SlideShare a Scribd company logo

The Future of Hacking

R
Richard S Smith, PMP, CISSP
1 of 18
Download to read offline
The Future of Hacking A Review of the Economics, Motivations, Tools, and Techniques of Cyber Adversaries 5/7/2016 1Richard S. Smith
Agenda • Battlefield Assessment • Hacking Economics • Components of a Hack • Hacker Traits • Social Motivators • Delivery and Transport • Likely Targets • Attack Tools • Hacking R&D 5/7/2016Richard S. Smith 2
Battlefield Assessment • Statista reports over 781 breaches occurred in 2015 and 169 million sensitive records were exposed; a 97% increase from last year • Ponemon’s 2015 Cost of Data Breach Report, data breaches cost Financial companies $259 per user; second highest average cost per breach by industry • PwC’s, Global State of Information Security Survey 2015 reports the cost of global information security budgets decreased four percent when compared with 2013; security spending is stalled at four percent or less for the past five years 5/14/2016Richard S. Smith 3
Hacking Economics Corporate costs of prevention are increasing while Hacker cost are decreasing. • Total cost to hackers for a successful attack decreased due to: o Less time to execute successful attacks o Improvement in hacker tools ($1,300 for sophisticated tools) o Decrease in the cost of computing power. • Conversely, annualized cost of breaches last year was $7.7M with a broad range $.3M to $65M • Financial Services and Energy breach costs are 67% greater (on average) than other industries 5/14/2016Richard S. Smith 4
Components of a Hack • People • Motivators • Transport • Targets • Tools or Methods 5/7/2016Richard S. Smith 5 = PMT3
Hacker Traits • Technical • Creative • Curious • Resourceful • Industrious • Impatient • Obsessive • Self-absorbed • Intellectual arrogance 5/14/2016Richard S. Smith 6 Destructiveness
Social Motivators 5/14/2016Richard S. Smith 7 Casual Hacking Fun and Thrill Curiosity and Anonymity Notoriety Hacktivism or Moral Compass Sabotage or Retaliatory Property Destruction Cyber Terrorism Financial Gain Ransom Corporate Espionage Intelligence Gathering 51% 29% 19% 1%
Delivery and Transport Delivery Vehicle • Spear-phishing email • Phone call (social engineering and voicemail hacks) • Reconnaissance or Scanning for unpatched devices in target network Transport Method • Cell phone • Internet Cafes • Home Network (utilize multiple hops for anonymity) 5/14/2016Richard S. Smith 8
Likely Individual Targets 5/14/2016Richard S. Smith 9 30% 40% 8% 6% 16% IT Administrator Contractor Executive Assistant Executive Non-executive Employee
Attack Tools (Methods) 5/14/2016Richard S. Smith 10 Attack Methods Probability Severity Expected Loss Malicious Code Moderate High High Denial of Service Moderate Moderate Moderate Phishing and Social Engineering Moderate Moderate Moderate Web-based attacks Moderate Moderate Moderate Malware High Low Low Virus, worms, trojans High Low Low Stolen devices Moderate Low Low Botnets Moderate Low Low Malicious insiders Low Low Low
Hacking R&D 1. Bitcoin: Criminals will exponentially increase the use of Bitcoin to collect funds from criminal actions or as payment for new hacker tools 2. Social Media and Cloud Services: New attack vectors and platforms will emerge 3. Multi-vector DDoS Attacks: Use of Stressers/Booters will surpass traditional botnet attacks 4. Internet of Things: Increasing attacks on IoT devices (ATMs, planes, cars, smart home devices) will consume the news 5. Mobile attacks: Hackers will increasingly focus on malware affecting mobile devices and payment methods 6. Ransomware: Encryption will increasingly be used as a weapon against its victims 5/14/2016Richard S. Smith 11
Malicious Code • Sophisticated malware borne from legacy malware specifically aimed at stealing banking credentials • Ransomware encrypts victim’s files and demands payment for decryption keys—all while using Bitcoin to transact payment • ATM-focused cyber attacks that do not require skimmers, but utilize malicious code that can be loaded directly to the terminal 5/14/2016Richard S. Smith 12 Hacking R&D
Distributed Denial of Service • Stresser/booter-based botnets are the source of a vast majority of DDoS attacks • DDoS tools rely heavily upon reflection techniques to generate massive amounts of traffic • 56% of all DDoS attacks repeat targets • China is the top country sourcing DDoS attacks and the gamer industry is the most frequent target 5/14/2016Richard S. Smith 13 Hacking R&D
Phishing and Social Engineering 5/14/2016Richard S. Smith 14 • In 2015, 90% of all phishing attacks were targeted at Financial Services • Spear-phishing remains the attack method of choice for APT actors • Gmail is used heavily as a drop point once usernames and passwords are stolen from a target • Social media is used to market and distribute phishing kits and related goods and services Hacking R&D
Web-based Attacks • Tor, Darknet, and Bitcoin are used in concert to market and distribute exploits, like zero-days • Increase in zero-day web-based tools available on the Darknet black market • Hacker Toolkits provide configuration options to use different exploits • Ransomeware campaigns use zero-day attacks for high-probability attacks that hit a large number of users simultaneously 5/14/2016Richard S. Smith 15 Hacking R&D
Tech for Slowing Down Advanced Attackers • Security intelligence or SIEM systems provide a significant ROI • Deploying encryption technologies (storage, middle-tier, and database) • Advanced perimeter controls such as UTM, NGFW, IPS with reputation feeds • Hiring expert security staff, including a CISO • Training your workforce to recognize attacks, especially spear-phishing • Apply controls to systems based on the risk and sensitivity of the data 5/14/2016Richard S. Smith 16
Questions? “I'm a really good hacker, but I'm not a sensible person.” –Richard D. James (Aphex Twin) British electronic musician and composer 5/14/2016Richard S. Smith 17
Sources • Ward, Peter. "The Future of Hacking: Your Planes, Trains and Automobiles Aren't Safe." Newsweek. N.p., 07 July 2015. Web. 23 Apr. 2016. • Press. "Thycotic Black Hat 2014." Thycotic Black Hat 2014 Hacker Survey Executive Report (2014): n. pag. Thycotic. Aug. 2014. Web. 23 Apr. 2016. • Kovaks, Eduard. "Ransomware: A Formidable Enterprise Threat | SecurityWeek.Com." Ransomware: A Formidable Enterprise Threat | SecurityWeek.Com. SecurityWeek, 30 Oct. 2015. Web. 23 Apr. 2016. • Hassell, Jonathan. "You've Been Hit with Ransomware. Now What?" CIO. CIO, 21 Apr. 2016. Web. 24 Apr. 2016. • Page, Jeremy. "4 Different Types of Attacks – Understanding the “Insider Threat”." 4 Different Types of Attacks. CloudTweaks, 19 Jan. 2015. Web. 25 Apr. 2016. 5/14/2016Richard S. Smith 18

Recommended

Data breach at Target, demystified.
Data breach at Target, demystified.Data breach at Target, demystified.
Data breach at Target, demystified.
Cyphort
 
Threat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - SubmittedThreat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - Submitted
Steve Lodin
 
MISP EcoSystem - Threat Intelligence, VMRay, MISP
MISP EcoSystem - Threat Intelligence, VMRay, MISPMISP EcoSystem - Threat Intelligence, VMRay, MISP
MISP EcoSystem - Threat Intelligence, VMRay, MISP
Koen Van Impe
 
The Role Of Technology In Modern Terrorism
The Role Of Technology In Modern TerrorismThe Role Of Technology In Modern Terrorism
The Role Of Technology In Modern Terrorism
Pierluigi Paganini
 
The Cybercriminal Underground: Understanding and categorising criminal market...
The Cybercriminal Underground: Understanding and categorising criminal market...The Cybercriminal Underground: Understanding and categorising criminal market...
The Cybercriminal Underground: Understanding and categorising criminal market...
Mark Arena
 
Global Cyber Threat Intelligence
Global Cyber Threat IntelligenceGlobal Cyber Threat Intelligence
Global Cyber Threat Intelligence
NTT Innovation Institute Inc.
 
Threat intelligence in security
Threat intelligence in securityThreat intelligence in security
Threat intelligence in security
Osama Ellahi
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
Prachi Mishra
 

Recommended

Data breach at Target, demystified.
Data breach at Target, demystified.Data breach at Target, demystified.
Data breach at Target, demystified.
Cyphort
 
Threat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - SubmittedThreat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - Submitted
Steve Lodin
 
MISP EcoSystem - Threat Intelligence, VMRay, MISP
MISP EcoSystem - Threat Intelligence, VMRay, MISPMISP EcoSystem - Threat Intelligence, VMRay, MISP
MISP EcoSystem - Threat Intelligence, VMRay, MISP
Koen Van Impe
 
The Role Of Technology In Modern Terrorism
The Role Of Technology In Modern TerrorismThe Role Of Technology In Modern Terrorism
The Role Of Technology In Modern Terrorism
Pierluigi Paganini
 
The Cybercriminal Underground: Understanding and categorising criminal market...
The Cybercriminal Underground: Understanding and categorising criminal market...The Cybercriminal Underground: Understanding and categorising criminal market...
The Cybercriminal Underground: Understanding and categorising criminal market...
Mark Arena
 
Global Cyber Threat Intelligence
Global Cyber Threat IntelligenceGlobal Cyber Threat Intelligence
Global Cyber Threat Intelligence
NTT Innovation Institute Inc.
 
Threat intelligence in security
Threat intelligence in securityThreat intelligence in security
Threat intelligence in security
Osama Ellahi
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
Prachi Mishra
 
Cyber espionage - Tinker, taylor, soldier, spy
Cyber espionage - Tinker, taylor, soldier, spyCyber espionage - Tinker, taylor, soldier, spy
Cyber espionage - Tinker, taylor, soldier, spy
b coatesworth
 
[AIIM18] When the C-Suite won't Talk About Cybersecurity: What I know about t...
[AIIM18] When the C-Suite won't Talk About Cybersecurity: What I know about t...[AIIM18] When the C-Suite won't Talk About Cybersecurity: What I know about t...
[AIIM18] When the C-Suite won't Talk About Cybersecurity: What I know about t...
AIIM International
 
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Raffael Marty
 
Cyber threat Intelligence and Incident Response by:-Sandeep Singh
Cyber threat Intelligence and Incident Response by:-Sandeep SinghCyber threat Intelligence and Incident Response by:-Sandeep Singh
Cyber threat Intelligence and Incident Response by:-Sandeep Singh
OWASP Delhi
 
Threat Intelligence
Threat IntelligenceThreat Intelligence
Threat Intelligence
Deepak Kumar (D3)
 
The Cybercriminal Underground: Understanding and categorising criminal market...
The Cybercriminal Underground: Understanding and categorising criminal market...The Cybercriminal Underground: Understanding and categorising criminal market...
The Cybercriminal Underground: Understanding and categorising criminal market...
Mark Arena
 
2016 ISSA Conference Threat Intelligence Keynote philA
2016 ISSA Conference Threat Intelligence Keynote philA2016 ISSA Conference Threat Intelligence Keynote philA
2016 ISSA Conference Threat Intelligence Keynote philA
Phil Agcaoili
 
Utilizing cyber intelligence to combat cyber adversaries (OA Cyber Summit)
Utilizing cyber intelligence to combat cyber adversaries (OA Cyber Summit)Utilizing cyber intelligence to combat cyber adversaries (OA Cyber Summit)
Utilizing cyber intelligence to combat cyber adversaries (OA Cyber Summit)
Open Analytics
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
mohamed nasri
 
NTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't Enough
NTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't EnoughNTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't Enough
NTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't Enough
North Texas Chapter of the ISSA
 
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...
Puneet Kukreja
 
The Cyber Threat Intelligence Matrix
The Cyber Threat Intelligence MatrixThe Cyber Threat Intelligence Matrix
The Cyber Threat Intelligence Matrix
Frode Hommedal
 
Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9
UISGCON
 
Threat Intelligence Workshop
Threat Intelligence WorkshopThreat Intelligence Workshop
Threat Intelligence Workshop
Priyanka Aash
 
Threat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonThreat hunting - Every day is hunting season
Threat hunting - Every day is hunting season
Ben Boyd
 
Advantage Technology - Ransomware and the NIST Cybersecurity Framework
Advantage Technology - Ransomware and the NIST Cybersecurity FrameworkAdvantage Technology - Ransomware and the NIST Cybersecurity Framework
Advantage Technology - Ransomware and the NIST Cybersecurity Framework
Jack Shaffer
 
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
UISGCON
 
Red team Engagement
Red team EngagementRed team Engagement
Red team Engagement
Indranil Banerjee
 
Why Risk Management is Impossible
Why Risk Management is ImpossibleWhy Risk Management is Impossible
Why Risk Management is Impossible
Richard Stiennon
 
Threat Intelligence in Cyber Risk Programs
Threat Intelligence in Cyber Risk ProgramsThreat Intelligence in Cyber Risk Programs
Threat Intelligence in Cyber Risk Programs
Rahul Neel Mani
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Sourabh Goyal
 
Hacking techniques
Hacking techniquesHacking techniques
Hacking techniques
gaurav koriya
 

More Related Content

What's hot

Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Raffael Marty
 
The Cybercriminal Underground: Understanding and categorising criminal market...
The Cybercriminal Underground: Understanding and categorising criminal market...The Cybercriminal Underground: Understanding and categorising criminal market...
The Cybercriminal Underground: Understanding and categorising criminal market...
Mark Arena
 
NTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't Enough
NTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't EnoughNTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't Enough
NTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't Enough
North Texas Chapter of the ISSA
 
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...
Puneet Kukreja
 
The Cyber Threat Intelligence Matrix
The Cyber Threat Intelligence MatrixThe Cyber Threat Intelligence Matrix
The Cyber Threat Intelligence Matrix
Frode Hommedal
 
Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9
UISGCON
 
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
UISGCON
 

What's hot (20)

Cyber espionage - Tinker, taylor, soldier, spy
Cyber espionage - Tinker, taylor, soldier, spyCyber espionage - Tinker, taylor, soldier, spy
Cyber espionage - Tinker, taylor, soldier, spy
 
[AIIM18] When the C-Suite won't Talk About Cybersecurity: What I know about t...
[AIIM18] When the C-Suite won't Talk About Cybersecurity: What I know about t...[AIIM18] When the C-Suite won't Talk About Cybersecurity: What I know about t...
[AIIM18] When the C-Suite won't Talk About Cybersecurity: What I know about t...
 
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
 
Cyber threat Intelligence and Incident Response by:-Sandeep Singh
Cyber threat Intelligence and Incident Response by:-Sandeep SinghCyber threat Intelligence and Incident Response by:-Sandeep Singh
Cyber threat Intelligence and Incident Response by:-Sandeep Singh
 
Threat Intelligence
Threat IntelligenceThreat Intelligence
Threat Intelligence
 
The Cybercriminal Underground: Understanding and categorising criminal market...
The Cybercriminal Underground: Understanding and categorising criminal market...The Cybercriminal Underground: Understanding and categorising criminal market...
The Cybercriminal Underground: Understanding and categorising criminal market...
 
2016 ISSA Conference Threat Intelligence Keynote philA
2016 ISSA Conference Threat Intelligence Keynote philA2016 ISSA Conference Threat Intelligence Keynote philA
2016 ISSA Conference Threat Intelligence Keynote philA
 
Utilizing cyber intelligence to combat cyber adversaries (OA Cyber Summit)
Utilizing cyber intelligence to combat cyber adversaries (OA Cyber Summit)Utilizing cyber intelligence to combat cyber adversaries (OA Cyber Summit)
Utilizing cyber intelligence to combat cyber adversaries (OA Cyber Summit)
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
 
NTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't Enough
NTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't EnoughNTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't Enough
NTXISSACSC4 - Artifacts Are for Archaeologists: Why Hunting Malware Isn't Enough
 
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...
Session 7.3 Implementing threat intelligence systems - Moving from chaos to s...
 
The Cyber Threat Intelligence Matrix
The Cyber Threat Intelligence MatrixThe Cyber Threat Intelligence Matrix
The Cyber Threat Intelligence Matrix
 
Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9
 
Threat Intelligence Workshop
Threat Intelligence WorkshopThreat Intelligence Workshop
Threat Intelligence Workshop
 
Threat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonThreat hunting - Every day is hunting season
Threat hunting - Every day is hunting season
 
Advantage Technology - Ransomware and the NIST Cybersecurity Framework
Advantage Technology - Ransomware and the NIST Cybersecurity FrameworkAdvantage Technology - Ransomware and the NIST Cybersecurity Framework
Advantage Technology - Ransomware and the NIST Cybersecurity Framework
 
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
 
Red team Engagement
Red team EngagementRed team Engagement
Red team Engagement
 
Why Risk Management is Impossible
Why Risk Management is ImpossibleWhy Risk Management is Impossible
Why Risk Management is Impossible
 
Threat Intelligence in Cyber Risk Programs
Threat Intelligence in Cyber Risk ProgramsThreat Intelligence in Cyber Risk Programs
Threat Intelligence in Cyber Risk Programs
 

Viewers also liked

Equity Types of Orders
Equity Types of OrdersEquity Types of Orders
Equity Types of Orders
flame2011
 
MOHSIN ALI New Doc.
MOHSIN ALI New Doc.MOHSIN ALI New Doc.
MOHSIN ALI New Doc.
Mohsin Ali
 
13.1.2 Line And Current
13.1.2 Line And Current13.1.2 Line And Current
13.1.2 Line And Current
Talia Carbis
 
Eparsons FST 160 Research Topic
Eparsons FST 160 Research TopicEparsons FST 160 Research Topic
Eparsons FST 160 Research Topic
Eric Parsons
 
黃老師 - 經驗分享 (18-2-2012)
黃老師 - 經驗分享 (18-2-2012)黃老師 - 經驗分享 (18-2-2012)
黃老師 - 經驗分享 (18-2-2012)
KBTNHKU
 

Viewers also liked (20)

Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Hacking techniques
Hacking techniquesHacking techniques
Hacking techniques
 
Quality Model By Riffat Ali
Quality Model By Riffat AliQuality Model By Riffat Ali
Quality Model By Riffat Ali
 
Equity Types of Orders
Equity Types of OrdersEquity Types of Orders
Equity Types of Orders
 
KM 4
KM 4KM 4
KM 4
 
MOHSIN ALI New Doc.
MOHSIN ALI New Doc.MOHSIN ALI New Doc.
MOHSIN ALI New Doc.
 
13.1.2 Line And Current
13.1.2 Line And Current13.1.2 Line And Current
13.1.2 Line And Current
 
Parts of speech
Parts of speechParts of speech
Parts of speech
 
Falco Resources - March 2016 investor presentation
Falco Resources - March 2016 investor presentationFalco Resources - March 2016 investor presentation
Falco Resources - March 2016 investor presentation
 
Classic Resume
Classic ResumeClassic Resume
Classic Resume
 
All weather furniture-Gooddegg
All weather furniture-GooddeggAll weather furniture-Gooddegg
All weather furniture-Gooddegg
 
Factsheet Passion Investment Club
Factsheet Passion Investment ClubFactsheet Passion Investment Club
Factsheet Passion Investment Club
 
PAPER VIEW 2012 sponsorship proposal
PAPER VIEW 2012 sponsorship proposalPAPER VIEW 2012 sponsorship proposal
PAPER VIEW 2012 sponsorship proposal
 
Eparsons FST 160 Research Topic
Eparsons FST 160 Research TopicEparsons FST 160 Research Topic
Eparsons FST 160 Research Topic
 
Hak Asasi Manusia (PKn)
Hak Asasi Manusia (PKn)Hak Asasi Manusia (PKn)
Hak Asasi Manusia (PKn)
 
Agentes geológicos 1516
Agentes geológicos 1516Agentes geológicos 1516
Agentes geológicos 1516
 
Aguaymanto
AguaymantoAguaymanto
Aguaymanto
 
Piaţa muncii 04
Piaţa muncii 04Piaţa muncii 04
Piaţa muncii 04
 
TES Teacher Recruitment Index - December 2015
TES Teacher Recruitment Index - December 2015TES Teacher Recruitment Index - December 2015
TES Teacher Recruitment Index - December 2015
 
黃老師 - 經驗分享 (18-2-2012)
黃老師 - 經驗分享 (18-2-2012)黃老師 - 經驗分享 (18-2-2012)
黃老師 - 經驗分享 (18-2-2012)
 

Similar to The Future of Hacking

Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...
Graeme Wood
 
Supersized Security Threats – Can You Stop 2016 from Repeating?
Supersized Security Threats – Can You Stop 2016 from Repeating?Supersized Security Threats – Can You Stop 2016 from Repeating?
Supersized Security Threats – Can You Stop 2016 from Repeating?
Valerie Lanzone
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRI
Zivaro Inc
 
Planning your 2015 Threat Detection Strategy with a Broken Crystal Ball
Planning your 2015 Threat Detection Strategy with a Broken Crystal BallPlanning your 2015 Threat Detection Strategy with a Broken Crystal Ball
Planning your 2015 Threat Detection Strategy with a Broken Crystal Ball
AlienVault
 
SOD-Presentation-Des-Moines-10.19.21-v2.pptx
SOD-Presentation-Des-Moines-10.19.21-v2.pptxSOD-Presentation-Des-Moines-10.19.21-v2.pptx
SOD-Presentation-Des-Moines-10.19.21-v2.pptx
TamaOlan1
 
Cybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan PerspectiveCybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan Perspective
Ivan Sang
 

Similar to The Future of Hacking (20)

Phishing Incident Response Playbook
Phishing Incident Response PlaybookPhishing Incident Response Playbook
Phishing Incident Response Playbook
 
Evidence-Based Security: The New Top Five Controls
Evidence-Based Security: The New Top Five ControlsEvidence-Based Security: The New Top Five Controls
Evidence-Based Security: The New Top Five Controls
 
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...
 
Supersized Security Threats – Can You Stop 2016 from Repeating?
Supersized Security Threats – Can You Stop 2016 from Repeating?Supersized Security Threats – Can You Stop 2016 from Repeating?
Supersized Security Threats – Can You Stop 2016 from Repeating?
 
MASC RMA Cyber presentation by Belton Zeigler
MASC RMA Cyber presentation by Belton ZeiglerMASC RMA Cyber presentation by Belton Zeigler
MASC RMA Cyber presentation by Belton Zeigler
 
Protecting Your Business from Cybercrime - Cybersecurity 101
Protecting Your Business from Cybercrime - Cybersecurity 101Protecting Your Business from Cybercrime - Cybersecurity 101
Protecting Your Business from Cybercrime - Cybersecurity 101
 
How to become Hackers .
How to become Hackers .How to become Hackers .
How to become Hackers .
 
How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017
How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017
How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017
 
Hackers Cracker Network Intruder
Hackers Cracker Network IntruderHackers Cracker Network Intruder
Hackers Cracker Network Intruder
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRI
 
Planning your 2015 Threat Detection Strategy with a Broken Crystal Ball
Planning your 2015 Threat Detection Strategy with a Broken Crystal BallPlanning your 2015 Threat Detection Strategy with a Broken Crystal Ball
Planning your 2015 Threat Detection Strategy with a Broken Crystal Ball
 
Have the Bad Guys Won the Cyber security War...
Have the Bad Guys Won the Cyber security War...Have the Bad Guys Won the Cyber security War...
Have the Bad Guys Won the Cyber security War...
 
Quant & Crypto Gold
Quant & Crypto GoldQuant & Crypto Gold
Quant & Crypto Gold
 
Using SurfWatch Labs' Threat Intelligence to Understand Dark Web Threats
Using SurfWatch Labs' Threat Intelligence to Understand Dark Web ThreatsUsing SurfWatch Labs' Threat Intelligence to Understand Dark Web Threats
Using SurfWatch Labs' Threat Intelligence to Understand Dark Web Threats
 
Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...
 
SOD-Presentation-Des-Moines-10.19.21-v2.pptx
SOD-Presentation-Des-Moines-10.19.21-v2.pptxSOD-Presentation-Des-Moines-10.19.21-v2.pptx
SOD-Presentation-Des-Moines-10.19.21-v2.pptx
 
Cyber War ( World War 3 )
Cyber War ( World War 3 )Cyber War ( World War 3 )
Cyber War ( World War 3 )
 
Website Security Threats - January 2014 Update
Website Security Threats - January 2014 Update Website Security Threats - January 2014 Update
Website Security Threats - January 2014 Update
 
Insights from 2016 Cyberthreat Defense Report
Insights from 2016 Cyberthreat Defense ReportInsights from 2016 Cyberthreat Defense Report
Insights from 2016 Cyberthreat Defense Report
 
Cybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan PerspectiveCybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan Perspective
 

The Future of Hacking

  • 1. The Future of Hacking A Review of the Economics, Motivations, Tools, and Techniques of Cyber Adversaries 5/7/2016 1Richard S. Smith
  • 2. Agenda • Battlefield Assessment • Hacking Economics • Components of a Hack • Hacker Traits • Social Motivators • Delivery and Transport • Likely Targets • Attack Tools • Hacking R&D 5/7/2016Richard S. Smith 2
  • 3. Battlefield Assessment • Statista reports over 781 breaches occurred in 2015 and 169 million sensitive records were exposed; a 97% increase from last year • Ponemon’s 2015 Cost of Data Breach Report, data breaches cost Financial companies $259 per user; second highest average cost per breach by industry • PwC’s, Global State of Information Security Survey 2015 reports the cost of global information security budgets decreased four percent when compared with 2013; security spending is stalled at four percent or less for the past five years 5/14/2016Richard S. Smith 3
  • 4. Hacking Economics Corporate costs of prevention are increasing while Hacker cost are decreasing. • Total cost to hackers for a successful attack decreased due to: o Less time to execute successful attacks o Improvement in hacker tools ($1,300 for sophisticated tools) o Decrease in the cost of computing power. • Conversely, annualized cost of breaches last year was $7.7M with a broad range $.3M to $65M • Financial Services and Energy breach costs are 67% greater (on average) than other industries 5/14/2016Richard S. Smith 4
  • 5. Components of a Hack • People • Motivators • Transport • Targets • Tools or Methods 5/7/2016Richard S. Smith 5 = PMT3
  • 6. Hacker Traits • Technical • Creative • Curious • Resourceful • Industrious • Impatient • Obsessive • Self-absorbed • Intellectual arrogance 5/14/2016Richard S. Smith 6 Destructiveness
  • 7. Social Motivators 5/14/2016Richard S. Smith 7 Casual Hacking Fun and Thrill Curiosity and Anonymity Notoriety Hacktivism or Moral Compass Sabotage or Retaliatory Property Destruction Cyber Terrorism Financial Gain Ransom Corporate Espionage Intelligence Gathering 51% 29% 19% 1%
  • 8. Delivery and Transport Delivery Vehicle • Spear-phishing email • Phone call (social engineering and voicemail hacks) • Reconnaissance or Scanning for unpatched devices in target network Transport Method • Cell phone • Internet Cafes • Home Network (utilize multiple hops for anonymity) 5/14/2016Richard S. Smith 8
  • 9. Likely Individual Targets 5/14/2016Richard S. Smith 9 30% 40% 8% 6% 16% IT Administrator Contractor Executive Assistant Executive Non-executive Employee
  • 10. Attack Tools (Methods) 5/14/2016Richard S. Smith 10 Attack Methods Probability Severity Expected Loss Malicious Code Moderate High High Denial of Service Moderate Moderate Moderate Phishing and Social Engineering Moderate Moderate Moderate Web-based attacks Moderate Moderate Moderate Malware High Low Low Virus, worms, trojans High Low Low Stolen devices Moderate Low Low Botnets Moderate Low Low Malicious insiders Low Low Low
  • 11. Hacking R&D 1. Bitcoin: Criminals will exponentially increase the use of Bitcoin to collect funds from criminal actions or as payment for new hacker tools 2. Social Media and Cloud Services: New attack vectors and platforms will emerge 3. Multi-vector DDoS Attacks: Use of Stressers/Booters will surpass traditional botnet attacks 4. Internet of Things: Increasing attacks on IoT devices (ATMs, planes, cars, smart home devices) will consume the news 5. Mobile attacks: Hackers will increasingly focus on malware affecting mobile devices and payment methods 6. Ransomware: Encryption will increasingly be used as a weapon against its victims 5/14/2016Richard S. Smith 11
  • 12. Malicious Code • Sophisticated malware borne from legacy malware specifically aimed at stealing banking credentials • Ransomware encrypts victim’s files and demands payment for decryption keys—all while using Bitcoin to transact payment • ATM-focused cyber attacks that do not require skimmers, but utilize malicious code that can be loaded directly to the terminal 5/14/2016Richard S. Smith 12 Hacking R&D
  • 13. Distributed Denial of Service • Stresser/booter-based botnets are the source of a vast majority of DDoS attacks • DDoS tools rely heavily upon reflection techniques to generate massive amounts of traffic • 56% of all DDoS attacks repeat targets • China is the top country sourcing DDoS attacks and the gamer industry is the most frequent target 5/14/2016Richard S. Smith 13 Hacking R&D
  • 14. Phishing and Social Engineering 5/14/2016Richard S. Smith 14 • In 2015, 90% of all phishing attacks were targeted at Financial Services • Spear-phishing remains the attack method of choice for APT actors • Gmail is used heavily as a drop point once usernames and passwords are stolen from a target • Social media is used to market and distribute phishing kits and related goods and services Hacking R&D
  • 15. Web-based Attacks • Tor, Darknet, and Bitcoin are used in concert to market and distribute exploits, like zero-days • Increase in zero-day web-based tools available on the Darknet black market • Hacker Toolkits provide configuration options to use different exploits • Ransomeware campaigns use zero-day attacks for high-probability attacks that hit a large number of users simultaneously 5/14/2016Richard S. Smith 15 Hacking R&D
  • 16. Tech for Slowing Down Advanced Attackers • Security intelligence or SIEM systems provide a significant ROI • Deploying encryption technologies (storage, middle-tier, and database) • Advanced perimeter controls such as UTM, NGFW, IPS with reputation feeds • Hiring expert security staff, including a CISO • Training your workforce to recognize attacks, especially spear-phishing • Apply controls to systems based on the risk and sensitivity of the data 5/14/2016Richard S. Smith 16
  • 17. Questions? “I'm a really good hacker, but I'm not a sensible person.” –Richard D. James (Aphex Twin) British electronic musician and composer 5/14/2016Richard S. Smith 17
  • 18. Sources • Ward, Peter. "The Future of Hacking: Your Planes, Trains and Automobiles Aren't Safe." Newsweek. N.p., 07 July 2015. Web. 23 Apr. 2016. • Press. "Thycotic Black Hat 2014." Thycotic Black Hat 2014 Hacker Survey Executive Report (2014): n. pag. Thycotic. Aug. 2014. Web. 23 Apr. 2016. • Kovaks, Eduard. "Ransomware: A Formidable Enterprise Threat | SecurityWeek.Com." Ransomware: A Formidable Enterprise Threat | SecurityWeek.Com. SecurityWeek, 30 Oct. 2015. Web. 23 Apr. 2016. • Hassell, Jonathan. "You've Been Hit with Ransomware. Now What?" CIO. CIO, 21 Apr. 2016. Web. 24 Apr. 2016. • Page, Jeremy. "4 Different Types of Attacks – Understanding the “Insider Threat”." 4 Different Types of Attacks. CloudTweaks, 19 Jan. 2015. Web. 25 Apr. 2016. 5/14/2016Richard S. Smith 18