i’m a suit in a cyber world!
DESCRIPTION
16 Jul 2011. I’m a Suit in a Cyber World!. Employment History. Financial Services. Employment History. Suit. Financial Services. Employment History. Ski Bum. Employment History. Not-a-Suit. Ski Bum. Employment History. USAF Officer. Employment History. Suit. USAF Officer. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/1.jpg)
1
I’m a Suit in a Cyber
World!
16 Jul 2011
![Page 2: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/2.jpg)
2
Employment History
Financial Services
![Page 3: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/3.jpg)
3
Employment History
Financial Services
![Page 4: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/4.jpg)
4
Employment History
Ski Bum
![Page 5: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/5.jpg)
5
Employment History
Ski Bum
![Page 6: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/6.jpg)
6
Employment History
USAF Officer
![Page 7: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/7.jpg)
7
Employment History
USAF Officer
![Page 8: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/8.jpg)
8
Employment History
SAIC
![Page 9: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/9.jpg)
9
Employment History
SAIC Program Manager
![Page 10: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/10.jpg)
10
Employment History
SAIC Program Manager
![Page 11: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/11.jpg)
11
Employment History
SAIC Division Manager
![Page 12: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/12.jpg)
12
Employment History
SAIC Division Manager
![Page 13: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/13.jpg)
13
Employment History
SAIC Capture Manager
![Page 14: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/14.jpg)
14
Employment History
SAIC Capture Manager
![Page 15: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/15.jpg)
15
Education History
King CollegeBA Economics & Business
Administration
![Page 16: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/16.jpg)
16
Education History
King CollegeBA Economics & Business
Administration
![Page 17: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/17.jpg)
17
Education History
Chartered Life Underwriter
![Page 18: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/18.jpg)
18
Education History
Chartered Life Underwriter
![Page 19: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/19.jpg)
19
Education History
UMD EuropeBowie State University
MS Management Information Systems
![Page 20: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/20.jpg)
20
Education History
UMD EuropeBowie State University
MS Management Information Systems
![Page 21: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/21.jpg)
21
Education History
PMP
![Page 22: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/22.jpg)
22
Education History
PMP
![Page 23: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/23.jpg)
23
Large Cyber Procurements
SAIC Capture Manager
![Page 24: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/24.jpg)
24
Large Cyber Procurements
> $250,000,000
![Page 25: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/25.jpg)
![Page 26: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/26.jpg)
![Page 27: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/27.jpg)
27
Introduction to
cybergamut
![Page 28: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/28.jpg)
28
History and Why Change• In 2008 SAIC established cybernexus
– Coming together or “nexus” of cyber analysts– Central Maryland
• In 2011 cybernexus renamed cybergamut– Runs the “gamut” of cyber disciplines– Global organization
• cybergamut nodes– San Antonio, Texas– Northern Virginia (Tysons Corner and Herndon)– Sioux Falls, South Dakota
![Page 29: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/29.jpg)
29
Mission Statement
cybergamut is a worldwide community of practice for cyber professionals across industry, academia, and government providing ongoing education, training, and certification opportunities throughout all phases of a cyber professional’s career, utilizing traditional methods as well as non-traditional techniques like puzzles, Easter Eggs, and problem solving.
![Page 30: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/30.jpg)
30
Easter Eggs
![Page 31: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/31.jpg)
31
Easter Eggs (eeggs.com)
![Page 32: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/32.jpg)
32
Challenge Cards
![Page 33: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/33.jpg)
33
Challenge Coin
![Page 34: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/34.jpg)
34
Technical Tuesday
• What it is – a technical exchange
• What it is not– A sales presentation– A product endorsement– For discussion of procurements – For discussion of procurement related issues
![Page 35: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/35.jpg)
35
PDU and CPE
• PMI PDU’s– PMI Baltimore approved most Technical Tuesday
events as eligible for PMI PDU’s under Category B, Continuing Education
• CPE’s for CISSP– Self certification
• Other certifications– What do you need?
![Page 36: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/36.jpg)
36
cybergamut Nodes• Established node
– San Antonio– Northern Virginia (Tysons Corner and Herndon)– Sioux Falls, SD
• Node requirements (as of now)– Open and accessible to all
• Industry, academia, and government– Room for at least 20 people
• Computer, projector, conference phone– Guarantee at least five people in the room
• In case someone else shows up so they’re not uncomfortable • Future nodes - ???
– San Diego, CA– Rome, NY– Atlanta, GA
![Page 37: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/37.jpg)
37
Previous Topics• Defending a Large Network
– Brian Rexroad of AT&T– 2 Dec 2008
• DNI Essentials– Paul Schnegelberger of SAIC and John Sanders of
Northrop Grumman TASC– Nov/Dec 2008
• Digital Forensics– Jim Jaeger of General Dynamics– 13 Jan 2009
• Case Studies in Cyber Attacks – Aaron Wilson of SAIC– 13 Jan 2009
• Trickler– Greg Virgin of RedJack– 27 Jan 2009
• Security Tools– Peiter “Mudge” Zatko of BBN– 27 Jan 2009
• IPv6– David Harris of SAIC– 10 Feb 2009
• Exploitation Prediction – Darryl Ackley of New Mexico Tech– 24 Feb 2009
• Analytic and IO Tools– Clift Briscoe and Nat Cooper of Edge– 24 Mar 2009
• Distributed Systems Technologies and Internet Intelligence
– George Economou of Akamai– 24 Mar 2009
• Exploring the Social World of the Russian Hacker Community
– Tom Holt of Michigan State University– 10 Mar 2009
• Modern Forensic Investigative Techniques – Amber Schroader of Paraben– 10 Mar 2009
• Defending Against BGP Man-In-The-Middle Attacks
– Earl Zmijewski of Renesys– 14 Apr 2009
• Examining the Storm Worm– Nico Lacchini of TDI– 26 May 2009
• No-Tech Hacking– Johnny Long– 11 Jun 2009
• Dirty Secrets of the Security Industry– Bruce Potter of Ponte Technologies– 14 Jul 2009
• Windows Forensic Analysis: Dissecting the Windows Registry
– Rob Lee of MANDIANT and the SANS Institute– 18 Aug 2009
![Page 38: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/38.jpg)
38
Previous Topics cont.• Silence of the RAM
– Sean Bodmer of Savid Corporation– 22 Sep 2009
• VoIP Security - Attacks, Threats and Countermeasures
– Stuart McLeod of Global Knowledge– 3 Nov 2009
• A Tale of Two Departments – How Commerce and State Dealt With Chinese Intrusions: Lessons Learned Plus: Security Heroes and the 20 Critical Controls
– Alan Paller of the SANS Institute– 9 Mar 2010
• Aurora– Aaron Barr of HBGary Federal– 27 Apr 2010
• Malware reverse engineering at ITT – Paul Frank of ITT– 25 May 2010
• Advanced Cyber Collection Techniques; Extracting and Analyzing Information from the Domain Name System
– Tim Cague of The CYAN Group– 10 Aug 2010
• The Rise of the Social Web – Aaron Barr of HBGary Federal– 5 Oct 2010
• Why Security People S#ck – Gene Bransfield of Tenacity Solutions– 9 Nov 2010
• Insider Threat and Real-World Incident Study– Presented by Michael Collins & Greg Virgin of
RedJack along with Jim Downey of DISA PEO-MA– 30 Nov 2010
• Network Monitoring– Josh Goldfarb of 21st Century Technologies– 4 Jan 2011
• Network Device Exploitation with Universal Plug & Play
– Terry Dunlap of Tactical Network Solutions– 8 Feb 2011
• Deep Packet Inspection for Cybersecurity ASW&R
– Jeff Kuhn of Pangia Technologies– 29 Mar 2011
• Stuxnet Redux: Malware Attribution & Lessons Learned
– Tom Parker of Securicon – 19 Apr 2011
• Special Technical Tuesday and renaming– 10 May 2011
• APT Intrusion Remediation: The Top Do's and Don'ts
– Rob Lee of MANDIANT and The SANS Institute– 24 May 2011
• Deep Packet Inspection– Peder Jungck of Cloudshield and SAIC– 28 Jun 2011
• Our Security Status is Grim– Brian Snow– 19 Jul 2011
![Page 39: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/39.jpg)
39
Upcoming Technical Tuesdays• Looking for more speakers and topics such as:
– Tor routing– Malware reverse engineering– Cyber situational awareness– Splunk– Cloud computing and cloud forensics– Geolocation of IP addresses and mobile devices– Digital forensics– E-discovery– Attack attribution– Deep packet inspection– Fuzzing– Writing secure code
To suggest topics, volunteer to speak, or to receive an invitation, please contact: [email protected]
![Page 40: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/40.jpg)
40
Interesting Topics from the Chief 5uit’s Perspective
![Page 41: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/41.jpg)
41
Remember!
![Page 42: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/42.jpg)
42
Dash
![Page 43: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/43.jpg)
43
Foreign Language• 1337 = LEET = short for elite (maybe)
– 5uit = Suit• Pwn = Own
– Your computer has been pwned• Teh = the
– Accidents become purposeful– This was before spell checkers – hard to do now
• Texting– LOL– ROFL– - OMG Powerpoint translated : and ) to this
![Page 44: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/44.jpg)
44
Different Culture
• 95% male• Black T-shirts• Interesting facial hair• Body art• Add alcohol and mix vigorously• Stickers everywhere• Lock picking for fun (lock sport)• Hackers aren’t all Bad
– I Hack Charities• As a 5uit, I’m counter-counter-culture
![Page 45: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/45.jpg)
![Page 46: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/46.jpg)
![Page 47: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/47.jpg)
![Page 48: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/48.jpg)
48
Bot in a Botnet
• What’s a Bot and what’s a Botnet?– Computers that have been taken over– Used for distribution of Spam and Malware– Used for other nefarious deeds
![Page 49: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/49.jpg)
49
Bot in a Botnet
• What’s a Bot and what’s a Botnet?– Computers that have been taken over– Used for distribution of Spam and Malware– Used for other nefarious deeds
• Does your Mom care?
![Page 50: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/50.jpg)
50
Bot in a Botnet
• What’s a Bot and what’s a Botnet?– Computers that have been taken over– Used for distribution of Spam and Malware– Used for other nefarious deeds
• Does your Mom care?
• Do you care?
![Page 51: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/51.jpg)
Digital Hygiene
![Page 52: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/52.jpg)
You can’t Patch Stupid!!!
![Page 53: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/53.jpg)
You can’t Patch Stupid!!!
Don’t be “Stupid”
![Page 54: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/54.jpg)
![Page 55: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/55.jpg)
![Page 56: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/56.jpg)
![Page 57: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/57.jpg)
![Page 58: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/58.jpg)
![Page 59: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/59.jpg)
![Page 60: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/60.jpg)
![Page 61: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/61.jpg)
![Page 62: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/62.jpg)
![Page 63: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/63.jpg)
![Page 64: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/64.jpg)
![Page 65: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/65.jpg)
![Page 66: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/66.jpg)
![Page 67: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/67.jpg)
![Page 68: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/68.jpg)
![Page 69: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/69.jpg)
![Page 70: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/70.jpg)
![Page 71: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/71.jpg)
Don’t use Reply All in a Mail
Storm!!!
![Page 72: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/72.jpg)
You can’t Patch Stupid!!!
![Page 73: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/73.jpg)
73
Social Engineering
• Extremely effective
• DEFCON Social Engineering Contest– Amazing what people will give away– Help desks were overly helpful
![Page 74: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/74.jpg)
![Page 75: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/75.jpg)
Click OK to Continue
![Page 76: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/76.jpg)
76
Should I proceed?
![Page 77: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/77.jpg)
77
Should I proceed? I did!!!
![Page 78: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/78.jpg)
78
Phishing and Spearphishing
• E-mails and targeted e-mails– Usually with a link– Watch for typo’s and misspelllings
• V1AGRA
• [Insert company name here] has been sold!
![Page 79: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/79.jpg)
79
What about this one?
![Page 80: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/80.jpg)
80
Corporate Response
![Page 81: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/81.jpg)
81
Another One!
![Page 82: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/82.jpg)
82
Phishing and Spearphishing• E-mails and targeted e-mails
– Usually with a link– Watch for typo’s and misspelllings
• V1AGRA
• [Insert company name here] has been sold!
• DEFCON Skybox Demo– Trend tracking via Twitter– Tracking an individual via Social Media– Tiny urls and Bit.ly
![Page 83: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/83.jpg)
83
GPS and other evil devices
• GPS, iPhones, etc remember everything
• iPhones sync EVERYTHING with their host
• Windows 7 Registry saves things a long time
• Forensics examiner’s dream
• Car thieves “Go Home”– You’re not home and now you’re stranded
![Page 84: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/84.jpg)
84
Supply Chain
• Where was your code written?• Where was your hardware produced?• How did it get to you?
• Thumb drives• Hard drives
![Page 85: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/85.jpg)
85
X begets Y begets Z…• Needs beget innovation• Innovation begets technology• Policy and strategy follow
– aren’t necessarily “begotten”• Lack of policy begets ineffective or non-strategy• Doctrine is the military word for policy• Tactics are the refinement of military strategy• difference between responsibility and authority
– DHS has responsibilities– DoD has many clearly defined authorities
• National Cyber Policy is challenging– AFCEA story
![Page 86: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/86.jpg)
86
Steganography
• Stuff hidden in pictures• Stuff hidden in other non-obvious places
![Page 87: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/87.jpg)
87
Who votes for #1?
![Page 88: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/88.jpg)
88
Who votes for #2?
![Page 89: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/89.jpg)
89
Who votes for #3?
![Page 90: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/90.jpg)
90
Who votes for #4?
![Page 91: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/91.jpg)
91
Steganography
• Let’s check your votes . . .
![Page 92: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/92.jpg)
92
#1 Malamute???; not Malware
![Page 93: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/93.jpg)
93
#2
![Page 94: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/94.jpg)
94
#2 is Malodorous; not Malware
![Page 95: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/95.jpg)
95
#3 is Mal-wear; not Malware
![Page 96: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/96.jpg)
96
#4 is Malicious; not Malware
![Page 97: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/97.jpg)
97
Steganography
• None of those pictures– I don’t think anyway…
• Very hard to detect in a single picture– Potential detection if you have both pictures
50 KB 450 KB
![Page 98: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/98.jpg)
98
Other Scary/Cool Concepts
• Segmented polymorphic malware– Bad stuff that changes its looks, delivered in parts
• Metamorphic malware– Bad stuff that changes what it does
• Cloud Computing – distributed virtualization– Which denomination?
• Hadoop – son’s toy elephant– Cloud Security– Cloud Forensics
• Zero-day– Brand new malware or exploits
![Page 99: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/99.jpg)
99
Should I click?
![Page 100: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/100.jpg)
100
Social Networking
• “On the Internet, nobody knows you’re a dog”– New Yorker Magazine, 1993– Still true today
• Do you really know who your Friends are?– Would you cross the street to see them in person?– What are you revealing in your posts?
![Page 101: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/101.jpg)
101
Fake Profile???
![Page 102: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/102.jpg)
102
Social Networking
• “On the Internet, nobody knows you’re a dog”– New Yorker Magazine, 1993– Still true today
• Do you really know who your Friends are?– Would you cross the street to see them in person?– What are you revealing in your posts?
• “My Daddy’s dating…”• Twitter
– Spontaneous and quick– No filter / no retraction
![Page 103: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/103.jpg)
![Page 104: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/104.jpg)
104
Location-based Services
• Facebook Places and Foursquare• Preparation for Travel
– Set up light timers– Make your home look lived in
• “Check in” at out of state locations• Photo metadata• Okay for my Friends to know• What about Friends of Friends?
– What about Mafia Wars Friends of Friends?
![Page 105: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/105.jpg)
105
User Names and Passwords• Anonymous and LULZ Sony Attacks
– 77 million users affected
• Other large data thefts
• User Name and Password combinations– How many do you use?
– Remember the Bots?!?
– This got my attention!
![Page 106: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/106.jpg)
106
What do we do?
• I don’t know…
• I think education helps…
![Page 107: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/107.jpg)
107
Cyber Increases
• Volume
• Variety
• Velocity
![Page 108: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/108.jpg)
108
Cyber Increases
• Volume = 111 slides
• Variety
• Velocity
![Page 109: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/109.jpg)
109
Cyber Increases
• Volume = 111 slides
• Variety = 21 topics
• Velocity
![Page 110: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/110.jpg)
110
Cyber Increases
• Volume = 111 slides
• Variety = 21 topics
• Velocity = 1 hour = <33 sec per slide
![Page 111: I’m a Suit in a Cyber World!](https://reader035.vdocuments.net/reader035/viewer/2022062411/56816858550346895dde8370/html5/thumbnails/111.jpg)
111
That’s all we’ve got!