osint the secret weapon in hunting nation state campaigns
play

OSINT: The Secret Weapon in Hunting Nation-State Campaigns - PowerPoint PPT Presentation

Dec 17, 2022 •7 likes •247 views

DETECT . ANALYZE . REMEDIATE OSINT: The Secret Weapon in Hunting Nation-State Campaigns alon@intsights.com Alon Arvatz +972-545444313 1 1 1 What People Think 2 True or False? Threat intelligence Nation-state actors Commercial threat

  1. DETECT . ANALYZE . REMEDIATE OSINT: The Secret Weapon in Hunting Nation-State Campaigns alon@intsights.com Alon Arvatz +972-545444313 1 1

  2. 1 What People Think … 2

  3. True or False? Threat intelligence Nation-state actors Commercial threat intelligence won’t is focused on the just sit in a secured “ reconnaissance ” place collaborating help me against phase over internal nation-state attacks networks 3

  4. 2 Using OSINT to Detect Attacks 4

  5. How Nation-state Cyber Attacks Unfold? The Attack Supply Chain Motive Targeting Development Infrastructure Recon Attack 5

  6. What Does This Mean For You 6

  7. Step 1: Outrun Your Competitor • Don’t outrun the bear, outrun your competitor. • Benchmark your digital footprint. • Benchmark is a crucial security need! 7

  8. Benchmark in the telecom industry Leaked credentials Employees on target lists 1500 40 1452 34 1450 35 1400 30 1350 25 18 1300 20 1248 1250 15 1200 10 1150 5 1100 0 Telecom1 Telecom2 Telecom1 Telecom2 8

  9. Nation-State Attacks Motivations Damage Support for Intelligence Profit (??) Other Efforts 9

  10. Step 2 : Get Into The Attacker ’ s Shoes • How does your attacker see you? • What is your digital footprint? • 2 steps: Monitor your digital foot print. • Clean your digital footprint. • 10

  11. Exploitable Data 11

  12. Exploitable Data 12

  13. Clean Your Digital Footprint 13

  14. Step 3: Monitor The Dark Web Clear Web • What is the Dark Web? Deep Web • Hackers #1 interest – Anonymity. Dark Web 14

  15. They Are On The Dark Web! What are they doing on the Dark Web? • Recruiting/Hiring. • 0days. • Staying up-to-date. *OpCleaver, Cylance 15

  16. Recruiting *APT1, Exposing one of China ’ s Cyber Espionage Units, Mandiant 16

  17. Outsourcing *Exposed by Noam Jolles, Diskin Advanced Technologies 17

  18. How Can They Be Detected? Nation State Actors on the Dark • Web • Very few posts. • Very laconic. • Don ’ t contribute. • Looking for 0days. • Unlimited budget. 18

  19. How Can They Be Detected? 19

  20. Step 4 : Weapon Deployment • States collaborate on closed networks but organizations are on the surface. • In order to attack, states have to reach the surface, and that leaves them exposed. TI can help detect: • Phishing attacks - fake domain registration. • Malicious mobile applications • Fake social media profiles 20

  21. Fake Social Media Profiles 21

  22. How Nation-state Cyber Attacks Unfold? The Attack Supply Chain Motive Targeting Development Infrastructure Recon Attack Phishing domains Exploitable Data Benchmark Dark Web monitoring Malicious mobile apps Data Leakage Exploitable Data Fake social media profiles Data Leakage 22

  23. Conclusion: OSINT Is Critical Operational Eliminates Enable Blind Spots Efficiency Proactive Security 1. Optimized risk picture with an 1. Connect external threats with your 1. Actionable visibility aggregated and coordinated view enterprise before they attack. 2. Automate remediation for internal across internal and external threats. 2. Capture early warning signals. and external systems 2. Context to effectively scope alerts 3. Metrics and visibility showcasing or gauge the severity of a threat. security’s impact. 23

  24. Thank You alon@intsights.com Alon Arvatz +972-545444313 1 24

Recommend

The Secret Weapons of the AOL Optimization Team Dave Artz Secret Weapon #1: Apache Mods 4

The Secret Weapons of the AOL Optimization Team Dave Artz Secret Weapon #1: Apache Mods 4

The Secret Weapons of the AOL Optimization Team Dave Artz Secret Weapon #1: Apache Mods 4 sec. 2.5 sec. modconcat http://code.google.com/p/modconcat/ Once installed, lets you reference any CSS or JS file on your server like this:

826 views • 44 slides
OSINT OPEN-SOURCE INTELLIGENCE OSINT Offensive OSINT * 1 Whoami Adam Nurudini CEH, ITIL

OSINT OPEN-SOURCE INTELLIGENCE OSINT Offensive OSINT * 1 Whoami Adam Nurudini CEH, ITIL

OSINT OPEN-SOURCE INTELLIGENCE OSINT Offensive OSINT * 1 Whoami Adam Nurudini CEH, ITIL V3, CCNA, CCNP, CASP, PCI-DSS, BSC-IT Lead Security Researcher @ Netwatch Technologies Project Consultant, Information Security Architects Ltd

454 views • 17 slides
Your Secret Weapon is in the Oven. A unique program for people, not algorithms { Creating

Your Secret Weapon is in the Oven. A unique program for people, not algorithms { Creating

BAKE ME A WISH! NEW YORK Your Secret Weapon is in the Oven. A unique program for people, not algorithms { Creating authentic customer and employee relationships with your brand } Cut through the noise { make it personal } These days, it

318 views • 9 slides
Silicon Valleys Secret Weapon The SHAdow History of BurnE RS by Steve Ou*rim ALL INFORMATION

Silicon Valleys Secret Weapon The SHAdow History of BurnE RS by Steve Ou*rim ALL INFORMATION

Silicon Valleys Secret Weapon The SHAdow History of BurnE RS by Steve Ou*rim ALL INFORMATION GATHERED FROM OPEN SOURCE INTELLIGENCE Images used with permission, under Creative Commons license, or under non-commercial Fair Use Part 3

239 views • 22 slides
CONSTRAINTS A DEVELOPER'S SECRET WEAPON PG Day Paris 2018-03-15 WILL LEINWEBER @LEINWEBER

CONSTRAINTS A DEVELOPER'S SECRET WEAPON PG Day Paris 2018-03-15 WILL LEINWEBER @LEINWEBER

CONSTRAINTS A DEVELOPER'S SECRET WEAPON PG Day Paris 2018-03-15 WILL LEINWEBER @LEINWEBER CITUSDATA.COM INTRO Will Leinweber @leinweber CONSTRAINTS maybe not the most exciting topic just want DB to safely store&retrieve data stern

720 views • 57 slides
A Secret Weapon of WWII USS Langley (CV-1) 1922 SS l (C 1) 1922 USS Lexington (CV-2)

A Secret Weapon of WWII USS Langley (CV-1) 1922 SS l (C 1) 1922 USS Lexington (CV-2)

1 A Secret Weapon of WWII USS Langley (CV-1) 1922 SS l (C 1) 1922 USS Lexington (CV-2) and USS Saratoga (CV-3) 1928 USS Ranger (CV-4) 1934 g ( ) USS Yorktown (CV-5) 1938 USS Enterprise (CV-6) 1938 USS Wasp (CV-7) 1938

707 views • 31 slides
The Power Of ANALYTICS: HRs SECRET WEAPON Steve VanWieren Principal Statistician / Data

The Power Of ANALYTICS: HRs SECRET WEAPON Steve VanWieren Principal Statistician / Data

The Power Of ANALYTICS: HRs SECRET WEAPON Steve VanWieren Principal Statistician / Data Scientist October 16, 2013 Agenda Big Data in HR A case study Workforce trends What is big data? V olume The Big Data Revolution

727 views • 40 slides
CLICKHOUSE MATERIALIZED VIEWS A SECRET WEAPON FOR HIGH PERFORMANCE ANALYTICS Robert Hodges --

CLICKHOUSE MATERIALIZED VIEWS A SECRET WEAPON FOR HIGH PERFORMANCE ANALYTICS Robert Hodges --

CLICKHOUSE MATERIALIZED VIEWS A SECRET WEAPON FOR HIGH PERFORMANCE ANALYTICS Robert Hodges -- Percona Live 2018 Amsterdam Introduction to Presenter Robert Hodges - Altinity CEO www.altinity.com 30+ years on DBMS plus Leading software and

683 views • 23 slides
Data: The (Not-So-Secret) Weapon for Mobile Success Suhail Doshi co-founder & CEO,

Data: The (Not-So-Secret) Weapon for Mobile Success Suhail Doshi co-founder & CEO,

Data: The (Not-So-Secret) Weapon for Mobile Success Suhail Doshi co-founder & CEO, Mixpanel Aliisa Rosenthal growth manager, Mixpanel Sept 26, 2013 Tuesday, November 12, 2013 Big data, small data... its just data. Nov 5, 2013

612 views • 17 slides
Pair and Mob Programming Secret weapon for agile and continuous software development Thomas Much

Pair and Mob Programming Secret weapon for agile and continuous software development Thomas Much

Pair and Mob Programming Secret weapon for agile and continuous software development Thomas Much @thmuch #JAXLondon About @thmuch Thomas Much #JAXLondon Freelancer, Hamburg Agile Developer Coach Software Developer (Java et al.)

1.12k views • 75 slides
Italys Surveillance Toolbox Riccardo Coluccini @ORARiccardo 34C3 27th-30th December

Italys Surveillance Toolbox Riccardo Coluccini @ORARiccardo 34C3 27th-30th December

Italys Surveillance Toolbox Riccardo Coluccini @ORARiccardo 34C3 27th-30th December 2017 OSINT OSINT Google Search VAT numbers OSINT Payments by Ministry of Interior due to transparency law n33/2013 OSINT Google

399 views • 36 slides
Hunting Manufactures and distributes products that enable the extraction of oil and gas Hunting

Hunting Manufactures and distributes products that enable the extraction of oil and gas Hunting

Hunting Manufactures and distributes products that enable the extraction of oil and gas Hunting PLC Global Footprint 2 2009 Corporate Highlights Completed three acquisitions 47.3m Sale of Hunting Energy France 11.1m Year end

857 views • 37 slides
Sourcing meets OSINT 3rd of March 2020 // ERA webinar // www.theera.org by Gordon Lokenberg

Sourcing meets OSINT 3rd of March 2020 // ERA webinar // www.theera.org by Gordon Lokenberg

Sourcing meets OSINT 3rd of March 2020 // ERA webinar // www.theera.org by Gordon Lokenberg What is OSINT? Used by Law Enforcement Used by the ARMY Used by Private Investigators Used by Sourcers MAINLY ONLINE, mainly

610 views • 14 slides
Tear Gas is a Chemical Weapon: The Toxicology of State Violence Kimberly K. Garrett, MPH

Tear Gas is a Chemical Weapon: The Toxicology of State Violence Kimberly K. Garrett, MPH

Tear Gas is a Chemical Weapon: The Toxicology of State Violence Kimberly K. Garrett, MPH University of Pittsburgh Graduate Student Organizing Committee STEM & Society Lecture Series 21 October 2020 1 About Me Kim (She/Her)

750 views • 24 slides
Waterfowl Hunting for Beginners by John Martsh R-3 Program Manager Hunting Techniques: Spot and

Waterfowl Hunting for Beginners by John Martsh R-3 Program Manager Hunting Techniques: Spot and

Waterfowl Hunting for Beginners by John Martsh R-3 Program Manager Hunting Techniques: Spot and Stalk Hunting Techniques: Decoying Hunting Techniques: Pass Shooting Gauge Sizes Choke extracted from muzzle Choke lengths and wall diameters

783 views • 29 slides
CityFIRST Financing Initiative for Renewable and Solar Technology ECN * May 26, 2009 Our Secret

CityFIRST Financing Initiative for Renewable and Solar Technology ECN * May 26, 2009 Our Secret

CityFIRST Financing Initiative for Renewable and Solar Technology ECN * May 26, 2009 Our Secret Weapon p Almost 40 percent of abatement [targets for 2030] could be achieved at negative marginal costs. Unlocking the negative hi d i i

276 views • 11 slides
COMPREHENSIVE CAMPAIGNS 9:00 a.m. 10:15 a.m. Comprehensive Campaigns Preparing for Success

COMPREHENSIVE CAMPAIGNS 9:00 a.m. 10:15 a.m. Comprehensive Campaigns Preparing for Success

COMPREHENSIVE CAMPAIGNS 9:00 a.m. 10:15 a.m. Comprehensive Campaigns Preparing for Success The Rome Group Ellen Howe, Managing Director Ashley Holmes, Senior Consultant Lyric Opera of Chicago Elizabeth Hurley, Chief Development Officer

261 views • 24 slides
The State: Militarism, National Security, Imperialism Lecture points: Nation and State under

The State: Militarism, National Security, Imperialism Lecture points: Nation and State under

Session 9 The State: Militarism, National Security, Imperialism Lecture points: Nation and State under Security The State of Siege Politics as Force War is the New Nation The Absolute Security Agenda Reordering

377 views • 8 slides
STATE OF THE NATION PENSION CHALLENGES AND OPPORTUNITIES IN 2017 This is for financial adviser

STATE OF THE NATION PENSION CHALLENGES AND OPPORTUNITIES IN 2017 This is for financial adviser

STATE OF THE NATION PENSION CHALLENGES AND OPPORTUNITIES IN 2017 This is for financial adviser use only and shouldnt be relied upon by any other person. STATE OF THE NATION AGENDA State pensions Pension freedoms Automatic

724 views • 37 slides
Secret Sharing and Visual Cryptography Outline Secret Sharing Visual Secret Sharing

Secret Sharing and Visual Cryptography Outline Secret Sharing Visual Secret Sharing

Secret Sharing and Visual Cryptography Outline Secret Sharing Visual Secret Sharing Constructions Moir Cryptography Issues Secret Sharing Secret Sharing Threshold Secret Sharing (Shamir, Blakely 1979) Motivation

1.32k views • 62 slides
OSINT tools for security auditing Open Source Intelligence with python tools Jos Manuel Ortega

OSINT tools for security auditing Open Source Intelligence with python tools Jos Manuel Ortega

OSINT tools for security auditing Open Source Intelligence with python tools Jos Manuel Ortega @jmortegac http://jmortega.github.io https://github.com/jmortega/osint_tools_security_auditing Agenda OSINT introduction Server

743 views • 62 slides
CS 166: Information Security Secret Sharing, Random Numbers, and Information Hiding Prof. Tom

CS 166: Information Security Secret Sharing, Random Numbers, and Information Hiding Prof. Tom

CS 166: Information Security Secret Sharing, Random Numbers, and Information Hiding Prof. Tom Austin San Jos State University Secret Sharing: Motivation Goal: make secret available, but make it hard to peek. Divide secret among

731 views • 48 slides
VICTORIA'S SECRET THE WORLD'S BEST BRAS OVERVIEW Victoria's Secret Victoria's PINK Secret

VICTORIA'S SECRET THE WORLD'S BEST BRAS OVERVIEW Victoria's Secret Victoria's PINK Secret

NEW YORK LONDON SHANGHAI VICTORIA'S SECRET THE WORLD'S BEST BRAS OVERVIEW Victoria's Secret Victoria's PINK Secret Sport WE ARE MISSION VISION VALUES 8.1% GROWTH BY 2022 3BN DOMESTIC VALUE STATS WE OFFER LINGERIE PANTIES

340 views • 30 slides
What The HELK? Enabling Graph Analytics for Effective Threat Hunting HELK THP OSSEM Agenda

What The HELK? Enabling Graph Analytics for Effective Threat Hunting HELK THP OSSEM Agenda

What The HELK? Enabling Graph Analytics for Effective Threat Hunting HELK THP OSSEM Agenda Effective Threat Hunting? Current state of threat hunting programs Graph Theory Definition Origins Types Graph

1.69k views • 75 slides

More recommend