 % o f t u r n o v e r o f d e m a n d
A l l a r e d e a d i n t h e w a t e r i f t h e y c a n n o t a c c e s s t h e i r d a t a

STUXNET (2011) Variant
H i g h l y s o p h i s t i c a t e d c u s t o m i s a b l e c h e a p

A c c e s s m e t h o d s
A l l a v a i l a b l e h u m a n a n d n e t m o d e s p o s s i b l e
G a i n p h y s i c a l a c c e s s a s a v i s i t o r
L e a v e a d r i v e i n W C o n c o r r i d o r f l o o r, a n o f f i c e d e s k
H a n d b r o c h u r e s a n d d r i v e s t o t h e f r o n t d e s k
L e a v e b r o c h u r e s a n d d r i v e s i n r e c e p t i o n a r e i f p o s s i b l e
I n s e r t U S B a n d C AT 5 / 5 d o n g l e s i n t o a c c e s s i b l e s o c k e t s
L e a v e a d u l t e r a t e d AV a d a p t e r s / d o n g l e s i n m e e t i n g r o o m s
D i s g u i s e S T U X m a x a s a P D F
E m b e d o n b l a n k t h u m b d r i v e s
E m b e d o n s a l e s t h u m b d r i v e s
E m b e d i n e M a i l s a n d We b S i t e
C r e a t e a d u m m y c o m p a n y
S e e d w e b s i t e , e M a i l s , C a t a l o g u e , S u p p o r t M a t e r i a l s
L i k e w i s e a l l b r o c h u r e s t h u m b d r i v e s a n d f r e e b e e s
C l o s e / E x p u n g e a l l t r a c e s o f c o m p a n y d a y b e f o r e i s s u i n g r a n s o m n o t e s

S p e c i a t i o n
A r t i f i c i a l L i f e B r e e d i n g M a l w a r e

A t t a c k A l g o r i t h M
G e t t i n g S T U X m a x o n t o L A N s a n d M a c h i n e s
S T U X m a x A c t i v i t y ( t a k e s p l a c e o u t o f h o u r s )
1 ) S e a r c h o u t P C s , L a p t o p s , Ta b l e t s , M o b i l e s S w i t c h e s , S e r v e r s
2 ) S e a r c h o u t b a c k u p d r i v e s a n d C l o u d A c c o u n t s
3 ) I n f i l t r a t e a n d s i t q u i e t f o r 3 0 d a y s d o i n g n o t h i n g
4 ) S T U X m a x n o t a c h i e v i n g ( 1 - 2 ) i n 2 0 d a y s s e l f d e s t r u c t
5 ) R e p o r t b a c k p e n e t r a t i o n a n d p o s i t i o n i n g i m m e d i a t e l y
6 ) S i t q u i e t f o r a f u r t h e r 1 0 d a y s d o i n g n o t h i n g
7 ) O n d a y a d e f i n e d d a t e ( ~ d a y 4 1 ) e n c r y p t a l l f i l e s a n d d r i v e s
8 ) W h e n ( 7 ) c o m p l e t e d a l l S T U X m a x e l e m e n t s t o s e l f d e s t r u c t

C o l l e c t i n g t h e $ $ $
B y t h e c o m p a n y o r b y t h e d e v i c e / s e r v i c e / f a c i l i t y ?
1 ) D i r e c t P a y m e n t i n t o B I T C O I N o n l y
2 ) D e s t r o y a l l e v i d e n c e a n d e r a s e a n y a u d i t t r a i l s
3 ) L a y f a l s e t r a i l s a n d p l a n t e r r o n e o u s e v i d e n c e
4 ) W h e n p a y m e n t c o m p l e t e d r e l e a s e e n c r y p t i o n k e y ( s )
5 ) W h e n p r o j e c t e d R o I a c h i e v e d s l o w l y ‘e v a p o r a t e ’ ( 3 )
6 ) W h e n c o m p l e t e d r e v i e w c o m p l e t e a 3 6 0 r e v i e w o f s u c c e s s
7 ) R e f i n e a t t a c k f r o m t h e l e s s o n s l e a r n e d
8 ) L a u n c h a s e c o n d b u t b i g g e r w a v e f u n d e d b y A t t a c k O n e
9 ) R e p e a t ( 6 - 8 ) u n t i l t h e t a r g e t s r e s p o n d w i t h e f f e c t i v e d e f e n c e s
1 0 ) D o ( 9 ) a t t h e p o i n t w h e r e R o I f a l l s s h o r t o f t a r g e t e a r n i n g s
1 1 ) I t i s t i m e t o c o n f i g u r e a n e w f o r m o f m o n e y m a k i n g a t t a c k !

C o l l e c t i n g t h e $ $ $
B y t h e c o m p a n y o r b y t h e d e v i c e / s e r v i c e / f a c i l i t y ?
1 ) D i r e c t P a y m e n t i n t o B I T C O I N o n l y
2 ) D e s t r o y a l l e v i d e n c e a n d e r a s e a n y a u d i t t r a i l s
3 ) L a y f a l s e t r a i l s a n d p l a n t e r r o n e o u s e v i d e n c e
4 ) W h e n p a y m e n t c o m p l e t e d r e l e a s e e n c r y p t i o n k e y ( s )
5 ) W h e n p r o j e c t e d R o I a c h i e v e d s l o w l y ‘e v a p o r a t e ’ ( 3 )
C L A S S D I S C U S S I O N
P r o s a n d C o n s o f ( 1 - 5 )

P r e p a r e f o r
C L A S S D I S C U S S I O N
A f t e r t h e D e f e n c e S c e n a r i o s
M o d u l e n e x t w e e k

https://www.techrepublic.com/article/dark-web-cybercriminals-sell-half-a-million-zoom-accounts/?
ftag=TREa988f1c&bhid=118458570&mid=12790841&cid=712406925

https://www.techrepublic.com/article/dark-web-cybercriminals-sell-half-a-million-zoom-accounts/?
ftag=TREa988f1c&bhid=118458570&mid=12790841&cid=712406925
o
p
p
o
r
tu
n
is
tic
La
ter
a
l
Th
in
k
in
g
a
n
d
a
lo
t
o
f
ea
s
y
m
o
n
ey
w
a
s
m
a
d
e

F U T U R E S
P r o j e c t e d n e a r & f a r
Multiplexed Attacks
M&A
Resource Hi-Jacks
AI + AL Attack Scenario Creation
AI Behavioural Analysis of People, Machines, Networks

Things that Think want to Link
and
Things that Link want to Think
F I N - Q & A ?
www.petercochrane.com

CYBER ATTACK SCENARIOS - Part 1: Building The Red Team

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to CYBER ATTACK SCENARIOS - Part 1: Building The Red Team

Similar to CYBER ATTACK SCENARIOS - Part 1: Building The Red Team (20)

More from University of Hertfordshire

More from University of Hertfordshire (20)

Recently uploaded

Recently uploaded (20)

CYBER ATTACK SCENARIOS - Part 1: Building The Red Team