Pine Cove Consulting is an IT consulting company located in Bozeman, MT that focuses on cybersecurity. They have 25 years of industry experience and currently support over 20,000 users daily. The document discusses how the cyber threat is growing in severity and sophistication, targeting more organizations, including through ransomware attacks. It provides examples of common social engineering techniques used in cyberattacks and outlines six steps individuals and organizations can take to help avoid data breaches, such as using strong passwords, verifying senders of emails, and not acting rashly due to fear.

1. IT’S NOT IF, IT’S WHEN
www.pinecc.com

2. Who am I?
www.pinecc.com

3. Who is Pine Cove Consulting?
• IT Consulting Company – Bozeman, MT
• 25 Years in the Industry
• Cyber-Security Focus
• Support 20k+ Users Daily
• Deployed and/or Manage Over 150+ Firewalls
• Received Multiple National Cyber-Security Awards
www.pinecc.com

4. Why are we here?
Your organization has either; BEEN attacked, is currently BEING attacked or WILL
BE attacked by cyber criminals. Our mission is to provide you with the knowledge,
with the knowledge, the vision, and the solutions to secure your critical assets.
www.pinecc.com
395,000+Montanans have been affected by
reported data breaches in 2018
according to Montana Department of
Justice
156
Organizations have reported cyber
breaches in Montana so far in 2018
74 Days
Average length of time a Montana
organization is under attack by cyber
criminals
Information gathered from Jan 1, 2018 – June 28, 2018

5. The THREAT is Growing
• More attacks
• More sophistication
• More ways to attack
The THREAT is Unique and Unseen
• Zero-Day
• Next Generation
• Millions of Variants
The THREAT is Directed Towards YOU!
• Social Engineered
• Industry Focused
• Focused on Easy Targets
www.pinecc.com

6. THE THREAT IS GROWING
www.pinecc.com
Circa - 2001
60,000
2017
750,000,000
Total malware
Circa – 1992
1,500

7. THE THREAT IS UNIQUE AND UNSEEN
75%
75% of the malicious files
SophosLabs detects are found
only within a single
organization.
500,000
SophosLabs receives and processes
500,000 previously unseen malware
samples each day.
www.pinecc.com

8. At least 40% of data
breaches affect
organizations with
fewer than 1,000
employees
Unknown
More than
100,000
10,001-100,000
1-100
101-1,000
22%
31%
7%
20%
11%
9%
Data Breaches by Company Size (# employees)
Source: Verizon data breach investigations report, 2013
THE THREAT IS DIRECTED TOWARDS
YOU!
www.pinecc.com

9. Why?
$$$
Zero-day Vulnerabilities
Adobe Reader
5-30
Price of zero-day attacks in various applications or OS’s
($ ‘000)
Mac OSX
20-50
Android
30-60
Flash / Java
40-100
MSFT Word
50-100
Windows
60-120
Firefox / Safari
60-150
Chrome / IE
80-200
IOS
100-250
www.pinecc.com

10. SELL IT
HOLD IT RANSOM
EXTORT IT
www.pinecc.com
3 Major Ways Hackers Monetize Your Data

11. www.pinecc.com
Example of Stealing Data
Jane,
This is Kevin, I’m currently working with our auditors and they need W2’s and salary
information for all current employees. Please send ASAP.
Kevin Smith
Superintendent, XYZ School District
Kevin Smith

12. www.pinecc.com
Example of Stealing Data
Jane,
This is Kevin, I’m currently working with our auditors and they need W2’s and salary
information for all current employees. Please send ASAP.
Kevin Smith
Superintendent, XYZ School District
Kevin Smith
Jane,
Hey, it’s Kevin again, I haven’t received the employee information. Please send ASAP, as
I’m meeting with the auditors right now.
Kevin Smith
Superintendent, XYZ School District

13. www.pinecc.com
Example of Stealing Data
ksmith123@comcast.com
Jane,
Hey, it’s Kevin again, I haven’t received the employee information. Please send ASAP, as
I’m meeting with the auditors right now.
Kevin Smith
Superintendent, XYZ School District

14. Ransomware is software that denies you
access to your files or computer until you
pay a ransom
Ransomware
www.pinecc.com

15. www.pinecc.com
Ransomware Damage by Year:
• 2015: $325 Million
• 2016: $1 Billion
• 2017: $5 Billion
• 2018: ~$9 Billion

16. Ransomware: Process (ex. CryptoLocker)
Installation
After infection, ransomware installs itself, sets keys in the registry.
Registry to start automatically every time computer boots up.
Contact
Headquarters
Before it can attack, it contacts a server operated by the criminal
organization that owns it.
Handshake &
Keys
Ransomware client and server identify each other and create two
cryptographic keys (handshake). Once key is kept on your computer,
the second key is stored securely on the criminal's server.
Encryption
Once keys are established, ransomware begins encrypting every file it
finds with common file extensions (.doc, .xls, .ppt, .jpg)
Extortion
Ransomware displays a screen giving you a time limit to pay before
the criminals destroy the key to decrypt your files. Typical price,
$300-$500 must be paid in untraceable bitcoins.
www.pinecc.com

17. Ransomware Example:
Step 1: Advertisement of Exploit
www.pinecc.com

18. Ransomware Example:
Step 2: Call to Action
www.pinecc.com

19. Ransomware Example:
Step 3: Demand Ransom
www.pinecc.com

20. DON’T CLICK LOGIN LINKS
USE 2FA (2-FACTOR AUTHENTICATION)
DON’T ACT ON FEAR
STRONG PASSWORDS
VERIFY SENDER
VERIFY URL
www.pinecc.com
6 Steps to Avoid Data
Blunders

21. www.pinecc.com
#1: DON’T CLICK LOGIN
LINKS

22. www.pinecc.com
#1: DON’T CLICK LOGIN
LINKS

23. www.pinecc.com
#1: DON’T CLICK LOGIN
LINKS

24. www.pinecc.com
#1: DON’T CLICK LOGIN
LINKS

25. www.pinecc.com
#1: DON’T CLICK LOGIN
LINKS

26. www.pinecc.com
#1: DON’T CLICK LOGIN
LINKS

27. www.pinecc.com
#1: DON’T CLICK LOGIN
LINKS

28. www.pinecc.com
#2: 2-FACTOR AUTHENTICATION
(2FA)

29. www.pinecc.com
#2: 2-FACTOR
AUTHENTICATION (2FA)

30. www.pinecc.com
#2: 2-FACTOR
AUTHENTICATION (2FA)

31. www.pinecc.com
#3: DON’T ACT ON FEAR

32. www.pinecc.com
#3: DON’T ACT ON FEAR

33. www.pinecc.com
#3: DON’T ACT ON FEAR

34. www.pinecc.com
#4: USE STRONG
PASSWORDS

35. www.pinecc.com
#4: USE STRONG
PASSWORDS
Computers can make
up to 350 billion
password calculations
per second
For each character
over 8, your password
takes around 100
times longer to crack

36. www.pinecc.com
#4: USE STRONG
PASSWORDS
Add Length:
We recommend using at least 12 characters
Add variation:
Numbers (significant dates, lucky
numbers)
Special characters (@#$! or
spaces)
Capital letters
Use easy-to-remember phrases:
Favorite quotes Song lyrics Nursery rhymes

37. www.pinecc.com
#4: USE STRONG
PASSWORDS

38. www.pinecc.com
#5: VERIFY SENDER

39. www.pinecc.com
#5: VERIFY SENDER

40. www.pinecc.com
#5: VERIFY SENDER

41. www.pinecc.com
#5: VERIFY SENDER

42. www.pinecc.com
#5: VERIFY SENDER

43. www.pinecc.com
#6: VERIFY URL

44. www.pinecc.com
#6: VERIFY URL

45. www.pinecc.com
#6: VERIFY URL

46. www.pinecc.com
#6: VERIFY URL

47. www.pinecc.com
#6: VERIFY URL

48. 7 Deadly Cyber-security Sins
1. Mobile Negligence
2. Mac Malice
3. Un-Secure WiFi
4. Un-Encrypted Email
5. Faulty Firewall
6. Un-Encrypted Files
7. Delinquent Web Filtering
www.pinecc.com

49. Problem:
• Increase in Mobile Usage
• Increase in Mobile Exploits
• Hackers are targeting mobile
devices
Solution:
• Enforce Secure Passwords
• Block Unwanted Apps
• Enable Corporate Email
• Implement Remote Wipe
www.pinecc.com

50. Problem:
• Myth of Protection
• Macs can Host Windows Malware
• Anti-Virus is Not Enough
Solution:
• "Cross-Platform" Endpoint Protection
• Enforce User-Based Policies
• Implement Anti-Ransomware Solution
www.pinecc.com

51. Problem:
• Easiest Access to Your Network
• Known and Unknown Devices
Connecting
Solution:
• Enforce Standard Network Security
Policies
• Block Undesirable Websites and Devices
• Implement Isolated Public and Private
Networks
www.pinecc.com

52. Problem:
• Email is fastest growing target
• Gateway for Ransomware
• Spam/Phishing
Solution:
• Implement Email Protection
• Combine DLP and Policy Based
Encryption
www.pinecc.com

53. Problem:
• First Line of Defense
• Often Stateful Firewall
Solution:
• Unified Threat Management
• Reporting and Management
www.pinecc.com

54. Problem:
• Last Line of Defense
Solution:
• Disaster Recovery Plan
• Image Based Backup
www.pinecc.com

55. Problem:
• Threat has evolved
• Legit sites are now being compromised
• 80% of malicious URLs are detected on
legitimate sites
Solution:
• Implement intelligent filtering
• Off-campus web security
www.pinecc.com

56. www.pinecc.com
Questions?