ciso s guide to shutting down attacks using the dark web
play

CISOs Guide To Shutting Down Attacks Using The Dark Web Agenda The - PowerPoint PPT Presentation

Nov 12, 2022 •373 likes •800 views

CISOs Guide To Shutting Down Attacks Using The Dark Web Agenda The Dark Web: Whats At Stake Gain Visibility, Take Control Leveraging Splunk & Phantom Key Recommendations Agenda The Dark Web: Whats At Stake Gain

  1. CISO’s Guide To Shutting Down Attacks Using The Dark Web

  2. Agenda – The Dark Web: What’s At Stake – Gain Visibility, Take Control – Leveraging Splunk & Phantom – Key Recommendations

  3. Agenda – The Dark Web: What’s At Stake Gain Visibility, Take Control – Leveraging Splunk & Phantom – Key Recommendations –

  4. What Do We Know About The Dark Web?

  5. The Clear, Deep, and Dark Web Clear Web – Search engines – Media, blogs, etc. Deep Web – Unindexed by search engines – Webmail, online banking, corporate intranets, walled gardens, etc. Dark Web – Anonymous, closed sources, Telegram groups, invite-only (sometimes) – Tor, P2P, hacker forums, criminal marketplaces, C2s, etc.

  6. How Tor Works Black market + + + 2 4 1 + Cyber- crime 3 forum User’s TOR client picks a random path to destination server. RED links are encrypted BLUE links are in the clear.

  7. Tor Usage Statistics Source: The Tor project – https://metrics.torproject.org/

  8. Tor Usage Statistics Source: The Tor project – https://metrics.torproject.org/

  9. Tor Usage Statistics

  10. The User Experience Can Match Legitimate Sites

  11. Even Farmers Turn To The Dark Web

  12. Threats are mounting 278% Products for sale on black markets 297% Phishing websites 171% Compromised employee credentials 149% Stolen credit cards for sale on dark web

  13. Agenda The Dark Web: What’s At Stake – – Gain Visibility, Take Control Leveraging Splunk & Phantom – Key Recommendations –

  14. Our attack surface keeps growing IT

  15. Our attack surface keeps growing Shadow IT

  16. Our attack surface keeps growing Mobile Shadow IT

  17. Our attack surface keeps growing Social Mobile Shadow IT

  18. Our attack surface keeps growing Web Social Mobile Shadow IT

  19. Our attack surface keeps growing IoT, ?? Web Social Mobile Shadow IT

  20. Our attack surface keeps growing 3 rd parties 3 rd parties IoT, ?? Web Social Mobile Shadow IT

  21. Our attack surface keeps growing 4 th parties 4 th parties 3 rd parties 3 rd parties IoT, ?? Web Social Mobile Shadow IT

  22. Lack Of Visibility , Lack Of Control

  23. Reduce The “Mean -time-to- Remediate” Unprepared Risk impact Risk Responsive threshold Preventive Potential Emerging Crisis Recovery Event stage

  24. Turning External Data Into External “Intelligence” Intelligence How does it impact my organization? Analysis Information What are the trends and how does it connect? Processing & Organization Data What activity is taking place?

  25. What you’ll uncover: Compromised Credentials Employee credentials Customer logins Bank accounts

  26. What you’ll uncover: Stolen credit & gift cards

  27. What You’ll Uncover: Insider Threats

  28. What External Exposures Are Threats To You? 1) Data leakage: strategic IP, 6) Compromised credentials, customer & employee data, etc. account takeover 2) Malware-as-a-service, software 7) Phishing attacks and domain exploits, phishing kits squatting 3) Stolen and counterfeit products, 8) Insider threats – hiring and gift cards, credit cards coordination 4) Brand attacks: rogue apps, social 9) Third-party and IT vendor risk media weaponization 5) Doxxing and digital extortion, Exec/VIP targeting

  29. Bullet text here – Second level o Third level • Fourth level  Fifth level

  30. Tailor threat intelligence to your business .

  31. Tailor Your Threat Intelligence In Three Phases Analysis Collection Response IOC blocking Social media Algorithms CLEAR App stores Account resets Human Machine DIGITAL analysts Paste sites learning DEEP FOOTPRINT Phishing prevention Leaked DB’s Chat channels DARK Takedowns Threat actor Dark web forums research Black markets Card deactivation

  32. Automate Your Response – Execute takedown processes Social networks – Mobile app stores – Registrars, domain hosting providers – – Streamline card deactivations, password resets, reprovisioning – Automate credential validation checks and protocols – Integrate endpoint, gateway, and perimeter defenses – Prepare digital extortion decision trees, run scenario analyses

  33. Agenda The Dark Web: What’s At Stake – Gain Visibility, Take Control – – Leveraging Splunk & Phantom Key Recommendations –

  34. The Emergence Of Phishing Kits 2) 1) 3) Credential-stealing Website cloned Credentials script run from login collected in bulk page 4) 5) Zip file uploaded New phishing and unpacked for campaign w/ spoofed reuse website

  35. Shutdown Phishing Early In Attack Chain, Pre-Exploit – Monitor suspicious domains before they’re activated. – Automate the takedown process. The Cyber Kill Chain Pre-Compromise Post-Compromise Recon Deliver Control Maintain Weaponize Exploit Execute

  36. Phantom Playbook: Phishing Detect & Respond

  37. Splunk + IntSights For 360 ° Visibility

  38. Agenda The Dark Web: What’s At Stake – Gain Visibility, Take Control – Leveraging Splunk & Phantom – – Key Recommendations

  39. Embedding ETI Into Your Security Program What immediate challenges do we want to solve? ‒ Where are our assets & exposures? What do attackers see? ‒ What can we integrate or automate to improve our ‒ remediation? Internally and externally? How can we leverage threat intelligence in the long-term? ‒ What are expected outcomes in 6 months, 1 year, 3 years? ‒

  40. Recommendations 1) External threat intel improves SecOps – but only if it’s actionable and contextualized to your organization. 2) Define use-cases upfront; start with one or two. 3) Neutralize threats on their territory; mitigate risk pre- exploit.

  41. Thank You! Nick Hayes Get a live demo at Booth #158!

Recommend

Cybercrime and Attacks in in the Dark Sid ide of the Web Dr. Marco Balduzzi * Senior Researcher

Cybercrime and Attacks in in the Dark Sid ide of the Web Dr. Marco Balduzzi * Senior Researcher

Cybercrime and Attacks in in the Dark Sid ide of the Web Dr. Marco Balduzzi * Senior Researcher at Trend Micro http://www.madlab.it @embyte * With the cooperation of Mayra Rosario and Vincenzo Ciancaglini The Dark Ecosystem Dark Nets TOR

966 views • 39 slides
Digital Guardian CISO Mentoring Webinar Series Landing Your First CISO Job 1 About Steve Katz

Digital Guardian CISO Mentoring Webinar Series Landing Your First CISO Job 1 About Steve Katz

Digital Guardian CISO Mentoring Webinar Series Landing Your First CISO Job 1 About Steve Katz Recognized as the Worlds First CISO. Wealth of experience including Citigroup, JP Morgan, Deloitte, and Kaiser Permanente

379 views • 26 slides
Mentoring Webinar Series Stories From the CISO Trenches 1 About Larry Brock Principal at

Mentoring Webinar Series Stories From the CISO Trenches 1 About Larry Brock Principal at

Digital Guardian CISO Mentoring Webinar Series Stories From the CISO Trenches 1 About Larry Brock Principal at Brock Cyber Security Consulting LLC Former Global Chief Information Security Officer (CISO) at DuPont (11 years) Held

532 views • 31 slides
CIO / CISO perspectives Challenges and opportunities Trond Ellefsen Head of IT Statoil

CIO / CISO perspectives Challenges and opportunities Trond Ellefsen Head of IT Statoil

CIO / CISO perspectives Challenges and opportunities Trond Ellefsen Head of IT Statoil Development and Production North America 2012-11-26 CISO keynote 1 Content and perspective 2 Common threats and the new Art of war 3 Weapons of mass

425 views • 18 slides
EVOLUTION OF THE CISO And the Confluence of IT Security & Audit Thomas Borton, MBA, CISA,

EVOLUTION OF THE CISO And the Confluence of IT Security & Audit Thomas Borton, MBA, CISA,

EVOLUTION OF THE CISO And the Confluence of IT Security & Audit Thomas Borton, MBA, CISA, CISM, CRISC, CISSP Director, IT Security & Compliance 13 March 2014 AGENDA 1. Introduction 2. Evolution of the CISO: Past, Present & Future

200 views • 18 slides
A Guide About DDoS Attacks Understanding and anticipating DDoS Guillaume Valadon

A Guide About DDoS Attacks Understanding and anticipating DDoS Guillaume Valadon

A Guide About DDoS Attacks Understanding and anticipating DDoS Guillaume Valadon guillaume.valadon@ssi.gouv.fr RIPE 70 - May, 11 2015 ANSSI - http://www.ssi.gouv.fr/guide-ddos & https://goo.gl/UL8M1 1/12 ANSSI Created on July 7th 2009,

142 views • 12 slides
The Sorcerers Apprenctices Guide to Fault Attacks Hagai Bar-El, Hamid Choukri, David

The Sorcerers Apprenctices Guide to Fault Attacks Hagai Bar-El, Hamid Choukri, David

The Sorcerers Apprenctices Guide to Fault Attacks Hagai Bar-El, Hamid Choukri, David Naccache, Michael Tunstall, Claire Whelan WHAT IS THIS ABOUT? OK, please send Id like to buy I ll send $15 Broken toys are not charged to our

736 views • 54 slides
Shutting Down a Project: A Framework and Lessons Learned March 25, 2020 Webinar Webinar

Shutting Down a Project: A Framework and Lessons Learned March 25, 2020 Webinar Webinar

Shutting Down a Project: A Framework and Lessons Learned March 25, 2020 Webinar Webinar Information Please keep microphones muted Look at Existing Plans Ask questions using the chat box Communicate The webinar is being

367 views • 12 slides
HOMELAND SECURITY: CYBER-SECURITY AT THE LOCAL LEVEL Kirk Bailey, CISSP, CISM CISO, UW Ernie

HOMELAND SECURITY: CYBER-SECURITY AT THE LOCAL LEVEL Kirk Bailey, CISSP, CISM CISO, UW Ernie

HOMELAND SECURITY: CYBER-SECURITY AT THE LOCAL LEVEL Kirk Bailey, CISSP, CISM CISO, UW Ernie Hayden, CISSP CISO, Port of Seattle HOW BIG IS THE JOB? WHAT IS INVOLVED (THE SCOPE OF IT)? WHAT ARE THE TOUGH CHALLENGES? WHAT DOES THE FUTURE

377 views • 36 slides
Alternatives to Dark Energy and Dark Matter and their implications Evidence for Dark Energy and

Alternatives to Dark Energy and Dark Matter and their implications Evidence for Dark Energy and

Alternatives to Dark Energy and Dark Matter and their implications Evidence for Dark Energy and Dark Matter Modified Gravity Models and their observational implications Orfeu Bertolami Instituto Superior Tcnico Departamento de Fsica

610 views • 46 slides
BCNET Shared CISO Wency Lum, Farooq Naiyer and Ivor MacKay Speakers: Wency Lum CIO University

BCNET Shared CISO Wency Lum, Farooq Naiyer and Ivor MacKay Speakers: Wency Lum CIO University

Conference 2018 Conference 2018 BCNET Shared CISO Wency Lum, Farooq Naiyer and Ivor MacKay Speakers: Wency Lum CIO University of Victoria, Chair of the Cybersecurity and Identity Management Services Committee Farooq Naiyer Shared CISO at

458 views • 24 slides
Search for Dark Matter in the Lab. A personal bit of history OR from Dark MatterWhats

Search for Dark Matter in the Lab. A personal bit of history OR from Dark MatterWhats

Search for Dark Matter in the Lab. A personal bit of history OR from Dark MatterWhats that?? to Dark MatterWhat is it?? Transition was not easy Until mid-80s particle physicists never heard of DMand couldnt care less

424 views • 18 slides
Zero Trust & The Flaming Sword of Justice Dave Lewis, Global Advisory CISO September 26th,

Zero Trust & The Flaming Sword of Justice Dave Lewis, Global Advisory CISO September 26th,

Zero Trust & The Flaming Sword of Justice Dave Lewis, Global Advisory CISO September 26th, 2018 Please Allow Me To Introduce Myself.. #WHOAMI Dave Lewis, Global Advisory CISO Castles Dont Scale Dont trust something just because

880 views • 44 slides
Idea: why not directly couple dark energy and dark matter? Ein eqn : G = 8 GT

Idea: why not directly couple dark energy and dark matter? Ein eqn : G = 8 GT

Interacting Dark Energy [Kodama & Sasaki (1985), Wetterich (1995), Amendola (2000) + many others ] Idea: why not directly couple dark energy and dark matter? Ein eqn : G = 8 GT General covariance : G = 0

537 views • 27 slides
Beyond Dark Matter and Dark Energy Sean Carroll Beyond Dark Matter and Dark Energy Sean Carroll,

Beyond Dark Matter and Dark Energy Sean Carroll Beyond Dark Matter and Dark Energy Sean Carroll,

Beyond Dark Matter and Dark Energy Sean Carroll Beyond Dark Matter and Dark Energy Sean Carroll, Caltech 70% dark energy We think that 95% of the universe is dark. But what if gravity is tricking us? 5% ordinary 25% dark matter matter

632 views • 47 slides
Joe Quinn Jobs and Opportunity at Walmart WE ALL HAVE ROLES TO PLAY IN PREPARING THE The retail

Joe Quinn Jobs and Opportunity at Walmart WE ALL HAVE ROLES TO PLAY IN PREPARING THE The retail

Joe Quinn Jobs and Opportunity at Walmart WE ALL HAVE ROLES TO PLAY IN PREPARING THE The retail Apocalypse has descended upon America Thousands of mall-based Thousands of mall-based stores are shutting down stores are shutting down More

375 views • 19 slides
DARK MATTER IN DSPH Paolo Salucci (& G. Gilmore) SISSA (Oxford) Outline of the Review Dark

DARK MATTER IN DSPH Paolo Salucci (& G. Gilmore) SISSA (Oxford) Outline of the Review Dark

DARK MATTER IN DSPH Paolo Salucci (& G. Gilmore) SISSA (Oxford) Outline of the Review Dark Matter is main protagonist in the Universe The concept of Dark Matter in virialized objects Dark Matter in Spirals, Ellipticals, dSphs Dark and

551 views • 28 slides
Your web server has been hacked now what? Archzilon Eshun-Davies (@laudarch)_ CISO/CEO Tactical

Your web server has been hacked now what? Archzilon Eshun-Davies (@laudarch)_ CISO/CEO Tactical

Your web server has been hacked now what? Archzilon Eshun-Davies (@laudarch)_ CISO/CEO Tactical Intelligence Security OWASP Ghana 2019 Who is this talk for? - Individuals, developers and sys admins. Are you sure youve been hacked? Q1:

247 views • 11 slides
Lecture 3 WIMPs as dark matter WIMPs with a new mediating force Dark

Lecture 3 WIMPs as dark matter WIMPs with a new mediating force Dark

Lecture 3 WIMPs as dark matter WIMPs with a new mediating force Dark photon as a mediator of a dark force Chasing anomalies with light new particles: galactic positrons, muon g-2, charge radius problem, etc

616 views • 35 slides
Dark matter and its implications at the LHC Conclusions . Numerical Calculation Motivation MC

Dark matter and its implications at the LHC Conclusions . Numerical Calculation Motivation MC

. . . . . . . . . Dark matter Sep 8, 2012 Dark matter implications at the LHC Zhao-Huan YU (IHEP) Sep 8, 2012 Institute of High Energy Physics, CAS Work in progress with Xiao-Jun BI, Qi-Shu YAN and Peng-Fei YIN Dark matter and its

340 views • 21 slides
NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3

NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3

CMPS122: COMPUTER SECURITY NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3 due tonight NETWORKING ATTACKS LAST TIME TCP/IP networking stack Physical layer Data link layer Network

1.1k views • 61 slides
YOUR COMPLETE YOUR COMPLETE PRESENTATION GUIDE PRESENTATION GUIDE PRESENTATION GUIDE Im so

YOUR COMPLETE YOUR COMPLETE PRESENTATION GUIDE PRESENTATION GUIDE PRESENTATION GUIDE Im so

YOUR COMPLETE YOUR COMPLETE PRESENTATION GUIDE PRESENTATION GUIDE PRESENTATION GUIDE Im so pleased to be sending you this guide! Thanks for helping us to fjnd sponsors for more children by speaking in your church this Mothers Day. By

672 views • 13 slides
Searching for the Dark Matter Wind: a Novel Approach to Dark Matter Detection Jocelyn Monroe, MIT

Searching for the Dark Matter Wind: a Novel Approach to Dark Matter Detection Jocelyn Monroe, MIT

Searching for the Dark Matter Wind: a Novel Approach to Dark Matter Detection Jocelyn Monroe, MIT Imperial College HEP Seminar November 8, 2007 Outline The Dark Matter Wind Dark Matter Search Strategy Directionality Where We Are Now: DMTPC

628 views • 59 slides
STRATEGIES FOR SECURITY: WHEN, WHY, HOW Adam Ely adam@bluebox.com www.bluebox.com @BlueboxSec

STRATEGIES FOR SECURITY: WHEN, WHY, HOW Adam Ely adam@bluebox.com www.bluebox.com @BlueboxSec

STRATEGIES FOR SECURITY: WHEN, WHY, HOW Adam Ely adam@bluebox.com www.bluebox.com @BlueboxSec About ME About ME Experience Co-founder Bluebox Security CISO, Heroku CISO, TiVo Walt Disney . Other nifty stuff Coded

465 views • 21 slides

More recommend