Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

y3dips - Who Own Your Sensitive Information?

1,587 views

Published on

Presentation for National Cryptography Seminar at Sekolah Tinggi Sandi Negara

  • Be the first to comment

  • Be the first to like this

y3dips - Who Own Your Sensitive Information?

  1. 1. Who Own yourSensitive Information ? How It was Taken & How To Protect It SNKI - 29, December 2010 - y3dips
  2. 2. Who Own It ?
  3. 3. HACKER
  4. 4. CYBER MAFIA
  5. 5. CYBER TERRORIST
  6. 6. Movie
  7. 7. CYBER ARMY
  8. 8. WIKILEAKS
  9. 9. Who Own It ?
  10. 10. How It Was Taken ?
  11. 11. Famous Attack Vector• Password (Authentication)• Insecure Infrastructure• Insecure Data Protection• There isnt any Policy and Procedure• Intrusion/hacking• Social Engineering
  12. 12. PASSWORD TREAT
  13. 13. INSECURE INFRASTRUCTURE
  14. 14. Hacking Example
  15. 15. Video Demo
  16. 16. WikiLeaks
  17. 17. BradleyManning an ArmyIntellegence analyst
  18. 18. US Airstrikes
  19. 19. Wikileaks Publication • Baghdad “AirStrikes” Incident • Copy the Data into a “LADY GAGA” labeled CD • Bradley Submit to Wikileaks • Wikileaks confirm 3 Month Decrypting it - but it never encrypted said Bradley.http://www.wired.com/threatlevel/2010/06/wikileaks-chat/#ixzz0qYdG9xzE
  20. 20. Attack Vector• Unprotected “Private” Network• Unpatched/Out of date server/system• Zip - aes256 - password protected partial usage• Lack on Physical Security - 5 digit door access = knock
  21. 21. WikiLeaks
  22. 22. Secret US Embassy Cables
  23. 23. Secret US Embassy Cables
  24. 24. How To Protect It ?
  25. 25. • Upgrade your Security Awareness• Read The “Security” Manual• Give a serious attention to your Authentication/Credentials• Use a relatively Strong Encryption (e.g for file, network communication)• Use AntiVirus, Firewall, e.t.c
  26. 26. Password Management
  27. 27. File/Partition Encryption
  28. 28. No System 100% SecureIs a Process SECURITY Human is the Weakest Link
  29. 29. Who Own yourSensitive Information ? How It was Taken & How To Protect It @y3dips - me@ammar.web.id

×