SlideShare a Scribd company logo

CyberID-Sleuth

B
btr-security

This document contains information from Data Security Compliance Advisors on data breaches and identity theft. It provides examples of stolen credentials and how they can be used to build profiles of individuals. It also discusses common causes and vectors of attacks, such as employees and third-party vendors. Case studies on Target and Stratfor data breaches are presented to illustrate how stolen credentials obtained through phishing can lead to large-scale compromises of personal information.

Business
Related topics:
Dark Web OverviewData Breach Insights
1 of 25
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com
Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com
Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com A DATA BREACH of “PII” IS DEFINED AS A FIRST NAME, FIRST INITIAL OR LAST NAME PLUS: A Social Security Number A Driver’s License Number or State-Issued ID Number An Account Number, Credit Card Number or Debit Card Number Combined with any Security Code, Access Code, PIN or Password
Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com A DATA BREACH IS DEFINED AS ANY INTURDER TO YOUR ENTERPRISE Your Trade Secrets Access To Your Servers By a “Hactivism” Criminal Whatever Is Important To Your Enterprise
Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com When a hacker gets anyone’s credentials, it is easy for them to build a profile of the individual to gain even more information from social media sites. From there they can “spearPhish” more information from the victim OR THEIR CONTACTS! Examples of profile building follow:
Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com LOST CREDENTIALS PUT YOU UNDER ATTACK Name: Lucas Newman Extraction Date: 12/30/20XX Email: lnewman@firstrepublic.com Hometown: Portland, Oregon Hashed Password: 16b90b178faff0e3e2f92ec647b50b11 Occupation: Managing Director and Portfolio Manager Extraction Type: Hack Source:
Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com Name: Robyn Mondin Extraction Date: 12/30/20XX Email: robyn.mondin@firstcitizens.com Hometown: Asheville, North Carolina Clear Password: 36f76603a2212c7fc6ff4fb8ec77a64c Occupation: Mortgage Banker Extraction Type: Hack Source:
Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com EVERY EMPLOYEE, PARTNER, AND SYSTEM IS A WEAK LINK Name: Pat Grundish Extraction Date: 8/13/20XX Email: pat.grundish@53.com Hometown: Englewood, Ohio Clear Password: p_grundish Occupation: Mortgage Loan Officer Extraction Type: Hack Source: Name: Mandy Knerr Extraction Date: 8/13/20XX Email: mandy.knerr@53.com Hometown: Huber Heights, Ohio Clear Password: m_knerr Occupation: Sr. Marketplace Loan Officer Extraction Type: Hack Source:
Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com MULTIPLE VECTORS OF ATTACK RESULT IN BREACHES Data Breaches Point of Sale Systems Email Web Mobile Lost/ Stolen Device FTP Cloud Services Employees Hacking Social Media
Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com THREE PRIMARY CAUSES DRIVE DATA BREACHES Data Breaches Monetization Negligence Ego
Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com IT Administrators harden their networks by building walls with Anti-Virus software to keep out the bad guys The Result is that Anti-Virus software can’t keep up and the bad guys are already inside your walls Malware 76,000 new malware strains are released into the wild every day Credentials 73% of online banking users reuse their passwords for non-financial websites PROVIDING VISIBILITY BEYOND THE IT WALLS
Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com THE PROBLEM YOU DIDN’T KNOW YOU HAVE IT Administrators harden their networks by building walls with Anti-Virus software to keep out the bad guys The Result is that Anti-Virus software can’t keep up and the bad guys are already inside your walls The Problem is that 76,000 new malware strains are released into the wild every day The Problem is that 73% of online banking users reuse their passwords for non-financial websites
Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com
Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com ANATOMY OF A SPEARPHISHING ATTACK Target Victim 1 Install Malware 2 Access Network 3 Collect & Transmit Data 4 Breach Event 5
Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com THE LONG-TERM EFFECTS OF THE STRATFOR BREACH 2005 •An employee of a Kansas City investment bank registers for the free Stratfor newsletter December 2011 •Stratfor becomes aware of its breach January 2012 Stratfor initiates a massive breach response, including removing all related data from the Web February 2013 •A hactivist group identifies the credential/password combo that still accesses investment bank’s webmail February 2013 •Hacktivist group publishes investment bank’s client information on the company’s home page It took nearly eight years to feel the full effect of a duplicate password. Over 300,000 individuals had their personal information leaked, such as credit card numbers, addresses, phone numbers, and more. Employee used same password to access the Stratfor newsletter as his password to corporate webmail account.
Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com CASE STUDY: Target Corporation Nov. 27 – Dec. 15 2013 •Hacker execute extended attach against Target’s point-of-sale system Dec. 18, 2013 •News of the breach is reported by data and security blog KrebsOnSecurity Dec. 20, 2013 •Target acknowledges the breach, saying it is under investigation Dec. 21, 2013 •JP Morgan announces it is placing daily spending caps on affected customer debit cards Dec. 22, 2013 •Customer traffic drops over the holiday season, resulting in a 3-4% drop in customer transactions Jan. 10, 2014 •Target lowers its fourth- quarter financial projections, saying sales were “meaningfully weaker-than-expected” Current estimates of the total financial impact to Target is $200 million Target provided affected individuals with 12 months of identity theft protection and insurance coverage 110M user accounts compromised , exposing credit and debit card numbers, CVN numbers, names, home addresses, e- mail addresses and or phone numbers
Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com “Ongoing forensic investigation has indicated that the intruder stole a vendor's credentials which were used to access our system.” Molly Snyder, Target Corporation January 2014
Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com Email Attack on Vendor Set Up Breach at Target* * Source: http://krebsonsecurity.com/ The breach at Target Corp. that exposed credit card and personal data on more than 110 million consumers appears to have begun with a malware- laced email phishing attack sent to employees at an HVAC firm that did business with the nationwide retailer, according to sources close to the investigation. Last week, KrebsOnSecurity reported that investigators believe the source of the Target intrusion traces back to network credentials that Target had issued to Fazio Mechanical, a heating, air conditioning and refrigeration firm in Sharpsburg, Pa.
Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com THE PROFILE OF AN ATTACKER The malware used to hack Target’s POS system was written by a Ukrainian teen •Andrey Hodirevski from southwest Ukraine is alleged to have carried out the attack from his home •The card details were sold through his own forum as well as other communities • investigated the breach when it occurred and was able to verify various discussions and identifiers pointing to this suspect
Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com CyberID-Sleuth™ IDENTIFIES PROVIDES EARLY WARNING AT TWO POINTS CyberID-Sleuth™ scours botnets, criminal chat rooms, blogs, websites and bulletin boards, Peer-to-Peer networks, forums, private networks, and other black market sites 24/7, 365 days a year CyberID-Sleuth™ harvests 1.4 million compromised credentials per month Dark Web CyberID-Sleuth™ identifies your data as it accesses criminal command-and- control servers from multiple geographies that national IP addresses cannot access CyberID-Sleuth™ harvests 7 million compromised IP addresses every two weeks
Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com CyberID-Sleuth™ Credential Monitoring * * Allow us to run your IP Address through our system too Tier I
Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com CyberID-Sleuth™ PROVIDES MORE THAN AUTOMATED ALERTS Credential Monitoring Identifying email addresses from a corporate domain that have been hacked, phished, or breached IP Address Scanning Identifying devices in a corporate network connected to a known malware command and control server Doxing awareness and hacktivist activity monitoring Locating the individuals and exchanges involved in intellectual property theft Hacks, exploits against networks, glitches, leaks, phishing/keylogging monitoring Identification of communities targeting brands, networks or IP addresses Identification of intellectual property distribution Identification of individuals posing a risk to any IP address Tier II Tier I
Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com Tier I Tier II
Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com THE COSTS OF A DATA BREACH ARE VARIED Detection or Discovery—”Activities that enable a company to reasonably detect the breach of personal data either at risk (in storage) or in motion” Escalation—”Activities necessary to report the breach of protected information to appropriate personnel within a specified time period.” Notification—physical mail, e-mail, general notice, telephone Victim Assistance—card replacement, credit monitoring offer, identity theft protection offer, access to customer service representatives Churn of existing customers / personnel Future Diminished Acquisition of customers or employees
Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com It’s time for you to know what the bad guys know

More Related Content

PPTX
Cyber ID Sleuth Data Security Forensics
btr-security
 
PPTX
Target data breach presentation
Sreejith Nair
 
PDF
Ce hv8 module 19 cryptography
Mehrdad Jingoism
 
ODP
Critical Controls Might Have Prevented the Target Breach
2nd Sight Lab
 
PDF
Target Breach Analysis
Tal Be'ery
 
PPTX
Anatomy of a spear phishing attack
Mark Mair
 
PPT
Identity Theft nigerian fraud cross border fraud
Matt Smith
 
PPT
June NOW 2014
Louis Smith
 
Cyber ID Sleuth Data Security Forensics
btr-security
 
Target data breach presentation
Sreejith Nair
 
Ce hv8 module 19 cryptography
Mehrdad Jingoism
 
Critical Controls Might Have Prevented the Target Breach
2nd Sight Lab
 
Target Breach Analysis
Tal Be'ery
 
Anatomy of a spear phishing attack
Mark Mair
 
Identity Theft nigerian fraud cross border fraud
Matt Smith
 
June NOW 2014
Louis Smith
 

What's hot (20)

PPTX
What i learned at the infosecurity isaca north america expo and conference 2019
Ulf Mattsson
 
PPTX
Hacking presentation
Ajith Reddy
 
PDF
Verizon 2014 data breach investigation report and the target breach
Ulf Mattsson
 
PDF
Business Fraud and Cybersecurity Best Practices in the Office or While Worki...
ArielMcCurdy
 
PPTX
Data protection on premises, and in public and private clouds
Ulf Mattsson
 
PPTX
What Cybercriminals Want: Company Data – by United Security Providers
United Security Providers AG
 
PDF
The good, the bad and the ugly of the target data breach
Ulf Mattsson
 
PDF
The Cost Of Hacking
bluecoatss
 
PDF
2017 Phishing Trends & Intelligence Report: Hacking the Human
PhishLabs
 
PPTX
How I'd hack into your business and how you can stop me!
AVG Technologies AU
 
PDF
Data Breach Detection: Are you ready for GDPR?
Digital Transformation EXPO Event Series
 
PDF
MMV Webinar 2. GDPR Insights. January 2018
Match-Maker Ventures
 
PPTX
Next generation data protection and security for oracle users - gdpr blockc...
Ulf Mattsson
 
PPTX
Data breach
srushtikadu1
 
PDF
Protection on cyber fraud
BUSINESS SOFTWARES & SOLUTIONS
 
PPT
Recent PCI Hacks
Muhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
 
PPTX
Application security meetup data privacy_27052021
lior mazor
 
PPTX
Unveiling the dark web. The importance of your cybersecurity posture
Lourdes Paloma Gimenez
 
PPT
Identity Theft business
Matt Smith
 
PDF
Asto card into
IB Kang
 
What i learned at the infosecurity isaca north america expo and conference 2019
Ulf Mattsson
 
Hacking presentation
Ajith Reddy
 
Verizon 2014 data breach investigation report and the target breach
Ulf Mattsson
 
Business Fraud and Cybersecurity Best Practices in the Office or While Worki...
ArielMcCurdy
 
Data protection on premises, and in public and private clouds
Ulf Mattsson
 
What Cybercriminals Want: Company Data – by United Security Providers
United Security Providers AG
 
The good, the bad and the ugly of the target data breach
Ulf Mattsson
 
The Cost Of Hacking
bluecoatss
 
2017 Phishing Trends & Intelligence Report: Hacking the Human
PhishLabs
 
How I'd hack into your business and how you can stop me!
AVG Technologies AU
 
Data Breach Detection: Are you ready for GDPR?
Digital Transformation EXPO Event Series
 
MMV Webinar 2. GDPR Insights. January 2018
Match-Maker Ventures
 
Next generation data protection and security for oracle users - gdpr blockc...
Ulf Mattsson
 
Data breach
srushtikadu1
 
Protection on cyber fraud
BUSINESS SOFTWARES & SOLUTIONS
 
Recent PCI Hacks
Muhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
 
Application security meetup data privacy_27052021
lior mazor
 
Unveiling the dark web. The importance of your cybersecurity posture
Lourdes Paloma Gimenez
 
Identity Theft business
Matt Smith
 
Asto card into
IB Kang
 
Ad

Viewers also liked (20)

PDF
Consultorias en Seguridad Integral
Armando Solórzano
 
PDF
Paco guzmán.
José María
 
PDF
Educational Prospectus 2011
Marinus Bell
 
PPTX
LinkedIn for Mergers and Acquisitions
Grand Valley State University
 
DOCX
Shankar kandavel resume new
kandavel shankar
 
PPTX
Presentacion nb21 sinvideo
María Ameijeiras
 
PDF
How to De-Risk the Creation and Moderation of User-Generated Content
Cognizant
 
PPTX
empresa creada para la materia de p. organizacional
liz lopez
 
PDF
AAA CTLA 2009 IFRS Panel Presentation in New York
Tschakert
 
PPTX
Web Engineering - Web Application Testing
Nosheen Qamar
 
PDF
169 coral
maría Isabel
 
PDF
Imaginea - SugarCRM iPhone App - User Guide
Imaginea
 
PDF
Gianluca Diegoli [mini]marketing 91 tesi per un marketing diverso
Gianluca Diegoli
 
PDF
Tecfluid Perfil de Empresa
TECFLUID S.A.
 
PPTX
2015 SBDC Social Media Seminar (March)
Lydia Snider
 
PPS
Micro autos
Jorge Sarco
 
PDF
Mac OS X
RShankar
 
PDF
Vidapremium Magazine 25
rymdesign
 
PPT
Misra,D.C.(2009) Defining Egovernment MDI, Gurgaon 13.2.2009
Dr D.C. Misra
 
PPT
Artigas 3
lasinia
 
Consultorias en Seguridad Integral
Armando Solórzano
 
Paco guzmán.
José María
 
Educational Prospectus 2011
Marinus Bell
 
LinkedIn for Mergers and Acquisitions
Grand Valley State University
 
Shankar kandavel resume new
kandavel shankar
 
Presentacion nb21 sinvideo
María Ameijeiras
 
How to De-Risk the Creation and Moderation of User-Generated Content
Cognizant
 
empresa creada para la materia de p. organizacional
liz lopez
 
AAA CTLA 2009 IFRS Panel Presentation in New York
Tschakert
 
Web Engineering - Web Application Testing
Nosheen Qamar
 
169 coral
maría Isabel
 
Imaginea - SugarCRM iPhone App - User Guide
Imaginea
 
Gianluca Diegoli [mini]marketing 91 tesi per un marketing diverso
Gianluca Diegoli
 
Tecfluid Perfil de Empresa
TECFLUID S.A.
 
2015 SBDC Social Media Seminar (March)
Lydia Snider
 
Micro autos
Jorge Sarco
 
Mac OS X
RShankar
 
Vidapremium Magazine 25
rymdesign
 
Misra,D.C.(2009) Defining Egovernment MDI, Gurgaon 13.2.2009
Dr D.C. Misra
 
Artigas 3
lasinia
 
Ad

Similar to CyberID-Sleuth (20)

PPTX
Certified Banking TPM - Module 3 powerpoint presentation
trevor501353
 
PPTX
Cyber Frontline - Level 2 - Module 2.pptx
trevor501353
 
PPTX
Certified Banking Security C-Suite - Module 1.pptx
trevor501353
 
PDF
Cybersecurity for Marketing
Alert Logic
 
PDF
Axxera End Point Security Protection
Shawn Crimson
 
PPTX
Cyber Frontline - Level 3 - Module 2.pptx
trevor501353
 
PPT
Security Manager - Slides - Module 6 Powerpoint Presentation
trevor501353
 
PPT
Security Manager - Slides - Module 6 Powerpoint Presentation
trevor501353
 
PPTX
Cyber Frontline - Level 3 - Module 1.pptx
trevor501353
 
PPTX
Updated Cyber Security and Fraud Prevention Tools Tactics
Ben Graybar
 
PPTX
Cyber Frontline - Level 3 - Module 4.pptx
trevor501353
 
PPTX
Baker Tilly Presents: Emerging Trends in Cybersecurity
BakerTillyConsulting
 
PDF
OWASP_Presentation_FINAl. Cybercrime and cyber security awareness
MaherHamza9
 
PPTX
Cyber Frontline - Level 1 - Module 2.pptx
trevor501353
 
PPTX
Protecting Client Data 11.09.11
pdewitte
 
PPT
Cyber-Security: A Shared Responsibility -- November 2013
Amy Purcell
 
PPT
Cyber Facts and Prevention Presentation Gianino
-Gianino Gino Prieto -Dynamic Connector -Insurance Strategist
 
PPTX
Cap Tech Talks Webinar April=l 2020 business email cybersecurity
Bill Gibbs
 
PPTX
Breakfast Briefings - February 2018
PKF Francis Clark
 
PDF
Data Privacy
cliff_rudolph
 
Certified Banking TPM - Module 3 powerpoint presentation
trevor501353
 
Cyber Frontline - Level 2 - Module 2.pptx
trevor501353
 
Certified Banking Security C-Suite - Module 1.pptx
trevor501353
 
Cybersecurity for Marketing
Alert Logic
 
Axxera End Point Security Protection
Shawn Crimson
 
Cyber Frontline - Level 3 - Module 2.pptx
trevor501353
 
Security Manager - Slides - Module 6 Powerpoint Presentation
trevor501353
 
Security Manager - Slides - Module 6 Powerpoint Presentation
trevor501353
 
Cyber Frontline - Level 3 - Module 1.pptx
trevor501353
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Ben Graybar
 
Cyber Frontline - Level 3 - Module 4.pptx
trevor501353
 
Baker Tilly Presents: Emerging Trends in Cybersecurity
BakerTillyConsulting
 
OWASP_Presentation_FINAl. Cybercrime and cyber security awareness
MaherHamza9
 
Cyber Frontline - Level 1 - Module 2.pptx
trevor501353
 
Protecting Client Data 11.09.11
pdewitte
 
Cyber-Security: A Shared Responsibility -- November 2013
Amy Purcell
 
Cyber Facts and Prevention Presentation Gianino
-Gianino Gino Prieto -Dynamic Connector -Insurance Strategist
 
Cap Tech Talks Webinar April=l 2020 business email cybersecurity
Bill Gibbs
 
Breakfast Briefings - February 2018
PKF Francis Clark
 
Data Privacy
cliff_rudolph
 

Recently uploaded (20)

PDF
Laughter Yoga Basic Learning Workshop Manual
yeechensee
 
PDF
Solara Labs: Empowering Health through Innovative Nutraceutical Solutions
The lifescience magaizne
 
PDF
IFRS Notes in your pocket for study all the time
jjj81507
 
PPT
Data mining for business intelligence ch04 sharda
salmaalsaeed3
 
PDF
Nidhal Samdaie CV - International Business Consultant
Nidhal Samdaie
 
PPTX
Board-Reporting-Package-by-Umbrex-5-23-23.pptx
Pars Six Sigma Excellence
 
PDF
MSPs in 10 Words - Created by US MSP Network
Mayur Gudka
 
PDF
Chapter 5_Foreign Exchange Market in .pdf
sophatphoniu
 
PDF
Stem Cell Market Report | Trends, Growth & Forecast 2025-2034
Claight Corporation
 
PDF
Unit 1 Cost Accounting - Cost sheet
MANJU N
 
PPTX
Lecture (1)-Introduction.pptx business communication
HamzaGhani10
 
PDF
Tata consultancy services case study shri Sharda college, basrur
nityanema19
 
PPTX
ICG2025_ICG 6th steering committee 30-8-24.pptx
AtiarRahaman5
 
PDF
kom-180-proposal-for-a-directive-amending-directive-2014-45-eu-and-directive-...
nlusch08
 
PDF
Types of control:Qualitative vs Quantitative
reshmaaslm06
 
PDF
Ôn tập tiếng anh trong kinh doanh nâng cao
thaoonguyenn2311
 
DOCX
Euro SEO Services 1st 3 General Updates.docx
AmirNazir49
 
PDF
Roadmap Map-digital Banking feature MB,IB,AB
Alemayehu
 
PPTX
svnfcksanfskjcsnvvjknsnvsdscnsncxasxa saccacxsax
ergvedfvef sdvsfvdvd
 
PDF
Elevate Cleaning Efficiency Using Tallfly Hair Remover Roller Factory Expertise
farsookmon97766765
 
Laughter Yoga Basic Learning Workshop Manual
yeechensee
 
Solara Labs: Empowering Health through Innovative Nutraceutical Solutions
The lifescience magaizne
 
IFRS Notes in your pocket for study all the time
jjj81507
 
Data mining for business intelligence ch04 sharda
salmaalsaeed3
 
Nidhal Samdaie CV - International Business Consultant
Nidhal Samdaie
 
Board-Reporting-Package-by-Umbrex-5-23-23.pptx
Pars Six Sigma Excellence
 
MSPs in 10 Words - Created by US MSP Network
Mayur Gudka
 
Chapter 5_Foreign Exchange Market in .pdf
sophatphoniu
 
Stem Cell Market Report | Trends, Growth & Forecast 2025-2034
Claight Corporation
 
Unit 1 Cost Accounting - Cost sheet
MANJU N
 
Lecture (1)-Introduction.pptx business communication
HamzaGhani10
 
Tata consultancy services case study shri Sharda college, basrur
nityanema19
 
ICG2025_ICG 6th steering committee 30-8-24.pptx
AtiarRahaman5
 
kom-180-proposal-for-a-directive-amending-directive-2014-45-eu-and-directive-...
nlusch08
 
Types of control:Qualitative vs Quantitative
reshmaaslm06
 
Ôn tập tiếng anh trong kinh doanh nâng cao
thaoonguyenn2311
 
Euro SEO Services 1st 3 General Updates.docx
AmirNazir49
 
Roadmap Map-digital Banking feature MB,IB,AB
Alemayehu
 
svnfcksanfskjcsnvvjknsnvsdscnsncxasxa saccacxsax
ergvedfvef sdvsfvdvd
 
Elevate Cleaning Efficiency Using Tallfly Hair Remover Roller Factory Expertise
farsookmon97766765
 

CyberID-Sleuth

  • 1. Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com
  • 2. Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com
  • 3. Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com A DATA BREACH of “PII” IS DEFINED AS A FIRST NAME, FIRST INITIAL OR LAST NAME PLUS: A Social Security Number A Driver’s License Number or State-Issued ID Number An Account Number, Credit Card Number or Debit Card Number Combined with any Security Code, Access Code, PIN or Password
  • 4. Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com A DATA BREACH IS DEFINED AS ANY INTURDER TO YOUR ENTERPRISE Your Trade Secrets Access To Your Servers By a “Hactivism” Criminal Whatever Is Important To Your Enterprise
  • 5. Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com When a hacker gets anyone’s credentials, it is easy for them to build a profile of the individual to gain even more information from social media sites. From there they can “spearPhish” more information from the victim OR THEIR CONTACTS! Examples of profile building follow:
  • 6. Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com LOST CREDENTIALS PUT YOU UNDER ATTACK Name: Lucas Newman Extraction Date: 12/30/20XX Email: lnewman@firstrepublic.com Hometown: Portland, Oregon Hashed Password: 16b90b178faff0e3e2f92ec647b50b11 Occupation: Managing Director and Portfolio Manager Extraction Type: Hack Source:
  • 7. Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com Name: Robyn Mondin Extraction Date: 12/30/20XX Email: robyn.mondin@firstcitizens.com Hometown: Asheville, North Carolina Clear Password: 36f76603a2212c7fc6ff4fb8ec77a64c Occupation: Mortgage Banker Extraction Type: Hack Source:
  • 8. Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com EVERY EMPLOYEE, PARTNER, AND SYSTEM IS A WEAK LINK Name: Pat Grundish Extraction Date: 8/13/20XX Email: pat.grundish@53.com Hometown: Englewood, Ohio Clear Password: p_grundish Occupation: Mortgage Loan Officer Extraction Type: Hack Source: Name: Mandy Knerr Extraction Date: 8/13/20XX Email: mandy.knerr@53.com Hometown: Huber Heights, Ohio Clear Password: m_knerr Occupation: Sr. Marketplace Loan Officer Extraction Type: Hack Source:
  • 9. Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com MULTIPLE VECTORS OF ATTACK RESULT IN BREACHES Data Breaches Point of Sale Systems Email Web Mobile Lost/ Stolen Device FTP Cloud Services Employees Hacking Social Media
  • 10. Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com THREE PRIMARY CAUSES DRIVE DATA BREACHES Data Breaches Monetization Negligence Ego
  • 11. Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com IT Administrators harden their networks by building walls with Anti-Virus software to keep out the bad guys The Result is that Anti-Virus software can’t keep up and the bad guys are already inside your walls Malware 76,000 new malware strains are released into the wild every day Credentials 73% of online banking users reuse their passwords for non-financial websites PROVIDING VISIBILITY BEYOND THE IT WALLS
  • 12. Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com THE PROBLEM YOU DIDN’T KNOW YOU HAVE IT Administrators harden their networks by building walls with Anti-Virus software to keep out the bad guys The Result is that Anti-Virus software can’t keep up and the bad guys are already inside your walls The Problem is that 76,000 new malware strains are released into the wild every day The Problem is that 73% of online banking users reuse their passwords for non-financial websites
  • 13. Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com
  • 14. Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com ANATOMY OF A SPEARPHISHING ATTACK Target Victim 1 Install Malware 2 Access Network 3 Collect & Transmit Data 4 Breach Event 5
  • 15. Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com THE LONG-TERM EFFECTS OF THE STRATFOR BREACH 2005 •An employee of a Kansas City investment bank registers for the free Stratfor newsletter December 2011 •Stratfor becomes aware of its breach January 2012 Stratfor initiates a massive breach response, including removing all related data from the Web February 2013 •A hactivist group identifies the credential/password combo that still accesses investment bank’s webmail February 2013 •Hacktivist group publishes investment bank’s client information on the company’s home page It took nearly eight years to feel the full effect of a duplicate password. Over 300,000 individuals had their personal information leaked, such as credit card numbers, addresses, phone numbers, and more. Employee used same password to access the Stratfor newsletter as his password to corporate webmail account.
  • 16. Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com CASE STUDY: Target Corporation Nov. 27 – Dec. 15 2013 •Hacker execute extended attach against Target’s point-of-sale system Dec. 18, 2013 •News of the breach is reported by data and security blog KrebsOnSecurity Dec. 20, 2013 •Target acknowledges the breach, saying it is under investigation Dec. 21, 2013 •JP Morgan announces it is placing daily spending caps on affected customer debit cards Dec. 22, 2013 •Customer traffic drops over the holiday season, resulting in a 3-4% drop in customer transactions Jan. 10, 2014 •Target lowers its fourth- quarter financial projections, saying sales were “meaningfully weaker-than-expected” Current estimates of the total financial impact to Target is $200 million Target provided affected individuals with 12 months of identity theft protection and insurance coverage 110M user accounts compromised , exposing credit and debit card numbers, CVN numbers, names, home addresses, e- mail addresses and or phone numbers
  • 17. Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com “Ongoing forensic investigation has indicated that the intruder stole a vendor's credentials which were used to access our system.” Molly Snyder, Target Corporation January 2014
  • 18. Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com Email Attack on Vendor Set Up Breach at Target* * Source: http://krebsonsecurity.com/ The breach at Target Corp. that exposed credit card and personal data on more than 110 million consumers appears to have begun with a malware- laced email phishing attack sent to employees at an HVAC firm that did business with the nationwide retailer, according to sources close to the investigation. Last week, KrebsOnSecurity reported that investigators believe the source of the Target intrusion traces back to network credentials that Target had issued to Fazio Mechanical, a heating, air conditioning and refrigeration firm in Sharpsburg, Pa.
  • 19. Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com THE PROFILE OF AN ATTACKER The malware used to hack Target’s POS system was written by a Ukrainian teen •Andrey Hodirevski from southwest Ukraine is alleged to have carried out the attack from his home •The card details were sold through his own forum as well as other communities • investigated the breach when it occurred and was able to verify various discussions and identifiers pointing to this suspect
  • 20. Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com CyberID-Sleuth™ IDENTIFIES PROVIDES EARLY WARNING AT TWO POINTS CyberID-Sleuth™ scours botnets, criminal chat rooms, blogs, websites and bulletin boards, Peer-to-Peer networks, forums, private networks, and other black market sites 24/7, 365 days a year CyberID-Sleuth™ harvests 1.4 million compromised credentials per month Dark Web CyberID-Sleuth™ identifies your data as it accesses criminal command-and- control servers from multiple geographies that national IP addresses cannot access CyberID-Sleuth™ harvests 7 million compromised IP addresses every two weeks
  • 21. Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com CyberID-Sleuth™ Credential Monitoring * * Allow us to run your IP Address through our system too Tier I
  • 22. Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com CyberID-Sleuth™ PROVIDES MORE THAN AUTOMATED ALERTS Credential Monitoring Identifying email addresses from a corporate domain that have been hacked, phished, or breached IP Address Scanning Identifying devices in a corporate network connected to a known malware command and control server Doxing awareness and hacktivist activity monitoring Locating the individuals and exchanges involved in intellectual property theft Hacks, exploits against networks, glitches, leaks, phishing/keylogging monitoring Identification of communities targeting brands, networks or IP addresses Identification of intellectual property distribution Identification of individuals posing a risk to any IP address Tier II Tier I
  • 23. Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com Tier I Tier II
  • 24. Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com THE COSTS OF A DATA BREACH ARE VARIED Detection or Discovery—”Activities that enable a company to reasonably detect the breach of personal data either at risk (in storage) or in motion” Escalation—”Activities necessary to report the breach of protected information to appropriate personnel within a specified time period.” Notification—physical mail, e-mail, general notice, telephone Victim Assistance—card replacement, credit monitoring offer, identity theft protection offer, access to customer service representatives Churn of existing customers / personnel Future Diminished Acquisition of customers or employees
  • 25. Data Security Compliance Advisors Certified Identity Theft Risk Management Specialists 873 East Baltimore Pike #501 Kennett Square, PA 19348 610-444-5295 www.BTR-Security.com It’s time for you to know what the bad guys know