Attacks can come in many forms like viruses, worms, trojans, spam, adware, malware and phishing. Hackers intentionally access computer resources without authorization. Denial-of-service attacks overload servers to deny users access. While early hackers were curious, today's criminals dominate attacks. On the horizon, cyberterrorism and cyberwarfare from governments could cause widespread damage. Security is primarily a management issue involving risk analysis and comprehensive protection across assets, access control, firewalls, intrusion detection/prevention systems, and host hardening through vulnerability testing.
Cyber security is important to protect electronic data and online services from criminal or unauthorized use. There are various security problems in the cyber field like cyber attacks, viruses, hackers, malware, and trojan horses. Some major cyber attacks in India include the Cosmos Bank attack, Aadhaar software hack, ATM system hack, and personal data breaches at companies like JustDial. To prevent cyber attacks, organizations should educate employees, keep software updated, perform security testing, and limit employee access to sensitive data. Careers in cyber security include roles like cyber security engineers, penetration testers, and security analysts.
The document discusses the Mirai botnet attacks of 2016 and subsequent variants. It provides details on:
1) The 2016 Mirai attack that took down major websites by exploiting vulnerabilities in IoT devices like IP cameras and routers.
2) How Mirai and other botnets work by compromising internet-connected devices into a botnet that can be used to launch DDoS attacks.
3) Updates on the evolution of Mirai variants that target new devices and architectures, incorporating more sophisticated techniques.
This document discusses cyber security and cyber crimes. It begins by explaining why we should be aware of cyber crimes given how connected the world is today through technology. It then provides a brief history of cyber crimes, defining cyber security as technologies and processes to protect computers and networks from unauthorized access. The document outlines some major cyber security problems like viruses, malware, trojan horses, password cracking, and hackers. It explains these threats and provides tips on cyber security best practices to prevent attacks and data theft. In conclusion, it emphasizes that cyber security is everyone's responsibility and outlines India's national cyber security strategy.
This document discusses cyber security. It defines cyber security as technologies and processes designed to protect computers, networks, and data from unauthorized access and attacks over the internet. The three core principles of cyber security are confidentiality, integrity, and availability. Several types of cyber attacks are described such as malware, phishing, and denial of service attacks. Major historical cyber attacks are outlined including the Morris Worm in 1988 and the Anthem hack in 2015 that breached 80 million records. Common attack patterns and measures to prevent cyber attacks like using complex passwords and encryption are also summarized.
Now a days ,our cyer is not secure.So, we need to know how we make our cyber secure from crime.In this file ,we are knowing that how we are secure from cyber crime and rebulotion of cyber security.
Cybercrime and its effects on personal life who uses internet vimal kumar arora
This document defines cyber crime and discusses its history, evolution, categories, types and prevention. Cyber crime involves using computers and the internet to steal data or commit other illegal acts. The summary defines it as crimes committed using computers as objects or subjects, then discusses how threats have evolved over time. Categories include computers as targets and weapons, while common types are hacking, viruses, phishing, vandalism, terrorism, piracy and fraud. Prevention methods like antivirus software, firewalls and secure online practices are recommended.
Threat hunting and achieving security maturityDNIF
The document discusses threat hunting techniques and achieving maturity in threat hunting programs. It introduces threat hunting and defines it as proactively searching networks to detect advanced threats. It then covers threat hunting maturity models ranging from initial to leading levels. Common threat hunting techniques like searching, clustering, grouping and stack counting are explained. The threat hunting loop process of creating hypotheses, investigating, uncovering patterns and informing analytics is also outlined. Finally, two practical threat hunting case studies on potential command and control activity and suspicious emails are described.
Attacks can come in many forms like viruses, worms, trojans, spam, adware, malware and phishing. Hackers intentionally access computer resources without authorization. Denial-of-service attacks overload servers to deny users access. While early hackers were curious, today's criminals dominate attacks. On the horizon, cyberterrorism and cyberwarfare from governments could cause widespread damage. Security is primarily a management issue involving risk analysis and comprehensive protection across assets, access control, firewalls, intrusion detection/prevention systems, and host hardening through vulnerability testing.
Cyber security is important to protect electronic data and online services from criminal or unauthorized use. There are various security problems in the cyber field like cyber attacks, viruses, hackers, malware, and trojan horses. Some major cyber attacks in India include the Cosmos Bank attack, Aadhaar software hack, ATM system hack, and personal data breaches at companies like JustDial. To prevent cyber attacks, organizations should educate employees, keep software updated, perform security testing, and limit employee access to sensitive data. Careers in cyber security include roles like cyber security engineers, penetration testers, and security analysts.
The document discusses the Mirai botnet attacks of 2016 and subsequent variants. It provides details on:
1) The 2016 Mirai attack that took down major websites by exploiting vulnerabilities in IoT devices like IP cameras and routers.
2) How Mirai and other botnets work by compromising internet-connected devices into a botnet that can be used to launch DDoS attacks.
3) Updates on the evolution of Mirai variants that target new devices and architectures, incorporating more sophisticated techniques.
This document discusses cyber security and cyber crimes. It begins by explaining why we should be aware of cyber crimes given how connected the world is today through technology. It then provides a brief history of cyber crimes, defining cyber security as technologies and processes to protect computers and networks from unauthorized access. The document outlines some major cyber security problems like viruses, malware, trojan horses, password cracking, and hackers. It explains these threats and provides tips on cyber security best practices to prevent attacks and data theft. In conclusion, it emphasizes that cyber security is everyone's responsibility and outlines India's national cyber security strategy.
This document discusses cyber security. It defines cyber security as technologies and processes designed to protect computers, networks, and data from unauthorized access and attacks over the internet. The three core principles of cyber security are confidentiality, integrity, and availability. Several types of cyber attacks are described such as malware, phishing, and denial of service attacks. Major historical cyber attacks are outlined including the Morris Worm in 1988 and the Anthem hack in 2015 that breached 80 million records. Common attack patterns and measures to prevent cyber attacks like using complex passwords and encryption are also summarized.
Now a days ,our cyer is not secure.So, we need to know how we make our cyber secure from crime.In this file ,we are knowing that how we are secure from cyber crime and rebulotion of cyber security.
Cybercrime and its effects on personal life who uses internet vimal kumar arora
This document defines cyber crime and discusses its history, evolution, categories, types and prevention. Cyber crime involves using computers and the internet to steal data or commit other illegal acts. The summary defines it as crimes committed using computers as objects or subjects, then discusses how threats have evolved over time. Categories include computers as targets and weapons, while common types are hacking, viruses, phishing, vandalism, terrorism, piracy and fraud. Prevention methods like antivirus software, firewalls and secure online practices are recommended.
Threat hunting and achieving security maturityDNIF
The document discusses threat hunting techniques and achieving maturity in threat hunting programs. It introduces threat hunting and defines it as proactively searching networks to detect advanced threats. It then covers threat hunting maturity models ranging from initial to leading levels. Common threat hunting techniques like searching, clustering, grouping and stack counting are explained. The threat hunting loop process of creating hypotheses, investigating, uncovering patterns and informing analytics is also outlined. Finally, two practical threat hunting case studies on potential command and control activity and suspicious emails are described.
Surviving A DDoS Attack: Securing CDN Traffic at CloudFlareCloudflare
The document discusses CloudFlare's ability to help customers survive distributed denial-of-service (DDoS) attacks. It provides details on major DDoS attacks against CloudFlare customers in 2013 and 2014 reaching up to 400 Gbps. It then describes how CloudFlare is able to mitigate these large-scale attacks through its global network of data centers and security mechanisms implemented at the network level.
This document discusses web application security tools. It provides information on OWASP top 10 vulnerabilities, including injection and cross-site scripting. Statistics are presented on the costs of web application attacks and how common they are. Popular open source security tools are described briefly, including ZAP for penetration testing, Acunetix for automated scanning, and Vega for validation of vulnerabilities like SQL injection and cross-site scripting.
The document discusses updates to the ATT&CK for ICS framework. It summarizes two recent incidents, the Colonial Pipeline ransomware attack and the Oldsmar water treatment plant hack, and highlights techniques used in each. It previews upcoming additions to ATT&CK for ICS in April 2022 and beyond, including new mapped mitigation objects, integration with other frameworks, mapping of ICS attacks to the enterprise ATT&CK, and the addition of detections for techniques. Future plans outlined include revisions to asset definitions based on ICS verticals and a blog series on technique sequences.
The document discusses ethical hacking. It defines ethical hackers as those who test systems and networks for vulnerabilities with authorization from the client. Ethical hackers follow guidelines such as maintaining confidentiality and not damaging systems. The document outlines the phases of hacking including reconnaissance, scanning, gaining access, and covering tracks. It emphasizes that ethical hacking is important for improving security when done properly.
This document summarizes a webinar on mitigating insider threats. The webinar discussed research findings that malicious insiders often exhibit concerning behaviors and personal issues prior to attacks. It emphasized establishing capable guardianship, protecting critical assets, and reducing motivations for malicious acts. The webinar also covered different types of insider crimes, profiles of attackers, mitigation strategies like access controls and monitoring, and building a formal insider threat program with cross-functional participation.
Malware refers to malicious software like viruses, worms, and trojans. Viruses propagate by infecting other programs and spread when an infected program is run. Worms propagate without human interaction by exploiting vulnerabilities. Trojans appear desirable but are malicious, and must be run by the user. Malware spreads through websites, email attachments, links, and removable media. Anti-malware software uses signatures and behavior analysis to detect and remove malware through scanning, detection, and removal.
The document discusses different types of hackers - white hat hackers who perform ethical hacking to test security, black hat hackers who hack with criminal intent to steal data or disrupt systems, and grey hat hackers whose activities fall between legal and illegal. It also covers common hacking techniques like password cracking and software hacking. The document provides tips for protecting systems, including using antivirus software, firewalls, and strong unique passwords, as well as hiring an ethical hacker to test security.
This document provides an introduction to ethical hacking. It defines information security and the CIA triad of confidentiality, integrity and availability. It discusses the difference between ethics and hacking, and defines ethical hacking as locating vulnerabilities with permission to prevent attacks. The document outlines the types of attackers and the typical steps attackers take including reconnaissance, scanning, gaining access, maintaining access, and covering tracks. It discusses the benefits of ethical hacking for organizations and some disadvantages. Finally, it provides examples of using Google to find security issues on websites.
Penetration testing reporting and methodologyRashad Aliyev
This paper covering information about Penetration testing methodology, standards reporting formats and comparing reports. Explained problem of Cyber Security experts when they making penetration tests. How they doing current presentations.
We will focus our work in penetration testing methodology reporting form and detailed information how to compare result and related work information.
The document provides information on information security awareness and basic training. It covers topics such as why information security is important, data classification, the 90/10 rule of security, phishing, email attachments, spam, passwords, malware, internet safety, public Wi-Fi, IoT devices, HTTPS, web content filtering, and search engine safety. The document provides tips and explanations for each topic to help improve user security practices.
Threat Intelligence 101 - Steve Lodin - SubmittedSteve Lodin
This document provides an overview of threat intelligence and how organizations can build threat intelligence programs. It discusses what threat intelligence is, why organizations should care about it, and how threat intelligence can be used for attack prevention, detection, forensics, and hunting. It also covers threat intelligence technologies, platforms, feeds, sharing approaches, and common challenges organizations may face when developing threat intelligence capabilities. The goal is to help organizations understand threat intelligence and evaluate their own maturity to incorporate these strategies.
This document defines hacking and discusses its history and types. It began in the 1960s at MIT and was done by early computer programmers out of curiosity. There are three main types of hackers - black hat hackers violate security for gain/malice, white hats exploit weaknesses ethically, and grey hats fall in between. Reasons for hacking include fun, status, stealing information, or destroying enemy networks. The document outlines various hacking techniques like website, network, password and computer hacking. It provides tips for securing data and accounts as well as discussing advantages like recovering lost information and disadvantages like harming privacy and illegality.
WFH Cybersecurity Basics Employees and Employers Dinesh O Bareja
Work from home (WFH) is the new normal. The covid19 pandemic, has thrown everyone, across the world into a struggle (and challenge) for survival. While we stand up to the challenge, we have to set our rules for WFH, with cybersecurity safeguards.
Hacking involves gaining unauthorized access to computer systems, which is illegal. There are different types of hackers, including white hats who help find security vulnerabilities, black hats who hack with malicious intent, and grey hats in between. Reasons for hacking include financial gain, showing off skills, or just for fun. Experts recommend using antivirus software, avoiding suspicious links and downloads, and keeping software updated to help prevent hacking.
This document provides a 12-point summary of tips for protecting educational records and maintaining cyber security compliance at Wilmington University. The tips include locking computers when stepped away from, destroying sensitive documents, using strong and unique passwords, not storing confidential documents in public clouds, and being wary of phishing attempts. Completing a quiz is required to receive credit for reviewing the cyber security training.
PowerPoint Presentation On Ethical Hacking in Brief (Simple)Shivam Sahu
PowerPoint Presentation On Ethical Hacking in Brief (Simple) Easy To Understand for all MCA BCA Btech Mtech and all Student who want a best powerpoint or seminar presentation on Ethical Hacking
Cybercrime has existed since 1820, beginning with the earliest forms of computers like the abacus. Common cybercrimes include hacking, child pornography, DOS attacks, virus dissemination, computer vandalism, cyberterrorism, software piracy, phishing, and credit card fraud. Cyber security aims to prevent, detect, and respond to online attacks by protecting sensitive personal and business information, defending against critical attacks, and allowing safe internet browsing and data processing through regular software updates. Improved hacker abilities, interconnected computers, advanced malware, and increased cyber warfare threaten online security going forward.
Cyber Security introduction. Cyber security definition. Vulnerabilities. Social engineering and human error. Financial cost of security breaches. Computer protection. The cyber security job market
The latest massive IoT DDoS attack from the Mirai botnet that took major websites like Twitter and Reddit offline for hours – has already gained notoriety as one of the worst DDoS strikes in history.
In this webinar Manish Rai & Ty Powers of Great Bay Software will help you understand exactly how the enterprise IoT landscape is changing, and what it means for the assumptions organizations have been making in regards to safeguarding against IoT cyberattacks. You will:
Gain insights into how the recent IoT-based DDoS attacks were launched
How similar attacks could be launched inside enterprise networks
How to safeguard against IoT device compromises
How to reduce your risk, whose job is it anyway?
Learn about what your peers are doing for IoT device security, relevant findings from the 2016 Great Bay Software IoT Security Survey
Watch this ondemand webinar with this link: https://go.greatbaysoftware.com/owb-safeguarding-against-iot-ddos-attacks
- With only 10 million Facebook connections mapped, researchers were able to build a map of the world, noting China and former Soviet countries were relatively "dark" due to social media restrictions.
- In Q3 2016, 23% of cyberattacks originated in North America and 50% in Asia, according to several security reports.
- Attackers have used the Mirai botnet to launch large DDoS attacks by hijacking internet-connected devices like security cameras and routers.
Surviving A DDoS Attack: Securing CDN Traffic at CloudFlareCloudflare
The document discusses CloudFlare's ability to help customers survive distributed denial-of-service (DDoS) attacks. It provides details on major DDoS attacks against CloudFlare customers in 2013 and 2014 reaching up to 400 Gbps. It then describes how CloudFlare is able to mitigate these large-scale attacks through its global network of data centers and security mechanisms implemented at the network level.
This document discusses web application security tools. It provides information on OWASP top 10 vulnerabilities, including injection and cross-site scripting. Statistics are presented on the costs of web application attacks and how common they are. Popular open source security tools are described briefly, including ZAP for penetration testing, Acunetix for automated scanning, and Vega for validation of vulnerabilities like SQL injection and cross-site scripting.
The document discusses updates to the ATT&CK for ICS framework. It summarizes two recent incidents, the Colonial Pipeline ransomware attack and the Oldsmar water treatment plant hack, and highlights techniques used in each. It previews upcoming additions to ATT&CK for ICS in April 2022 and beyond, including new mapped mitigation objects, integration with other frameworks, mapping of ICS attacks to the enterprise ATT&CK, and the addition of detections for techniques. Future plans outlined include revisions to asset definitions based on ICS verticals and a blog series on technique sequences.
The document discusses ethical hacking. It defines ethical hackers as those who test systems and networks for vulnerabilities with authorization from the client. Ethical hackers follow guidelines such as maintaining confidentiality and not damaging systems. The document outlines the phases of hacking including reconnaissance, scanning, gaining access, and covering tracks. It emphasizes that ethical hacking is important for improving security when done properly.
This document summarizes a webinar on mitigating insider threats. The webinar discussed research findings that malicious insiders often exhibit concerning behaviors and personal issues prior to attacks. It emphasized establishing capable guardianship, protecting critical assets, and reducing motivations for malicious acts. The webinar also covered different types of insider crimes, profiles of attackers, mitigation strategies like access controls and monitoring, and building a formal insider threat program with cross-functional participation.
Malware refers to malicious software like viruses, worms, and trojans. Viruses propagate by infecting other programs and spread when an infected program is run. Worms propagate without human interaction by exploiting vulnerabilities. Trojans appear desirable but are malicious, and must be run by the user. Malware spreads through websites, email attachments, links, and removable media. Anti-malware software uses signatures and behavior analysis to detect and remove malware through scanning, detection, and removal.
The document discusses different types of hackers - white hat hackers who perform ethical hacking to test security, black hat hackers who hack with criminal intent to steal data or disrupt systems, and grey hat hackers whose activities fall between legal and illegal. It also covers common hacking techniques like password cracking and software hacking. The document provides tips for protecting systems, including using antivirus software, firewalls, and strong unique passwords, as well as hiring an ethical hacker to test security.
This document provides an introduction to ethical hacking. It defines information security and the CIA triad of confidentiality, integrity and availability. It discusses the difference between ethics and hacking, and defines ethical hacking as locating vulnerabilities with permission to prevent attacks. The document outlines the types of attackers and the typical steps attackers take including reconnaissance, scanning, gaining access, maintaining access, and covering tracks. It discusses the benefits of ethical hacking for organizations and some disadvantages. Finally, it provides examples of using Google to find security issues on websites.
Penetration testing reporting and methodologyRashad Aliyev
This paper covering information about Penetration testing methodology, standards reporting formats and comparing reports. Explained problem of Cyber Security experts when they making penetration tests. How they doing current presentations.
We will focus our work in penetration testing methodology reporting form and detailed information how to compare result and related work information.
The document provides information on information security awareness and basic training. It covers topics such as why information security is important, data classification, the 90/10 rule of security, phishing, email attachments, spam, passwords, malware, internet safety, public Wi-Fi, IoT devices, HTTPS, web content filtering, and search engine safety. The document provides tips and explanations for each topic to help improve user security practices.
Threat Intelligence 101 - Steve Lodin - SubmittedSteve Lodin
This document provides an overview of threat intelligence and how organizations can build threat intelligence programs. It discusses what threat intelligence is, why organizations should care about it, and how threat intelligence can be used for attack prevention, detection, forensics, and hunting. It also covers threat intelligence technologies, platforms, feeds, sharing approaches, and common challenges organizations may face when developing threat intelligence capabilities. The goal is to help organizations understand threat intelligence and evaluate their own maturity to incorporate these strategies.
This document defines hacking and discusses its history and types. It began in the 1960s at MIT and was done by early computer programmers out of curiosity. There are three main types of hackers - black hat hackers violate security for gain/malice, white hats exploit weaknesses ethically, and grey hats fall in between. Reasons for hacking include fun, status, stealing information, or destroying enemy networks. The document outlines various hacking techniques like website, network, password and computer hacking. It provides tips for securing data and accounts as well as discussing advantages like recovering lost information and disadvantages like harming privacy and illegality.
WFH Cybersecurity Basics Employees and Employers Dinesh O Bareja
Work from home (WFH) is the new normal. The covid19 pandemic, has thrown everyone, across the world into a struggle (and challenge) for survival. While we stand up to the challenge, we have to set our rules for WFH, with cybersecurity safeguards.
Hacking involves gaining unauthorized access to computer systems, which is illegal. There are different types of hackers, including white hats who help find security vulnerabilities, black hats who hack with malicious intent, and grey hats in between. Reasons for hacking include financial gain, showing off skills, or just for fun. Experts recommend using antivirus software, avoiding suspicious links and downloads, and keeping software updated to help prevent hacking.
This document provides a 12-point summary of tips for protecting educational records and maintaining cyber security compliance at Wilmington University. The tips include locking computers when stepped away from, destroying sensitive documents, using strong and unique passwords, not storing confidential documents in public clouds, and being wary of phishing attempts. Completing a quiz is required to receive credit for reviewing the cyber security training.
PowerPoint Presentation On Ethical Hacking in Brief (Simple)Shivam Sahu
PowerPoint Presentation On Ethical Hacking in Brief (Simple) Easy To Understand for all MCA BCA Btech Mtech and all Student who want a best powerpoint or seminar presentation on Ethical Hacking
Cybercrime has existed since 1820, beginning with the earliest forms of computers like the abacus. Common cybercrimes include hacking, child pornography, DOS attacks, virus dissemination, computer vandalism, cyberterrorism, software piracy, phishing, and credit card fraud. Cyber security aims to prevent, detect, and respond to online attacks by protecting sensitive personal and business information, defending against critical attacks, and allowing safe internet browsing and data processing through regular software updates. Improved hacker abilities, interconnected computers, advanced malware, and increased cyber warfare threaten online security going forward.
Cyber Security introduction. Cyber security definition. Vulnerabilities. Social engineering and human error. Financial cost of security breaches. Computer protection. The cyber security job market
The latest massive IoT DDoS attack from the Mirai botnet that took major websites like Twitter and Reddit offline for hours – has already gained notoriety as one of the worst DDoS strikes in history.
In this webinar Manish Rai & Ty Powers of Great Bay Software will help you understand exactly how the enterprise IoT landscape is changing, and what it means for the assumptions organizations have been making in regards to safeguarding against IoT cyberattacks. You will:
Gain insights into how the recent IoT-based DDoS attacks were launched
How similar attacks could be launched inside enterprise networks
How to safeguard against IoT device compromises
How to reduce your risk, whose job is it anyway?
Learn about what your peers are doing for IoT device security, relevant findings from the 2016 Great Bay Software IoT Security Survey
Watch this ondemand webinar with this link: https://go.greatbaysoftware.com/owb-safeguarding-against-iot-ddos-attacks
- With only 10 million Facebook connections mapped, researchers were able to build a map of the world, noting China and former Soviet countries were relatively "dark" due to social media restrictions.
- In Q3 2016, 23% of cyberattacks originated in North America and 50% in Asia, according to several security reports.
- Attackers have used the Mirai botnet to launch large DDoS attacks by hijacking internet-connected devices like security cameras and routers.
This document discusses internet of things (IoT) security. It begins with an introduction of the speaker and their certifications. It then defines IoT as the networking of physical devices embedded with sensors. There will be over 8 billion connected devices in use in 2017. Cyber threats to IoT come from criminals, governments, and include DDoS attacks, botnets, and weak security perimeters. Recent vulnerabilities discussed include the massive 2016 DDoS attack from Mirai malware and over 65,000 unsecured IoT devices found online. Securing IoT involves addressing the top 10 risks identified by OWASP such as insecure interfaces, authentication, encryption, and software/firmware.
This document summarizes a virtual event about preventing DDoS attacks against credit unions. The event covers 5 types of DDoS attacks and discusses practical steps credit unions can take to prepare for and prevent attacks. Presenters from RedZone Technologies discuss reviewing a credit union's security portfolio, identifying gaps, and developing a long-term investment roadmap to strengthen defenses against DDoS and other cyber threats. The event provides an overview of vendor solutions that can help protect against different attack types and questions attendees should consider.
What are the top Cybersecurity priorities for state and local governments in ...PECB
Over the past year, we have seen a record-breaking number of cyberattacks in the form of ransomware hitting the public sector, phishing attempts to trick staff and numerous security incidents affecting all layers of government. So what’s on the minds of state and local government cybersecurity leaders in 2018? What are the top priority projects? As legacy computer equipment fails and as the new Internet of Things (IoT) devices show up on public sector networks, what projects are the top CISOs working on to address these security threats? Please join us for an engaging and thought-provoking conversation which includes top government security experts.
Main points covered:
• What are the top cyber threats?
• What are the highest priority government security projects?
• Is the security staffing shortages real, and what’s being done to attract and retain cyber talent?
• What keeps CISOs up at night moving forward towards 2020?
• What solutions hold the greatest promise for protecting data (including AI, machine-learning, new cloud protections and others)?
Presenters:
Our presenters for this webinar will be three very distinguished and recognized professionals. The first one is Daniel Lohrmann, who currently serves as the Chief Security Officer (CSO) and Chief Strategist for Security Mentor, Inc. He is an internationally recognized cybersecurity leader, technologist, keynote speaker and author. During his career, Dan has served global organizations in the public and private sectors in a variety of executive leadership capacities, receiving numerous national awards including CSO of the Year from SC Magazine, Public Official of the Year from Governing Magazine and Computerworld Magazine Premier 100 IT Leader.
The second presenter is Elayne Starkey, who is the Chief Security Officer in Delaware’s Department of Technology and Information (DTI), responsible for Delaware’s enterprise-wide cyber security, disaster recovery, and continuity of operations programs. She was honored as one of 10 Most Influential People in Government Information Security, a State Scoop 2017 Top Women in Technology, and has testified before the US Senate on cybersecurity.
Our third panelist is Michael Roling, who has been the Chief Information Security Officer for the Office of Administration, Information Technology Services Division for the State of Missouri since 2009. As CISO, he has transformed the security culture throughout government, introduced new processes and technologies that have enabled IT to swiftly and effectively respond to incidents, and has implemented various policies that have strengthened IT governance.
The document discusses security issues with Internet of Things (IoT) devices and the October 2016 distributed denial of service (DDoS) attack on Dyn that disrupted access to major websites. The attack exploited the lack of security in many IoT devices, using the Mirai botnet comprised of compromised devices like security cameras and routers. While the IoT promises economic benefits, the growing number of devices increases vulnerabilities, as most lack strong encryption, unique passwords, and ability to receive updates. Improving IoT security is imperative to realizing its full potential and avoiding more serious cyberattacks.
All The Things: Security, Privacy & Safety in a World of Connected DevicesJohn D. Johnson
Much of our technology today is connected to the Internet and communicating information about us, our homes and businesses, back to manufacturers in order to give us something of value in return. It is estimated that by 2025, there may be as many as 80 billion Internet of Things (IoT) devices connected to the Internet. As IoT becomes a normal part of our everyday lives, at home, on the road, and at the office, privacy, security and safety become paramount.
This presentation will set the stage: What is IoT? How is it used today? How will it be used in the future? IoT provides both opportunities and risk to society, and IoT devices need to be secured as this world of connected devices become critical to how society functions.
This document provides an introduction to a cybersecurity fundamentals course. It defines cybersecurity and identifies types of hackers and their motivations. The document outlines learning activities that will define cybersecurity, address vulnerabilities, discuss personal security and data breaches. It provides additional online resources on these topics for further reading.
The document discusses trends in botnet and DDoS attacks based on a survey of service providers and analysis from Arbor Networks. Some key points:
- The size and frequency of DDoS attacks is increasing, with the largest attack observed reaching 24 Gbps in 2007. On average, there were over 1,000 attacks per day from 2006-2007.
- TCP attacks are most common, followed by UDP floods and application attacks. DNS amplification attacks have increased but remain less prevalent.
- Botnets are the top concern for service providers. They are used for DDoS attacks, spam, and hosting malware. New botnets are becoming more targeted, encrypted, and distributed.
- There
This document provides an overview of technology, communications, and Japan. It discusses the evolution of technology and communications including the internet, mobile devices, IoT, big data, and cloud computing. It highlights trends like increased internet usage, growth of non-PC devices, rise of video streaming, and more. The document also briefly discusses Japan's economic history and current startup trends, as well as the speaker's background growing up in Greece and Japan.
The document discusses network security challenges in the era of third platform technologies such as mobile, social media, big data, cloud computing and the internet of things. It notes that the expanding attack surface from proliferation of devices, growth of cloud usage, and increased encrypted traffic renders traditional network security perimeters increasingly irrelevant. It outlines opportunities in security analytics, automation, and encryption to address issues like distributed denial of service attacks and application layer attacks in this new environment across public and private cloud platforms.
Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...Black Duck by Synopsys
The Black Duck blog and Open Source Insight become part of the Synopsys Software Integrity blog in early April. You’ll still get the latest open source security and license compliance news, insights, and opinions you’ve come to expect, plus the latest software security trends, news, tips, best practices, and thought leadership every week. Don’t delay, subscribe today! Now on to this week’s open source security and cybersecurity news.
AI: The New Player in Cybersecurity (Nov. 08, 2023)Takeshi Takahashi
These slides outline how AI is influencing cybersecurity.
Note that they were used in the keynote speech at the event "Defense and Security 2023" held in Thailand on November 8, 2023.
IETE mid-term symposium on digital forensics and information security : 23 M...anupriti
While anyone of us discusses cryptocurrency, we invariably hover around BITCOIN only , but as on date we have 2000+ cryptocurrencies in the world and the sad thing is CRYPTOCURRENCY CRIMES ARE RISING FAST undeterred.This presentation, given at the IETE mid term symposium on 23rd May 2020 ,brings a brief over view of how cryptocrimes work and what are the challenges around?
The document discusses the debate around privacy vs convenience with Internet of Things (IoT) technology. It notes that while IoT provides increased connectivity and efficiency, it also raises privacy concerns as more personal data is collected. The document explores issues like identity management, data usage and ownership, and calls for balancing privacy and convenience. It provides examples of approaches like self-sovereign identity that could allow more individual control over personal data and addresses both sides of the important debate around privacy and convenience with emerging technologies.
Welcome to the world of Internet of Things wherein a glut of devices are connected to the internet which emanates massive amounts of data. But we have many hoops to jump before we can claim that crown starting with a huge number of devices lacking unified platform with serious issues of security standards threating the very progress of IoT.
Owasp osint presentation - by adam nurudiniAdam Nurudini
Open-Source Intelligence (OSINT) is intelligence collected from public available sources
“Open” refers overt, public available sources (as opposed to covert sources)
Its not related to open-source software or public intelligence
This information comes from a variety of sources, including the social media pages of your company and staff. These can be a goldmine of information, revealing information such as the design of ID badges, layout of the buildings and software used on internal systems.
SSI: The Trillion Dollar Business OpportunitySSIMeetup
https://ssimeetup.org/ssi-trillion-dollar-business-opportunity-webinar-34/
This webinar, based on a panel of the same name held at Seattle Devcon in July 2019, will feature four experts from different areas of the digital identity industry explaining why they believe Self-Sovereign Identity (SSI) is one of the most significant applications of blockchain technology to enable all kind of new business model for the digital economy.
Panelists will include Chris Spanton, Principal Architect—Blockchain at T-Mobile; Vaughan Emery, CEO of Datafi Labs; and Drummond Reed, Chief Trust Officer at Evernym and a Trustee of the Sovrin Foundation.
The presentation of a public hearing of the European Parliament in Brussels, Belgium in 2018. Expert witness Lars Hilse was heard on the risks of cyber terrorism against critical infrastructure and public places.
Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...Andrew Morris
It’s not just you. The frequency of severe vulnerabilities in internet-facing enterprise software being massively exploited at scale has increased drastically. The amount of time between disclosure and exploitation of these vulnerabilities has been reduced to near-zero, leaving defenders with less time to react and respond. While combating internet-wide opportunistic exploitation is a sprawling and complex problem, there is both an art and a science to staying ahead of large exploitation events such as Log4J.
In this talk we will share insights and challenges from operating a huge, shifting, adaptive, distributed sensor network listening to internet background noise and opportunistic exploitation traffic over the past four years. We will give a blunt state of the universe on mass exploitation. We will share patterns and unexplainable phenomena we’ve experienced across billions of internet scans. And we will make recommendations to defenders for preparing for the next time the cyber hits the fan.
Similar to The Mirai Botnet and Massive DDoS Attacks of October 2016 (20)
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
"Choosing proper type of scaling", Olena SyrotaFwdays
Imagine an IoT processing system that is already quite mature and production-ready and for which client coverage is growing and scaling and performance aspects are life and death questions. The system has Redis, MongoDB, and stream processing based on ksqldb. In this talk, firstly, we will analyze scaling approaches and then select the proper ones for our system.
Taking AI to the Next Level in Manufacturing.pdfssuserfac0301
Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as:
1. How quickly AI is being implemented in manufacturing.
2. Which barriers stand in the way of AI adoption.
3. How data quality and governance form the backbone of AI.
4. Organizational processes and structures that may inhibit effective AI adoption.
6. Ideas and approaches to help build your organization's AI strategy.
The Microsoft 365 Migration Tutorial For Beginner.pptxoperationspcvita
This presentation will help you understand the power of Microsoft 365. However, we have mentioned every productivity app included in Office 365. Additionally, we have suggested the migration situation related to Office 365 and how we can help you.
You can also read: https://www.systoolsgroup.com/updates/office-365-tenant-to-tenant-migration-step-by-step-complete-guide/
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframePrecisely
Inconsistent user experience and siloed data, high costs, and changing customer expectations – Citizens Bank was experiencing these challenges while it was attempting to deliver a superior digital banking experience for its clients. Its core banking applications run on the mainframe and Citizens was using legacy utilities to get the critical mainframe data to feed customer-facing channels, like call centers, web, and mobile. Ultimately, this led to higher operating costs (MIPS), delayed response times, and longer time to market.
Ever-changing customer expectations demand more modern digital experiences, and the bank needed to find a solution that could provide real-time data to its customer channels with low latency and operating costs. Join this session to learn how Citizens is leveraging Precisely to replicate mainframe data to its customer channels and deliver on their “modern digital bank” experiences.
Generating privacy-protected synthetic data using Secludy and MilvusZilliz
During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.
In the realm of cybersecurity, offensive security practices act as a critical shield. By simulating real-world attacks in a controlled environment, these techniques expose vulnerabilities before malicious actors can exploit them. This proactive approach allows manufacturers to identify and fix weaknesses, significantly enhancing system security.
This presentation delves into the development of a system designed to mimic Galileo's Open Service signal using software-defined radio (SDR) technology. We'll begin with a foundational overview of both Global Navigation Satellite Systems (GNSS) and the intricacies of digital signal processing.
The presentation culminates in a live demonstration. We'll showcase the manipulation of Galileo's Open Service pilot signal, simulating an attack on various software and hardware systems. This practical demonstration serves to highlight the potential consequences of unaddressed vulnerabilities, emphasizing the importance of offensive security practices in safeguarding critical infrastructure.
HCL Notes and Domino License Cost Reduction in the World of DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor IvaniukFwdays
At this talk we will discuss DDoS protection tools and best practices, discuss network architectures and what AWS has to offer. Also, we will look into one of the largest DDoS attacks on Ukrainian infrastructure that happened in February 2022. We'll see, what techniques helped to keep the web resources available for Ukrainians and how AWS improved DDoS protection for all customers based on Ukraine experience
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving
Manufacturing custom quality metal nameplates and badges involves several standard operations. Processes include sheet prep, lithography, screening, coating, punch press and inspection. All decoration is completed in the flat sheet with adhesive and tooling operations following. The possibilities for creating unique durable nameplates are endless. How will you create your brand identity? We can help!
Monitoring and Managing Anomaly Detection on OpenShift.pdfTosin Akinosho
Monitoring and Managing Anomaly Detection on OpenShift
Overview
Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices.
Key Topics Covered
1. Introduction to Anomaly Detection
- Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems.
2. Understanding Edge (IoT)
- Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source.
3. What is ArgoCD?
- Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices.
4. Deployment Using ArgoCD for Edge Devices
- Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD.
5. Introduction to Apache Kafka and S3
- Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions.
6. Viewing Kafka Messages in the Data Lake
- Learn how to view and analyze Kafka messages stored in a data lake for better insights.
7. What is Prometheus?
- Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices.
8. Monitoring Application Metrics with Prometheus
- Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system.
9. What is Camel K?
- Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes.
10. Configuring Camel K Integrations for Data Pipelines
- Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow.
11. What is a Jupyter Notebook?
- Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text.
12. Jupyter Notebooks with Code Examples
- Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfChart Kalyan
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
How information systems are built or acquired puts information, which is what they should be about, in a secondary place. Our language adapted accordingly, and we no longer talk about information systems but applications. Applications evolved in a way to break data into diverse fragments, tightly coupled with applications and expensive to integrate. The result is technical debt, which is re-paid by taking even bigger "loans", resulting in an ever-increasing technical debt. Software engineering and procurement practices work in sync with market forces to maintain this trend. This talk demonstrates how natural this situation is. The question is: can something be done to reverse the trend?
The Mirai Botnet and Massive DDoS Attacks of October 2016
1. Mirai Botnet: How IoT Botnets Performed Massive
DDoS Attacks and Negatively Impacted Hundreds of
Thousands of Internet Businesses
and Millions of Users in October 2016
William Favre Slater, III, M.S. MBA, PMP, CISSP, CISA
Sr. Cybersecurity Consultant and Adjunct Professor, IIT School of Applied Technology
April 20, 2017 Mirai Botnet - William Favre Slater, III 1
2. Agenda
• Introduction
• WHY Is This important?
• Internet of Things – Size and Typical Devices
• What is a Botnet?
• DDoS Attacks
• Little Known Roots of the Mirai Botnet
• Pre-Attack Events
• What Did the Mirai Botnet Do in
October 2016?
• How Did Mirai Work?
• Post-Attack Events
• How Can an Organization Protect Against Mirai and other Botnet Attacks?
• Hajime! Some Recent “Good News”
• Conclusion
• Questions
• References
• Bio
April 20, 2017 Mirai Botnet - William Favre Slater, III 2
3. Introduction
• Mirai is the Japanese word for “The Future”
• The Mirai Botnet Attack of October 2016 used known security weaknesses in
tens of millions of Internet of Things (IoT) Devices to launch massive
Distributed Denial of Services Attacks against DYN, which is a major DNS
Service provider. The result was a notable performance degrades in tens of
thousands of businesses who rely heavily on the Internet, and millions of
users who used these services. A short time before the attack, the Mirai
Botnet code was shared on the Internet as it was placed into Open Source.
With the exponential rise of the population of IoT devices, what does the
Mirai Botnet attack mean for the future of Internet Security?
• This presentation will examine the implications of the Mirai Botnet code and
the explosion of IoT.
April 20, 2017 Mirai Botnet - William Favre Slater, III 3
4. WHY Is this Presentation Important??
• The Internet has been business critical since 1997
• The Internet, the World Wide Web, web applications, data, and
resources they represent are often considered by many to be critical
infrastructure
• Outages (any) can cost money, lost customers, and even brand
damage
• Everyone who uses the Internet in a business capacity should be
aware of the DDoS Threat that the Mirai Botnet and similar
programs represent
• The Internet of Things that plays a major role in this saga, continues
to grow exponentially in popularity and in capability
April 20, 2017 Mirai Botnet - William Favre Slater, III 4
5. April 20, 2017 Mirai Botnet - William Favre Slater, III 5
6. How Big is the “Internet of Things”?
April 20, 2017 6Mirai Botnet - William Favre Slater, III
7. Typical IoT Devices
• CCTV cameras
• DVRs
• Digital TVs
• Home routers
• Printers
• Alexa
• Security systems
• Garage doors
• Industrial systems
• Medical systems
• Home appliances
• Smart Utility Meters
• Cars
• Other stuff
April 20, 2017 7Mirai Botnet - William Favre Slater, III
8. Often “Internet of Things” Devices and Typically Cell
Phones are Accessing the Internet Via IPv6
April 20, 2017 Mirai Botnet - William Favre Slater, III 8
9. Comparing IPv4 and IPv6
9April 20, 2017 Mirai Botnet - William Favre Slater, III
10. What is a Botnet?
• A botnet is a number of Internet-
connected devices used by a botnet
owner to perform various tasks. Botnets
can be used to perform Distributed
Denial Of Service Attack, steal data,
send spam, allow the attacker access to
the device and its connection. The
owner can control the botnet using
command and control (C&C) software.
The word botnet is a combination of
the words robot and network. The term
is usually used with a negative or
malicious connotation.
• Botnets have been around since 2004.
• Attacker machines are usually running
the Linux operating system.
Sources:
Wikipedia https://en.wikipedia.org/wiki/Botnet
Cheng, G. (2005) . http://www.giac.org/paper/gcih/229/analysis-ddos-tool-stacheldraht-v1666/102150
Stachledraht
DDoS Attack
April 20, 2017 Mirai Botnet - William Favre Slater, III 10
12. DDoS Attacks
Source:
AWS Best Practices for DDoS Resiliency
https://d0.awsstatic.com/whitepapers/Security/DDoS_White_Paper.pdf
April 20, 2017 Mirai Botnet - William Favre Slater, III 12
DoS Attack DDoS Attacks
13. Types of DDoS Attacks
• HTTP Floods
• DNS Query Floods
• SSL Abuse
• TCP SYN Floods
• TCP ACK Floods
• TCP NULL Floods
• Stream Flood
• UDP Flood
• UDP Reflection
• Smurf Attack
• ICMP PING Floods
• GRE IP Floods
• GRE ETH Floods
Sources:
AWS Best Practices for DDoS Resiliency
https://d0.awsstatic.com/whitepapers/Security/DDoS_White_Paper.pdf
Cheng, G. (2005). http://www.giac.org/paper/gcih/229/analysis-ddos-tool-stacheldraht-
v1666/102150
Herzberg, B., Bekerman, D., and Zeifman, I
https://www.incapsula.com/blog/malware-analysis-mirai-ddos-botnet.html.
The Mirai Botnet infected and
harnessed millions of IoT Devices to
attack 17 DYN DNS Provider Data
Centers and impair their ability to
resolve DNS requests.
Mirai is designed and was
implemented to employ SEVERAL of
these DDoS attack methods.
April 20, 2017 Mirai Botnet - William Favre Slater, III 13
14. Types of DDoS Attacks
Source:
AWS Best Practices for DDoS Resiliency
https://d0.awsstatic.com/whitepapers/Security/DDoS_White_Paper.pdf
April 20, 2017 Mirai Botnet - William Favre Slater, III 14
15. DDoS Attack Costs
Money, Time and Risk Brand Damage
Source:
Kaspersky
April 20, 2017 Mirai Botnet - William Favre Slater, III 15
16. Little-Known Roots
of the Mirai Botnet
• The 2012 Carna Botnet Census exploited over public-facing 420,000 IPv4 devices that
had no passwords or weak passwords
• Of the 4.3 billion possible IPv4 addresses, Carna Botnet found a total of 1.3 billion
addresses in use, including 141 million that were behind a firewall and 729 million that
returned reverse domain name system records. The remaining 2.3 billion IPv4 addresses
are probably not used. [Wikipedia]
• The website at http://internetcensus2012.github.io/InternetCensus2012/paper.html
shows the paper written which describes the methods used and data collected
• The author admitted in his paper that he enjoyed the “feeling of power” being able to
simultaneously control over 400,000 devices from a single desktop.
• Over 4 TB of device data and IP addresses were collected
• This data remains a standard for “check up” to ensure that administrators have no public
facing insecure devices
• The author, who remains a secret, could face prosecution in every country that has
applicable network intrusion laws
April 20, 2017 Mirai Botnet - William Favre Slater, III 16
17. Source:
Carna Botnet Census of 2012
http://census2012.sourceforge.net/paper.html
April 20, 2017 Mirai Botnet - William Favre Slater, III 17
18. Little Known Roots
of the Mirai Botnet
Source:
https://web.archive.org/web/20130324015330/htt
p://gawker.com:80/5991667/this-illegally-made-
incredibly-mesmerizing-animated-gif-is-what-the-
internet-looks-like
April 20, 2017 Mirai Botnet - William Favre Slater, III 18
19. Pre-Attack Events
• August 2016 - Bruce Schneier predicts, based on his
research and observations that a DDoS attack or
series of attacks would take down the Internet
• September 2016 - Brian Krebs’ website and his
Provider were hit with DDoS attacks at about 665 Gbs
• October 2016 - Mirai Source Code placed in Open
Source
April 20, 2017 Mirai Botnet - William Favre Slater, III 19
20. DDoS Attack Prediction
in September 2016 by Bruce Schneier
• Someone Is Learning How to Take Down the Internet - by Bruce Schneier, Excerpt:
“What can we do about this? Nothing, really. We don't know where the attacks
come from. The data I see suggests China, an assessment shared by the people I
spoke with. On the other hand, it's possible to disguise the country of origin for
these sorts of attacks. The NSA, which has more surveillance in the Internet
backbone than everyone else combined, probably has a better idea, but unless
the US decides to make an international incident over this, we won't see any
attribution. But this is happening. And people should know.”
– https://www.schneier.com/blog/archives/2016/09/someone_is_lear.html
Bruce Schneier
Note: When Dr. Bruce Schneier says something, I believe it.
He is one of the greatest Cybersecurity Researchers and
Writers in the World.
April 20, 2017 Mirai Botnet - William Favre Slater, III 20
21. The Security Economics of
Internet of Things (IoT)
Sources: https://www.schneier.com/blog/archives/2016/10/security_econom_1.html
Excellent
Commentary about
IoT, Economics,
And Security by
Internationally known
Security writer and
Researcher,
Dr. Bruce Schneier
Bruce Schneier
April 20, 2017 Mirai Botnet - William Favre Slater, III 21
22. DDoS Attack on Brian Krebs’ Website
• KrebsOnSecurity Hit With Record DDoS
– https://krebsonsecurity.com/2016/09/krebsonsecurity-hit-with-record-ddos/
• DDoS attack takes down Brian Krebs' site - www.krebsonsecurity.com . At 665 Gbps of traffic it was the
largest DDoS Attack in Internet History - Attack was so powerful that Akamai threw up its hands
– http://www.csoonline.com/article/3123785/security/largest-ddos-attack-ever-delivered-by-botnet-of-hijacked-iot-devices.html
• Will IoT folks learn from DDoS attack on Krebs’ Web site?
– http://www.csoonline.com/article/3124436/security/will-iot-folks-learn-from-ddos-attack-on-krebs-web-site.html
• Someone, whom he subsequently spent months working to track down, had seized control of
hundreds of thousands of internet-connected devices, including home routers, video cameras,
DVRs, and printers, to create a botnet, a sort of digital zombie army.
– https://hub.jhu.edu/magazine/2017/spring/internet-personal-cyberattacks/
Brian Krebs
Note: When Brian Krebs, of www.krebsonsecurity.com
writes about Cybersecurity, and then gets hit with the
Internet’s largest DDoS attack ever, it gets everyone’s
attention, especially Cybersecurity Researchers.
April 20, 2017 Mirai Botnet - William Favre Slater, III 22
23. WHAT DID THE MIRAI BOTNET
DO IN OCTOBER 2016?
April 20, 2017 Mirai Botnet - William Favre Slater, III 23
24. DDoS Attacks of October 21, 2016
The Internet
didn’t
“break” on
October 21,
2016, but the
attackers who
launched the
DDoS attacks
against Dyn
exploited a
known DNS
Weakness that
negatively
impacted MANY
Internet-related
businesses and
millions of
users.
Screenshots from:
http://downdetector.com/
Hint: A GREAT Resource!
April 20, 2017 Mirai Botnet - William Favre Slater, III 24
25. DDoS Attacks of October 21, 2016 –
The Major Internet-Related Businesses Affected
April 20, 2017 Mirai Botnet - William Favre Slater, III 25
26. DDoS Attacks of October 21, 2016
The Internet
didn’t
“break” on
October 21,
2016, but the
attackers who
launched the
DDoS attacks
against Dyn
exploited a
known DNS
Weakness that
negatively
impacted MANY
Internet-related
businesses and
millions of
users.
Note:
Oracle bought DYN in November 2016
Source:
https://www.wired.com/2016/11/ora
cle-just-bought-dyn-company-
brought-internet/
April 20, 2017 Mirai Botnet - William Favre Slater, III 26
27. DDoS Attacks of October 21, 2016
The Internet
didn’t
“break” on
October 21,
2016, but the
attackers who
launched the
DDoS attacks
against Dyn
exploited a
known DNS
Weakness that
negatively
impacted MANY
Internet-related
businesses and
millions of
users.
Note:
Oracle bought DYN in November 2016
Source: https://www.wired.com/2016/11/oracle-just-
bought-dyn-company-brought-internet/
April 20, 2017 Mirai Botnet - William Favre Slater, III 27
28. How Did Mirai Work?
DDoS Attacks of October 21, 2016
April 20, 2017 Mirai Botnet - William Favre Slater, III 28
29. How Did Mirai Work?
DDoS Attacks of October 21, 2016
Infected IoT
Devices:
1) Launch DDoS
Attacks
2) Report data to
C2 Servers
3) Infect other IoT
Devices
April 20, 2017 Mirai Botnet - William Favre Slater, III 29
30. How Did Mirai Work?
DDoS Attacks of October 21, 2016
• The Mirai Internet of Things (IoT) botnet has been using STOMP
(Simple Text Oriented Messaging Protocol) floods to hit targets, a
protocol that isn’t normally associated with distributed denial of
service (DDoS) attacks.
• Mirai has been responsible for taking major websites offline for
many users by targeting the Dyn DNS service, in addition to hosting
firm OVH in attacks that surpassed 1.2 Tbps (terabits per second).
Mirai was also in an attack against Brian Krebs’ blog in a 665 Gbps+
(gigabits per second) assault. The botnet uses various attack vectors
to power these massive attacks, including STOMP floods.
Source:
http://www.securityweek.com/mirai-used-stomp-floods-recent-ddos-attacks
April 20, 2017 Mirai Botnet - William Favre Slater, III 30
31. Mirai’s Purposes and
Some Source Code
Analysis
Source:
https://www.incapsula.com/blog/malware-analysis-mirai-ddos-botnet.html
April 20, 2017 Mirai Botnet - William Favre Slater, III 31
32. Mirai’s “Don’t Mess
With” List and a look
at the Coder’s
Psyche
Source:
https://www.incapsula.com/blog/malware-analysis-mirai-ddos-botnet.html
April 20, 2017 Mirai Botnet - William Favre Slater, III 32
33. Where were the Mirai Botnet Attacks Coming
From on October 21, 2016?
Source:
https://www.incapsula.com/blog/malware-analysis-mirai-ddos-botnet.html
April 20, 2017 Mirai Botnet - William Favre Slater, III 33
34. Post-Attack Events
• October 2016 - Twitter Account to Monitor Mirai in Real-Time
• November 2016 - Chinese claim Mirai Botnet attack hit Chinese-
made IoT Devices, especially CCTVs
• November 2016 - DHS published guideline documents for
implementing Secure IoT devices
• Windows Mirai botnet variant identified in 2017
– The Windows variant of the infamous Mirai Linux botnet is the offspring of a more
experienced bot herder, possibly of Chinese origin, Kaspersky Lab security researchers warn.
– Recently detailed by Doctor Web, its main functionality is to spread the Mirai botnet to
embedded Linux-based devices. The malware also abuses Windows Management
Instrumentation (WMI) to execute commands on remote hosts, and targets Microsoft SQL
Server and MySQL servers to create admin accounts and abuse their privileges.
April 20, 2017 Mirai Botnet - William Favre Slater, III 34
36. The Basics:
How to Protect our IoT Devices Against Mirai and
Other Botnet Attacks
• Change Your Password. This is not only good advice for those of us who shop online or who have
been notified that the e-commerce site we recently shopped on has been breached, but likewise for
IoT devices. In fact, according to this report, these better credentials can be used to provide a bulwark
against botnet attacks like Mirai by substituting the hard-coded username and password with ones
that are unique to your organization and not, of course, easily guessed.
• Turn them off. For currently deployed IoT devices, turn them off when not in use. If the Mirai botnet
does infect a device, the password must be reset and the system rebooted to get rid of it.
• Disable all remote access to them. To protect devices from Mirai and other botnets, users should not
only shield TCP/23 and TCP/2323 access to those devices, but also to disable all remote (WAN) access
to them.
• Research Your Purchase. Before you even buy a product, research what you are buying and make sure
that you know how to update any software associated with the device. Look for devices, systems, and
services that make it easy to update the device and inform the end user when updates are available.
• Use It or Lose It. Once the product is in your office, turn off the functions you’re are not using. Enabled
functionality usually comes with increased security risks. Again, make sure you review that before you
even bring the product into the workplace. If it’s already there, don’t be shy about calling customer
service and walking through the steps needed to shut down any unused functions.
April 20, 2017 Mirai Botnet - William Favre Slater, III 36
Source:
https://www.pwnieexpress.com/blog/mirai-botnet-part-2
37. How Can an Organization Protect Against
Mirai and Other Botnet Attacks?
• Take this seriously
• Read up on the DHS Principles on Securing IoT
• Learn about IPv6 – it’s a BIG Deal
(http://ipv6.he.net)
• Actively design, engineer, and implement
security, from the beginning, not after the fact
• Set or Change the default passwords on IoT
• Have an alternate DNS provider
• Add DDoS attack scenarios into your Incident
Management and Response Plans
• Use DDoS scenarios in your Exercises
• Simulate DDoS attacks on your digital
infrastructure to stress-test, evaluate, and
continually improve your digital infrastructure
April 20, 2017 Mirai Botnet - William Favre Slater, III 37
38. More Recommendations to Protect
Against Mirai and Other Botnet Attacks
• The IoT threat is a serious one but one that can be simply resolved.
While it’s almost impossible to educate everyone on how to change
their user name and passwords on these devices, it is possible for
manufacturers to incorporate security features into the design and
production of these devices, in particular security telnet
communication and its associated ports. Default passwords must be
random and users should be advised with simple instructions on how
to change them.
• We also recommend home users take these four steps to better
prepare:
– Stay current – Update firmware and software regularly
– Authentication – Use unique credentials for each device
– Configuration – Close unnecessary ports and disable unnecessary
services
– Segment – Create separate network zones for your IoT systems
Source:
https://blog.radware.com/security/2017/03/expansion-iot-since-mirai/
April 20, 2017 Mirai Botnet - William Favre Slater, III 38
39. Read: DHS Strategic Principles for
Securing Internet of Things
Source:
https://www.dhs.gov/sites/default/files/publications/Strategic_Principle
s_for_Securing_the_Internet_of_Things-2016-1115-FINAL_v2-dg11.pdf
Published about 25
days AFTER the Mirai
Botnet attack…
April 20, 2017 Mirai Botnet - William Favre Slater, III 39
40. Read: DHS Strategic Principles for
Securing Internet of Things
Source: DHS IoT Factsheet
https://www.dhs.gov/sites/default/files/publicati
ons/IOT%20fact%20sheet_11162016.pdf
Published about 25 days
AFTER the Mirai Botnet
attack…
April 20, 2017 Mirai Botnet - William Favre Slater, III 40
41. The Mirai Botnet Five Takeaways
1. Not just one attack
2. The attack was sophisticated
3. IoT is to blame
4. This isn't the end
5. The IoT industry needs stricter standards
Source:
http://www.techrepublic.com/article/dyn-ddos-attack-5-takeaways-on-what-we-know-and-why-it-matters/
April 20, 2017 Mirai Botnet - William Favre Slater, III 41
42. April 20, 2017 Mirai Botnet - William Favre Slater, III 42
Source: Kaspersky
https://www.pwnieexpress.com/blog/mirai-botnet-part-2
43. HAJIME!
Some Recent “Good News”
A new, more powerful IoT decentralized worm, Hajime, is spreading faster and more effectively than Mirai.
Hajime is a Japanese word for “Begin!” or “Beginning”
First identified and analyzed, and written up in October 2016 by Sam Edwards and Ioannis Profetis of Rapidity
Networks Security Research Group
Later announced April 18, 2017 by Symantec
Written in C
Platforms: ARMv5, ARMv7, Intel x86-64, MIPS (little endian)
Brute force authentication
Spreads independently via Peer-to-Peer, without using C2
Infects mostly DVRs and CCTV devices
Once in control of a target it several blocks ports used by its rival, Mirai
Only scans about 86% of the IPv4 address space
Mostly in Asia, Russia, Brazil and Argentina
Writes benign message “Stay Sharp”
Thought to be from a “White Hat”, Vigilante Hacker, who prefers English
Thought to be competing against Mirai
Cautionary Note: Like Mirai, still breaking the Law and if Hajime or its variants turn “evil” it could be worse than
Mirai.
Sources:
http://news.softpedia.com/news/hajime-iot-worm-considerably-more-sophisticated-than-mirai-509423.shtml
http://linkis.com/www.cio.co.nz/articl/2dpeg
https://nakedsecurity.sophos.com/2017/04/20/the-iot-malware-that-plays-cat-and-mouse-with-mirai
https://security.rapiditynetworks.com/publications/2016-10-16/hajime.pdf Technical Analysis Report by Edwards & Profetis
April 20, 2017 Mirai Botnet - William Favre Slater, III 43
Actual Hajime IoT Worm Message
44. Top 10 Countries with Hajime Infections
Sources:
http://news.softpedia.com/news/hajime-iot-worm-considerably-more-sophisticated-than-mirai-509423.shtml
http://linkis.com/www.cio.co.nz/articl/2dpeg
https://security.rapiditynetworks.com/publications/2016-10-16/hajime.pdf Technical Report by Edwards & Profetis
April 20, 2017 Mirai Botnet - William Favre Slater, III 44
45. Conclusion
• The Mirai Botnet made history because of its size, power, bandwidth
consumption, and impact the Internet-based businesses and people
connected to the Internet.
• Because Mirai and Hajime source code have been shared as Open Source
on the web, they are being studied and they are evolving.
• The rapid evolution and spread of IoT Devices provides Mirai and Hajime
and its variants an ever-expanding target-rich environment
• The more people and organizations pay attention to the Mirai Botnet code
and how to survive DDoS attacks, the better off we will be as an Internet-
connected Society.
• Remember that presently, Hajime is P2P and power powerful than Mirai
• Remember that CIA (Confidentiality, Integrity, and Availability) are the
simplest principles of Security, and that Mirai and DDoS attacks can and will
reduce the Availability of your digital infrastructure.
April 20, 2017 Mirai Botnet - William Favre Slater, III 45
47. References
• Amazon. (2006). AWS Best Practices for DDoS Resiliency. Retrieved on April 3, 2017 from
https://d0.awsstatic.com/whitepapers/Security/DDoS_White_Paper.pdf .
• Arghire, I. (2016). Mirai Switches to Tor Domains to Improve Resilience. Published December 19, 2016 at SecurityWeek. Retrieved on
March 29, 2017 from http://www.securityweek.com/mirai-switches-tor-domains-improve-resilience .
• Arghire, I. (2016). Mirai Used STOMP Floods in Recent DDoS Attacks. Published November 17, 2016 at SecurityWeek. Retrieved on
March 29, 2017 from http://www.securityweek.com/mirai-used-stomp-floods-recent-ddos-attacks .
• Arghire, I. (2016). This Web-based Tool Checks if Your Network Is Exposed to Mirai. Published November 24, 2016 at SecurityWeek.
Retrieved on March 29, 2017 from http://www.securityweek.com/web-based-tool-checks-if-your-network-exposed-mirai .
• Arghire, I. (2017). Mirai for Windows Built by Experienced Bot Herder: Kaspersky. Published February 21, 2017 at SecurityWeek.
Retrieved on March 29, 2017 from http://www.securityweek.com/mirai-windows-built-experienced-bot-herder-kaspersky .
• Arghire, I. (2017). New Variant of Infamous IoT Botnet Launches Attack Against Network of U.S. College. Published March 29, 2017 at
SecurityWeek. Retrieved on March 29, 2017 from http://www.securityweek.com/new-mirai-variant-unleashes-54-hour-ddos-attack .
• Arghire, I. (2017). Windows Trojan Spreads Mirai to Linux Devices. Published February 10, 2017 at SecurityWeek. Retrieved on March
29, 2017 from http://www.securityweek.com/windows-trojan-spreads-mirai-linux-devices .
• Cheng, G. (2015). Analysis on DDOS tool Stacheldraht v1.666. a GIAC paper published by the SANS Institute. Retrieved on April 8,
2017 from http://www.giac.org/paper/gcih/229/analysis-ddos-tool-stacheldraht-v1666/102150 .
• Cimpanu, C. (2017). Hajime IoT Worm Considerably More Sophisticated than Mirai. Published at Softpedia.com on April 18, 2017.
Retrieved on April 20, 2017 from http://news.softpedia.com/news/hajime-iot-worm-considerably-more-sophisticated-than-mirai-
509423.shtml .
• DHS. (2016) Strategic Principles for Securing the Internet of Things. Published by DHS on November 15, 2016. Retrieved on March 29,
2017 from https://www.dhs.gov/sites/default/files/publications/Strategic_Principles_for_Securing_the_Internet_of_Things-2016-
1115-FINAL....pdf
• DHS. (2016) Strategic Principles for Securing the Internet of Things. Published by DHS on November 15, 2016. Retrieved on March 29,
2017 from https://www.dhs.gov/sites/default/files/publications/IOT%20fact%20sheet_11162016.pdf .
April 20, 2017 Mirai Botnet - William Favre Slater, III 47
48. References
• Dishon, R. (2017). Bad bots, bad bots, whatcha gonna do. Published at ESET on March 17, 2017. Retrieved on March 30, 2017 from
https://www.eset.com/us/about/newsroom/corporate-blog/bad-bots-bad-bots-whatcha-gonna-do/.
• Edwards, S., and Profetis, I. (2016). Hajime: An Analysis of a Decentralized Worm for IoT Devices. Published October 16, 2016 by Rapidity
Networks Security Research Group. Retrieved on April 20, 2017 from https://security.rapiditynetworks.com/publications/2016-10-
16/hajime.pdf .
• Finley, K. (2016). Oracle Just Bought Dyn, the Company That Brought Down the Internet. Published at Wired.com on November 21, 2016.
Retrieved on April 14, 2017 from https://www.wired.com/2016/11/oracle-just-bought-dyn-company-brought-internet/.
• Gallagher, S. (2016). How one rent-a-botnet army of cameras, DVRs caused Internet chaos. Published at ArsTechnica.com on October 25,
2016. Retrieved on April 12, 2017 from https://arstechnica.com/information-technology/2016/10/inside-the-machine-uprising-how-
cameras-dvrs-took-down-parts-of-the-internet/.
• Forrest, C. (2016). Dyn DDoS attack: 5 takeaways on what we know and why it matters. An article published at TechRepublic on October 24,
2016. Retrieved on October 25, 2017 from http://www.techrepublic.com/article/dyn-ddos-attack-5-takeaways-on-what-we-know-and-
why-it-matters/ .
• Henriques. N. (2017). Hacker Who Knocked Million Routers Offline Using MIRAI Arrested at London Airport. Retrieved on February 24,
2017 from https://www.linkedin.com/pulse/hacker-who-knocked-million-routers-offline-using-mirai-nuno-henriques
• Herzberg, B., Bekerman, D., and Zeifman, I. (2016). Breaking Down Mirai: An IoT DDoS Botnet Analysis. Published at Incapsula on October
26, 2016. Retrieved on April 8, 2017 from https://www.incapsula.com/blog/malware-analysis-mirai-ddos-botnet.html.
• Kan, M. (2017). A vigilante hacker may have built a computer worm to protect the IoT. Published at CIO.com on April 20, 2017. Retrieved
on April 20, 2017 from http://linkis.com/www.cio.co.nz/articl/2dpeg .
• Kovacs, E. (2016). German ISP Confirms Malware Attacks Caused Disruptions: Users Around the World Vulnerable to Attacks on Port 7547.
Published November 29, 2016 at SecurityWeek. Retrieved on March 29, 2017 from http://www.securityweek.com/german-isp-confirms-
malware-attacks-caused-disruptions .
• Kovacs, E. (2016). Hacker Releases Source Code of IoT Malware Mirai. Published October 3, 2016 at SecurityWeek. Retrieved on March 29,
2017 from http://www.securityweek.com/hacker-releases-source-code-iot-malware-mirai .
April 20, 2017 Mirai Botnet - William Favre Slater, III 48
49. References
• Kovacs, E. (2016). Over 500,000 IoT Devices Vulnerable to Mirai Botnet. Published October 7, 2016 at SecurityWeek. Retrieved on March
29, 2017 from http://www.securityweek.com/over-500000-iot-devices-vulnerable-mirai-botnet .
• Lipman, P. (2017). The Cybersecurity Industry Is Failing: Time to Get Smart About 'Dumb' Homes. Published at Newsweek.com, on March
23, 2017. Retrieved on April 12, 2017 from http://www.newsweek.com/cybersecurity-industry-failed-threat-572949.
• McLaughlin, J. (2017). The Internet of Bad Things. Published in the Sping 2017 issue of Johns Hopkins Magaine on the Web. Retrieved on
March 28, 2017 from https://hub.jhu.edu/magazine/2017/spring/internet-personal-cyberattacks .
• Phys.org. (2016). Disgruntled gamer 'likely' behind October US hacking: expert. Published at Phys.org on November 16, 2016. Retrieved
on March 29, 2017 from https://phys.org/news/2016-11-disgruntled-gamer-october-hacking-expert.html .
• Newman, L.H. (2016). The Botnet That Broke the Internet Isn’t Going Away. Published at Wired.com on December 9, 2016. Retrieved on
April 12, 2017 from https://www.wired.com/2016/12/botnet-broke-internet-isnt-going-away/.
• Read, M. (2013). This Illegally Made, Incredibly Mesmerizing Animated GIF Is What the Internet Looks Like. Published on GAWKER,
Retrieved on April 5, 2017 from http://gawker.com/5991667/this-illegally-made-incredibly-mesmerizing-animated-gif-is-what-the-
internet-looks-like.
• Savage, K. (2016) A Post-Mortem on the Mirai Botnet: Part 2: Analyzing the Attack. Published at PwnieExpress.com on December 29,
2016. Retrieved on April 20, 2017 https://www.pwnieexpress.com/blog/mirai-botnet-part-2 .
• Smith, D. (2017). The Expansion of IoT since Mirai. Published at Radware. Retrieved on April 8, 2017 from
https://blog.radware.com/security/2017/03/expansion-iot-since-mirai/ .
• Sophos. (2017). The IoT malware that plays cat and mouse with Mirai. Published at NakedSecurity.Sophos.com on April 20, 2017.
Retrieved April 20, 2017 from https://nakedsecurity.sophos.com/2017/04/20/the-iot-malware-that-plays-cat-and-mouse-with-mirai .
• Townsend, K. (2016). 100,000 UK Routers Likely Affected by Mirai Variant. Published December 6, 2016 at SecurityWeek. Retrieved on
March 29, 2017 from http://www.securityweek.com/100000-uk-routers-likely-affected-mirai-variant .
• Verizon. (2016). Verisign 2016 DDoS Trends Report. Retrieved September 16, 2016, from https://www.verisign.com/assets/report-ddos-
trends-Q22016.pdf .
• Wikipedia. (2017). Wikipedia – Carna Botnet. Retrieved April 3, 2017 from https://en.wikipedia.org/wiki/Carna_botnet.
• Woolf, N. (2016). DDoS attack that disrupted internet was largest of its kind in history, experts say. Published October 26, 2016 at
TheGuardian.com. Retrieved March 29, 2017 from https://www.theguardian.com/technology/2016/oct/26/ddos-attack-dyn-mirai-botnet
.
April 20, 2017 Mirai Botnet - William Favre Slater, III 49
50. Presenter Bio:
William Favre Slater, III
• Project Manager / Sr. IT Consultant at Slater Technologies, Inc. , and Adjunct
Professor at the Illinois Institute of Technology - Working on projects related to:
– Security reviews and auditing
– ISO 27001 Project Implementations
– Developing Applications for Risk and Compliance
– Subject Matter Expert in Cybersecurity and IT Service Management for
Government Proposals and Contracts related to technical services
management and measurement
– SME for preparing Risk Management and Security Exams at Western
Governor’s State University in UT
– Created an eBook with articles about Security, Risk Management,
Cyberwarfare, Project Management and Data Center Operations
– Providing subject matter expert services to Data Center product vendors
and other local businesses.
– Developing and presenting technical training materials for undergraduate
and graduate students at the Illinois Institute of Technology in the areas of
Data Center Operations, Data Center Architecture, Cyber Security
Management, and Information Technology hardware and software.
– Mr. Slater is an internationally published author on Cybersecurity topics
related to Cyberwarfare, Social Engineering, and various other topics.
– Providing Summer Internships to IIT Students via his company, Slater
Technologies, Inc.
April 20, 2017 Mirai Botnet - William Favre Slater, III 50
51. Presenter Bio:
William F. Slater, III
• 2017 marks the fifth consecutive year Mr. Slater has presented at Forensecure at IIT
• Mr. Slater has earned an M.S. in Cybersecurity (2013, Bellevue University, Bellevue, NE), as
well as an M.S. in Computer Information Systems (2004, University of Phoenix, Phoenix,
AZ), and an MBA (2010, University of Phoenix, Phoenix, AZ). He has also earned 80
professional certifications, including a PMP, CISSP, CISA, SSCP, ISO 27002, and a CDCP.
• Mr. Slater has taught for over 9 years as an Adjunct Professor at the Illinois Institute of
Technology and developed and delivered courses on these topics: Data Center Operations,
Data Center Architecture, Information Technology hardware and software, Data
Warehousing, Java and Object-Oriented Software Development, Cybersecurity
Management, and IT in Public Administration. See http://billslater.com/teaching
• Mr. Slater is on a personal Mission to help make the world a better, safer and more
productive place, especially when it means helping his students and colleagues become
smarter about cybersecurity, Internet of Things, Data Centers, the Internet, and other
exciting areas of Information Technology.
• He lives in Chicago’s Wicker Park neighborhood with his lovely wife, Joanna Roguska, who
is a web developer, musician and belly dancer.
• In his spare time, Mr. Slater teaches Judo and Self Defense at IIT, and he also offers
internships to IIT students who want to develop real-world technology skills.
• He can be reached at slater@billslater.com or at 312 – 758 – 0307.
April 20, 2017 Mirai Botnet - William Favre Slater, III 51
52. William Favre Slater, II
William Favre Slater, III
312-758-0307
slater@billslater.com
williamslater@gmail.com
http://billslater.com/interview
1515 W. Haddon Ave., Unit 309
Chicago, IL 60642
United States of America
April 20, 2017 Mirai Botnet - William Favre Slater, III 52