Hiring Hackers

Download Hiring Hackers

Post on 05-Dec-2014

1.317 views

Category:

Technology

1 download

Embed Size (px)

DESCRIPTION

Lookout's Principal Security Researcher, Marc Rogers, presented at CTIA's Super Mobility Week in Las Vegas on September 9, 2014.

TRANSCRIPT

<ul><li> 1. HIRING HACKERS MARC ROGERS 09.09.2014 </li> <li> 2. Enterprises need hackers The hacker-mindset makes the difference </li> <li> 3. noun ha-kr Hacker; someone who uses ingenuity to create a clever result which accomplishes the desired goal without changing the design of the system it is embedded in. </li> <li> 4. pre </li> <li> 5. noun ha-kr Hacker; a person who secretly gets access to a computer system in order to get information, cause damage, etc. : a person who hacks into a computer system </li> <li> 6. noun ha-kr Hacker; A technical genius who likes to explore the technical world and reshape it to his or her desires in a non-destructive way </li> <li> 7. HOW HACKERS CAN HELP CARRIERS SPECIFICALLY </li> <li> 8. Botnets are a HUGE network threat Old-fashioned financial fraud still causing headaches The carrier is becoming further and further removed from the device The network is becoming IP-based and more accessible to intruders </li> <li> 9. SPAM SOLDIER 12:01 PM Huge SMS spam botnet Spams 100 contacts at a time. In one case 16,000 messages sent from a single phone! Estimated 7M spam messages sent before it was shut down. Shut down through cooperation between lookout and a carrier partner. Read more </li> <li> 10. Botnets are a HUGE network threat Old-fashioned financial fraud still causing headaches The carrier is becoming further and further removed from the device The network is becoming IP-based and more accessible to intruders </li> <li> 11. 12:01 PM 12:01 PM 12:01 PM BAZUC Buys subscriber free SMS allowance Sells artificially cheap bulk SMS to companies Undercuts the carriers bulk messaging business with its own subscribers Read more </li> <li> 12. Botnets are a HUGE network threat Old-fashioned financial fraud still causing headaches The carrier is becoming further and further removed from the device The network is becoming IP-based and more accessible to intruders </li> <li> 13. Most advanced mobile botnet (yet) Multi-layered C2 architecture with end to end encryption and P2P command protocols. Installs an unrestricted proxy on victims handsets Like PC Botnets, the controllers resell access to the proxy network for various criminal purposes: Transaction Fraud Pumping out spam emails Accessing C99 shell accounts Brute-forcing wordpress accounts ! ! NOTCOMPATIBLE 12:01 PM Read more </li> <li> 14. Botnets are still big network-suck Old-fashioned financial fraud still causing headaches The carrier is becoming further and further removed from the device The network is becoming IP-based and more accessible to intruders </li> <li> 15. HACKERS WHO HELP </li> <li> 16. Jeff Moss HACKING FOR GOOD Kevin Poulsen Mark Abene Marc Rogers Robert Tappan Morris Mudge Steve Wozniak Chris Wysopal </li> <li> 17. EVERYTHING IS OK </li> <li> 18. For more mobile security information, follow </li> </ul>