statewide cyber trends - north carolina · 2018. 6. 19. · 3 phishing 8/17/2015 information...
TRANSCRIPT
![Page 1: Statewide Cyber Trends - North Carolina · 2018. 6. 19. · 3 Phishing 8/17/2015 Information Technology •I titled this part phishing but Social Engineering is a better term. •From](https://reader034.vdocuments.net/reader034/viewer/2022052106/60417255bba94433770da47c/html5/thumbnails/1.jpg)
Statewide Cyber Trends
October 12, 2016
![Page 2: Statewide Cyber Trends - North Carolina · 2018. 6. 19. · 3 Phishing 8/17/2015 Information Technology •I titled this part phishing but Social Engineering is a better term. •From](https://reader034.vdocuments.net/reader034/viewer/2022052106/60417255bba94433770da47c/html5/thumbnails/2.jpg)
2
Current threats
8/17/2015 Information Technology
•Phishing
•Ransomware
•Hacktivism - DDoS
![Page 3: Statewide Cyber Trends - North Carolina · 2018. 6. 19. · 3 Phishing 8/17/2015 Information Technology •I titled this part phishing but Social Engineering is a better term. •From](https://reader034.vdocuments.net/reader034/viewer/2022052106/60417255bba94433770da47c/html5/thumbnails/3.jpg)
3
Phishing
8/17/2015 Information Technology
• I titled this part phishing but Social Engineering is a better term.
• From the The Verizon Data breach digest - Scenarios from the field “We witness social tactics being used in around 20% of confirmed data breaches.”
• June 1 edition of CSOonline.com “As of the end of March, 93 percent of all phishing emails contained encryption ransomware, according to a report released today by PhishMe.”
• Phishing emails have counterparts of vishing (voice phishing) and even in person actions
• Spear-phishing – a targeted phish
![Page 4: Statewide Cyber Trends - North Carolina · 2018. 6. 19. · 3 Phishing 8/17/2015 Information Technology •I titled this part phishing but Social Engineering is a better term. •From](https://reader034.vdocuments.net/reader034/viewer/2022052106/60417255bba94433770da47c/html5/thumbnails/4.jpg)
4
Phishing
8/17/2015 Information Technology
![Page 5: Statewide Cyber Trends - North Carolina · 2018. 6. 19. · 3 Phishing 8/17/2015 Information Technology •I titled this part phishing but Social Engineering is a better term. •From](https://reader034.vdocuments.net/reader034/viewer/2022052106/60417255bba94433770da47c/html5/thumbnails/5.jpg)
5
Phishing
8/17/2015 Information Technology
![Page 6: Statewide Cyber Trends - North Carolina · 2018. 6. 19. · 3 Phishing 8/17/2015 Information Technology •I titled this part phishing but Social Engineering is a better term. •From](https://reader034.vdocuments.net/reader034/viewer/2022052106/60417255bba94433770da47c/html5/thumbnails/6.jpg)
6
Phishing
8/17/2015 Information Technology
![Page 7: Statewide Cyber Trends - North Carolina · 2018. 6. 19. · 3 Phishing 8/17/2015 Information Technology •I titled this part phishing but Social Engineering is a better term. •From](https://reader034.vdocuments.net/reader034/viewer/2022052106/60417255bba94433770da47c/html5/thumbnails/7.jpg)
7
Phishing
8/17/2015 Information Technology
![Page 8: Statewide Cyber Trends - North Carolina · 2018. 6. 19. · 3 Phishing 8/17/2015 Information Technology •I titled this part phishing but Social Engineering is a better term. •From](https://reader034.vdocuments.net/reader034/viewer/2022052106/60417255bba94433770da47c/html5/thumbnails/8.jpg)
8
Ransomware
8/17/2015 Information Technology
• Cybercriminals are using a type of malware called "ransomware", which can infect your computer or mobile device and restrict access to your files and programs unless you agree to pay a ransom to the creators of the malware to regain access. (https://home.mcafee.com)
• Many state agencies have been hit by ransomware. Data that is not backed up is permanently lost. Not all backups are equal. Needs to be an offline backup. Backups to external drives with a drive letter are as vulnerable to the ransomware as the rest of the storage.
![Page 9: Statewide Cyber Trends - North Carolina · 2018. 6. 19. · 3 Phishing 8/17/2015 Information Technology •I titled this part phishing but Social Engineering is a better term. •From](https://reader034.vdocuments.net/reader034/viewer/2022052106/60417255bba94433770da47c/html5/thumbnails/9.jpg)
9
Ransomware - Cryptolocker
8/17/2015 Information Technology
![Page 10: Statewide Cyber Trends - North Carolina · 2018. 6. 19. · 3 Phishing 8/17/2015 Information Technology •I titled this part phishing but Social Engineering is a better term. •From](https://reader034.vdocuments.net/reader034/viewer/2022052106/60417255bba94433770da47c/html5/thumbnails/10.jpg)
10
Ransomware - TeslaCrypt Notice
10
![Page 11: Statewide Cyber Trends - North Carolina · 2018. 6. 19. · 3 Phishing 8/17/2015 Information Technology •I titled this part phishing but Social Engineering is a better term. •From](https://reader034.vdocuments.net/reader034/viewer/2022052106/60417255bba94433770da47c/html5/thumbnails/11.jpg)
11
Ransomware - Locky
8/17/2015 Information Technology
![Page 12: Statewide Cyber Trends - North Carolina · 2018. 6. 19. · 3 Phishing 8/17/2015 Information Technology •I titled this part phishing but Social Engineering is a better term. •From](https://reader034.vdocuments.net/reader034/viewer/2022052106/60417255bba94433770da47c/html5/thumbnails/12.jpg)
12
Hacktivism
8/17/2015 Information Technology
• Hacktivism is defined as the subversive use of computers and computer networks to promote a political agenda. In the past, these activities included Distributed Denial of Service (DDoS,) Doxing, Phishing or Spear Phishing Attacks and website defacements.
• https://en.wikipedia.org/wiki/Hacktivism
![Page 13: Statewide Cyber Trends - North Carolina · 2018. 6. 19. · 3 Phishing 8/17/2015 Information Technology •I titled this part phishing but Social Engineering is a better term. •From](https://reader034.vdocuments.net/reader034/viewer/2022052106/60417255bba94433770da47c/html5/thumbnails/13.jpg)
13
Hacktivism
8/17/2015 Information Technology
Yeah these folks……
![Page 14: Statewide Cyber Trends - North Carolina · 2018. 6. 19. · 3 Phishing 8/17/2015 Information Technology •I titled this part phishing but Social Engineering is a better term. •From](https://reader034.vdocuments.net/reader034/viewer/2022052106/60417255bba94433770da47c/html5/thumbnails/14.jpg)
14
Hacktivism -DDoS
• State agencies have been the victim of DDoS
Luckily in most cases the duration (and therefore the impact) of the attack has been short. However longer attacks at critical times have had a significant business impact on the victim.
![Page 15: Statewide Cyber Trends - North Carolina · 2018. 6. 19. · 3 Phishing 8/17/2015 Information Technology •I titled this part phishing but Social Engineering is a better term. •From](https://reader034.vdocuments.net/reader034/viewer/2022052106/60417255bba94433770da47c/html5/thumbnails/15.jpg)
15
Hacktivism - DDoS
8/17/2015 Information Technology
![Page 16: Statewide Cyber Trends - North Carolina · 2018. 6. 19. · 3 Phishing 8/17/2015 Information Technology •I titled this part phishing but Social Engineering is a better term. •From](https://reader034.vdocuments.net/reader034/viewer/2022052106/60417255bba94433770da47c/html5/thumbnails/16.jpg)
16
Hacktivism - DDoS
8/17/2015 Information Technology
Graphic from http://www.kaspersky.co.za/enterprise-
security/ddos-protection
![Page 17: Statewide Cyber Trends - North Carolina · 2018. 6. 19. · 3 Phishing 8/17/2015 Information Technology •I titled this part phishing but Social Engineering is a better term. •From](https://reader034.vdocuments.net/reader034/viewer/2022052106/60417255bba94433770da47c/html5/thumbnails/17.jpg)
17
Recommendations - Phishing
8/17/2015 Information Technology
• User Awareness training
• Don’t follow links or open attachments in unexpected or suspicious e-mails
• Report suspicious e-mails to [email protected] so they can be filtered
![Page 18: Statewide Cyber Trends - North Carolina · 2018. 6. 19. · 3 Phishing 8/17/2015 Information Technology •I titled this part phishing but Social Engineering is a better term. •From](https://reader034.vdocuments.net/reader034/viewer/2022052106/60417255bba94433770da47c/html5/thumbnails/18.jpg)
18
Recommendations - Ransomware
8/17/2015 Information Technology
• User Awareness
• Back up important files on local system
• Don’t follow links or open attachments in unexpected or suspicious e-mails
• Report suspicious e-mails to [email protected] so they can be filtered
• Web browsing should be work related
![Page 19: Statewide Cyber Trends - North Carolina · 2018. 6. 19. · 3 Phishing 8/17/2015 Information Technology •I titled this part phishing but Social Engineering is a better term. •From](https://reader034.vdocuments.net/reader034/viewer/2022052106/60417255bba94433770da47c/html5/thumbnails/19.jpg)
19
Recommendations – Ransomware (System Controls)• User Accounts should not be administrators
• Consider Implementing Microsoft AppLocker GPO
Prevents execution of files from the c:/Users/<user>/AppData/ folder and subs
• Application Whitelisting/SW Restriction
• Utilize WCF and DNS FW
• Patch – OS to plugins (Flash, Java)
• Allow/Install Pop-up and Ad Blockers
![Page 20: Statewide Cyber Trends - North Carolina · 2018. 6. 19. · 3 Phishing 8/17/2015 Information Technology •I titled this part phishing but Social Engineering is a better term. •From](https://reader034.vdocuments.net/reader034/viewer/2022052106/60417255bba94433770da47c/html5/thumbnails/20.jpg)
20
Statewide perspective - Ransomware
• Ransomware infections are a reportable incident to the State CIO
![Page 21: Statewide Cyber Trends - North Carolina · 2018. 6. 19. · 3 Phishing 8/17/2015 Information Technology •I titled this part phishing but Social Engineering is a better term. •From](https://reader034.vdocuments.net/reader034/viewer/2022052106/60417255bba94433770da47c/html5/thumbnails/21.jpg)
21
Recommendation – HacktivismDD0S - Best Practices
8/17/2015 Information Technology
DDoS
Establish and maintain effective partnerships with your upstream network service provider
know what assistance they may be able to provide you in the event of a DDoS attack
the faster that they can implement traffic blocks and mitigation strategies at their level, the sooner your services will become available for legitimate users.
Consider also establishing relationships with companies that offer DDoS mitigation services.
If you are experiencing a DDoS attack, provide the attacking IP addresses to your upstream network service provider so they can implement restrictions at their level.
![Page 22: Statewide Cyber Trends - North Carolina · 2018. 6. 19. · 3 Phishing 8/17/2015 Information Technology •I titled this part phishing but Social Engineering is a better term. •From](https://reader034.vdocuments.net/reader034/viewer/2022052106/60417255bba94433770da47c/html5/thumbnails/22.jpg)
22
Questions?