breaking in and breaking records – a look back at 2016 cybercrimes
TRANSCRIPT
![Page 1: Breaking In and Breaking Records – A Look Back at 2016 Cybercrimes](https://reader031.vdocuments.net/reader031/viewer/2022013004/5870bf541a28ab0b4a8b6bd5/html5/thumbnails/1.jpg)
Breaking In and Breaking Records:A Look Back at 2016 CybercrimesTravis Smith, Senior Security ResearcherChris Conacher, Manager, Security Content and Research
![Page 2: Breaking In and Breaking Records – A Look Back at 2016 Cybercrimes](https://reader031.vdocuments.net/reader031/viewer/2022013004/5870bf541a28ab0b4a8b6bd5/html5/thumbnails/2.jpg)
2
Hollywood Presbyterian Medical CenterFebruary 15
![Page 3: Breaking In and Breaking Records – A Look Back at 2016 Cybercrimes](https://reader031.vdocuments.net/reader031/viewer/2022013004/5870bf541a28ab0b4a8b6bd5/html5/thumbnails/3.jpg)
3
![Page 4: Breaking In and Breaking Records – A Look Back at 2016 Cybercrimes](https://reader031.vdocuments.net/reader031/viewer/2022013004/5870bf541a28ab0b4a8b6bd5/html5/thumbnails/4.jpg)
4
Hollywood Presbyterian Medical Center
Allen StefanekCEO, CHA Hollywood Presbyterian Medical Center
February 15
The quickest and most efficient way to restore our systems and administrative
functions was to pay the ransom and obtain the decryption key. In the best interest of restoring normal operations, we did this.
![Page 5: Breaking In and Breaking Records – A Look Back at 2016 Cybercrimes](https://reader031.vdocuments.net/reader031/viewer/2022013004/5870bf541a28ab0b4a8b6bd5/html5/thumbnails/5.jpg)
5
Decryption Keys Available
Link to nomoreransomware.com
NoMoreRansom.org
![Page 6: Breaking In and Breaking Records – A Look Back at 2016 Cybercrimes](https://reader031.vdocuments.net/reader031/viewer/2022013004/5870bf541a28ab0b4a8b6bd5/html5/thumbnails/6.jpg)
6
iPhone HackingSan Bernardino Shooter iPhone
![Page 7: Breaking In and Breaking Records – A Look Back at 2016 Cybercrimes](https://reader031.vdocuments.net/reader031/viewer/2022013004/5870bf541a28ab0b4a8b6bd5/html5/thumbnails/7.jpg)
7
BadLock BustApril 12
![Page 8: Breaking In and Breaking Records – A Look Back at 2016 Cybercrimes](https://reader031.vdocuments.net/reader031/viewer/2022013004/5870bf541a28ab0b4a8b6bd5/html5/thumbnails/8.jpg)
8
![Page 9: Breaking In and Breaking Records – A Look Back at 2016 Cybercrimes](https://reader031.vdocuments.net/reader031/viewer/2022013004/5870bf541a28ab0b4a8b6bd5/html5/thumbnails/9.jpg)
9
![Page 10: Breaking In and Breaking Records – A Look Back at 2016 Cybercrimes](https://reader031.vdocuments.net/reader031/viewer/2022013004/5870bf541a28ab0b4a8b6bd5/html5/thumbnails/10.jpg)
10
DNC Hacked, A Tale of Two Attackers
First Attacker had persistence for over a year, siphoned communications Second Attacker had persistence for months, stole research on Donald Trump Both groups believed to be Russian affiliated National Republican Senatorial Committee (NRSC) also hacked, siphoning off
credit card data
June
![Page 11: Breaking In and Breaking Records – A Look Back at 2016 Cybercrimes](https://reader031.vdocuments.net/reader031/viewer/2022013004/5870bf541a28ab0b4a8b6bd5/html5/thumbnails/11.jpg)
11
Attribution
TTPs – Tactics, Techniques, and Procedures C2 Addresses Used Re-Used Certificates Data Dumps Translated Into Cyrillic
How It’s Done
?
![Page 12: Breaking In and Breaking Records – A Look Back at 2016 Cybercrimes](https://reader031.vdocuments.net/reader031/viewer/2022013004/5870bf541a28ab0b4a8b6bd5/html5/thumbnails/12.jpg)
12
![Page 13: Breaking In and Breaking Records – A Look Back at 2016 Cybercrimes](https://reader031.vdocuments.net/reader031/viewer/2022013004/5870bf541a28ab0b4a8b6bd5/html5/thumbnails/13.jpg)
13
![Page 14: Breaking In and Breaking Records – A Look Back at 2016 Cybercrimes](https://reader031.vdocuments.net/reader031/viewer/2022013004/5870bf541a28ab0b4a8b6bd5/html5/thumbnails/14.jpg)
14
Mirai Botnet Emerges
620 - 665 Gbps DDOS attack against Brian Krebs' website Not an amplification or reflection attack, but launched from hacked IoT Devices Source code released October 1st
Rumors that Liberia was knocked offline by the Botnet on Oct 4, but probably not true
October 21, Mirai brings down Twitter, Amazon, Reddit, GitHub, Netflix, among others.
September 20
![Page 15: Breaking In and Breaking Records – A Look Back at 2016 Cybercrimes](https://reader031.vdocuments.net/reader031/viewer/2022013004/5870bf541a28ab0b4a8b6bd5/html5/thumbnails/15.jpg)
15 SOURCE: Cisco
0
10
20
30
40
Bill
ions
of d
evic
es
1988 1992 1996 2000 2004 2008 2012 2016 2020
GROWTH IN THE INTERNET OF THINGSThe number of connected devices will exceed 50 Billion by 2020
19921M
20030.5B
2009IoT
Inception
20128.7B
201311.2B
201414.2B
201518.2B
201622.9B
201728.4B
201834.8B
201942.1B
202050.1B
![Page 16: Breaking In and Breaking Records – A Look Back at 2016 Cybercrimes](https://reader031.vdocuments.net/reader031/viewer/2022013004/5870bf541a28ab0b4a8b6bd5/html5/thumbnails/16.jpg)
16
Update Classes
Manual Search
Unsupported Devices User Notifications
Auto Updating
![Page 17: Breaking In and Breaking Records – A Look Back at 2016 Cybercrimes](https://reader031.vdocuments.net/reader031/viewer/2022013004/5870bf541a28ab0b4a8b6bd5/html5/thumbnails/17.jpg)
17
Windows UpdatesOctober
![Page 18: Breaking In and Breaking Records – A Look Back at 2016 Cybercrimes](https://reader031.vdocuments.net/reader031/viewer/2022013004/5870bf541a28ab0b4a8b6bd5/html5/thumbnails/18.jpg)
18
More Vulnerabilities
As Of December 13, 2016
All Year
CVE (v2 Scores) 2015 2016High 2,408 2,339Medium 3,489 3,144Low 591 574Total 6,488 6,112
MS Security Bulletins 2015 2016Critical 35 61Important 92 86Moderate 8 6Total 135 153
![Page 19: Breaking In and Breaking Records – A Look Back at 2016 Cybercrimes](https://reader031.vdocuments.net/reader031/viewer/2022013004/5870bf541a28ab0b4a8b6bd5/html5/thumbnails/19.jpg)
19
Old Microsoft Bulletin Pagehttps://technet.microsoft.com/en-us/security/bulletins.aspx
![Page 20: Breaking In and Breaking Records – A Look Back at 2016 Cybercrimes](https://reader031.vdocuments.net/reader031/viewer/2022013004/5870bf541a28ab0b4a8b6bd5/html5/thumbnails/20.jpg)
20
New Microsoft Security Portalhttps://portal.msrc.microsoft.com/en-us/
![Page 21: Breaking In and Breaking Records – A Look Back at 2016 Cybercrimes](https://reader031.vdocuments.net/reader031/viewer/2022013004/5870bf541a28ab0b4a8b6bd5/html5/thumbnails/21.jpg)
Thank You!