Download presentation
Presentation is loading. Please wait.
Published byEthan Weedon Modified over 10 years ago
1
1 Im a Suit in a Cyber World! 16 Jul 2011
2
2 Employment History Financial Services
3
3 Employment History Financial Services
4
4 Employment History Ski Bum
5
5 Employment History Ski Bum
6
6 Employment History USAF Officer
7
7 Employment History USAF Officer
8
8 Employment History SAIC
9
9 Employment History SAIC Program Manager
10
10 Employment History SAIC Program Manager
11
11 Employment History SAIC Division Manager
12
12 Employment History SAIC Division Manager
13
13 Employment History SAIC Capture Manager
14
14 Employment History SAIC Capture Manager
15
15 Education History King College BA Economics & Business Administration
16
16 Education History King College BA Economics & Business Administration
17
17 Education History Chartered Life Underwriter
18
18 Education History Chartered Life Underwriter
19
19 Education History UMD Europe Bowie State University MS Management Information Systems
20
20 Education History UMD Europe Bowie State University MS Management Information Systems
21
21 Education History PMP
22
22 Education History PMP
23
23 Large Cyber Procurements SAIC Capture Manager
24
24 Large Cyber Procurements > $250,000,000
27
27 Introduction to cybergamut
28
28 History and Why Change In 2008 SAIC established cybernexus – Coming together or nexus of cyber analysts – Central Maryland In 2011 cybernexus renamed cybergamut – Runs the gamut of cyber disciplines – Global organization cybergamut nodes – San Antonio, Texas – Northern Virginia (Tysons Corner and Herndon) – Sioux Falls, South Dakota
29
29 Mission Statement cybergamut is a worldwide community of practice for cyber professionals across industry, academia, and government providing ongoing education, training, and certification opportunities throughout all phases of a cyber professionals career, utilizing traditional methods as well as non-traditional techniques like puzzles, Easter Eggs, and problem solving.
30
30 Easter Eggs
31
31 Easter Eggs (eeggs.com)
32
32 Challenge Cards
33
33 Challenge Coin
34
34 Technical Tuesday What it is – a technical exchange What it is not – A sales presentation – A product endorsement – For discussion of procurements – For discussion of procurement related issues
35
35 PDU and CPE PMI PDUs – PMI Baltimore approved most Technical Tuesday events as eligible for PMI PDUs under Category B, Continuing Education CPEs for CISSP – Self certification Other certifications – What do you need?
36
36 cybergamut Nodes Established node – San Antonio – Northern Virginia (Tysons Corner and Herndon) – Sioux Falls, SD Node requirements (as of now) – Open and accessible to all Industry, academia, and government – Room for at least 20 people Computer, projector, conference phone – Guarantee at least five people in the room In case someone else shows up so theyre not uncomfortable Future nodes - ??? – San Diego, CA – Rome, NY – Atlanta, GA
37
37 Previous Topics Defending a Large Network – Brian Rexroad of AT&T – 2 Dec 2008 DNI Essentials – Paul Schnegelberger of SAIC and John Sanders of Northrop Grumman TASC – Nov/Dec 2008 Digital Forensics – Jim Jaeger of General Dynamics – 13 Jan 2009 Case Studies in Cyber Attacks – Aaron Wilson of SAIC – 13 Jan 2009 Trickler – Greg Virgin of RedJack – 27 Jan 2009 Security Tools – Peiter Mudge Zatko of BBN – 27 Jan 2009 IPv6 – David Harris of SAIC – 10 Feb 2009 Exploitation Prediction – Darryl Ackley of New Mexico Tech – 24 Feb 2009 Analytic and IO Tools – Clift Briscoe and Nat Cooper of Edge – 24 Mar 2009 Distributed Systems Technologies and Internet Intelligence – George Economou of Akamai – 24 Mar 2009 Exploring the Social World of the Russian Hacker Community – Tom Holt of Michigan State University – 10 Mar 2009 Modern Forensic Investigative Techniques – Amber Schroader of Paraben – 10 Mar 2009 Defending Against BGP Man-In-The-Middle Attacks – Earl Zmijewski of Renesys – 14 Apr 2009 Examining the Storm Worm – Nico Lacchini of TDI – 26 May 2009 No-Tech Hacking – Johnny Long – 11 Jun 2009 Dirty Secrets of the Security Industry – Bruce Potter of Ponte Technologies – 14 Jul 2009 Windows Forensic Analysis: Dissecting the Windows Registry – Rob Lee of MANDIANT and the SANS Institute – 18 Aug 2009
38
38 Previous Topics cont. Silence of the RAM – Sean Bodmer of Savid Corporation – 22 Sep 2009 VoIP Security - Attacks, Threats and Countermeasures – Stuart McLeod of Global Knowledge – 3 Nov 2009 A Tale of Two Departments – How Commerce and State Dealt With Chinese Intrusions: Lessons Learned Plus: Security Heroes and the 20 Critical Controls – Alan Paller of the SANS Institute – 9 Mar 2010 Aurora – Aaron Barr of HBGary Federal – 27 Apr 2010 Malware reverse engineering at ITT – Paul Frank of ITT – 25 May 2010 Advanced Cyber Collection Techniques; Extracting and Analyzing Information from the Domain Name System – Tim Cague of The CYAN Group – 10 Aug 2010 The Rise of the Social Web – Aaron Barr of HBGary Federal – 5 Oct 2010 Why Security People S#ck – Gene Bransfield of Tenacity Solutions – 9 Nov 2010 Insider Threat and Real-World Incident Study – Presented by Michael Collins & Greg Virgin of RedJack along with Jim Downey of DISA PEO-MA – 30 Nov 2010 Network Monitoring – Josh Goldfarb of 21st Century Technologies – 4 Jan 2011 Network Device Exploitation with Universal Plug & Play – Terry Dunlap of Tactical Network Solutions – 8 Feb 2011 Deep Packet Inspection for Cybersecurity ASW&R – Jeff Kuhn of Pangia Technologies – 29 Mar 2011 Stuxnet Redux: Malware Attribution & Lessons Learned – Tom Parker of Securicon – 19 Apr 2011 Special Technical Tuesday and renaming – 10 May 2011 APT Intrusion Remediation: The Top Do's and Don'ts – Rob Lee of MANDIANT and The SANS Institute – 24 May 2011 Deep Packet Inspection – Peder Jungck of Cloudshield and SAIC – 28 Jun 2011 Our Security Status is Grim – Brian Snow – 19 Jul 2011
39
39 Upcoming Technical Tuesdays Looking for more speakers and topics such as: – Tor routing – Malware reverse engineering – Cyber situational awareness – Splunk – Cloud computing and cloud forensics – Geolocation of IP addresses and mobile devices – Digital forensics – E-discovery – Attack attribution – Deep packet inspection – Fuzzing – Writing secure code To suggest topics, volunteer to speak, or to receive an invitation, please contact: scott.w.sheldon@saic.com
40
40 Interesting Topics from the Chief 5uits Perspective
41
41 Remember!
42
42 Dash
43
43 Foreign Language 1337 = LEET = short for elite (maybe) – 5uit = Suit Pwn = Own – Your computer has been pwned Teh = the – Accidents become purposeful – This was before spell checkers – hard to do now Texting – LOL – ROFL – - OMG Powerpoint translated : and ) to this
44
44 Different Culture 95% male Black T-shirts Interesting facial hair Body art Add alcohol and mix vigorously Stickers everywhere Lock picking for fun (lock sport) Hackers arent all Bad – I Hack Charities As a 5uit, Im counter-counter-culture
48
48 Bot in a Botnet Whats a Bot and whats a Botnet? – Computers that have been taken over – Used for distribution of Spam and Malware – Used for other nefarious deeds
49
49 Bot in a Botnet Whats a Bot and whats a Botnet? – Computers that have been taken over – Used for distribution of Spam and Malware – Used for other nefarious deeds Does your Mom care?
50
50 Bot in a Botnet Whats a Bot and whats a Botnet? – Computers that have been taken over – Used for distribution of Spam and Malware – Used for other nefarious deeds Does your Mom care? Do you care?
51
Digital Hygiene
52
You cant Patch Stupid!!!
53
You cant Patch Stupid!!! Dont be Stupid
71
Dont use Reply All in a Mail Storm!!!
72
You cant Patch Stupid!!!
73
73 Social Engineering Extremely effective DEFCON Social Engineering Contest – Amazing what people will give away – Help desks were overly helpful
75
Click OK to Continue
76
76 Should I proceed?
77
77 Should I proceed? I did!!!
78
78 Phishing and Spearphishing E-mails and targeted e-mails – Usually with a link – Watch for typos and misspelllings V1AGRA [Insert company name here] has been sold!
79
79 What about this one?
80
80 Corporate Response
81
81 Another One!
82
82 Phishing and Spearphishing E-mails and targeted e-mails – Usually with a link – Watch for typos and misspelllings V1AGRA [Insert company name here] has been sold! DEFCON Skybox Demo – Trend tracking via Twitter – Tracking an individual via Social Media – Tiny urls and Bit.ly
83
83 GPS and other evil devices GPS, iPhones, etc remember everything iPhones sync EVERYTHING with their host Windows 7 Registry saves things a long time Forensics examiners dream Car thieves Go Home – Youre not home and now youre stranded
84
84 Supply Chain Where was your code written? Where was your hardware produced? How did it get to you? Thumb drives Hard drives
85
85 X begets Y begets Z… Needs beget innovation Innovation begets technology Policy and strategy follow – arent necessarily begotten Lack of policy begets ineffective or non-strategy Doctrine is the military word for policy Tactics are the refinement of military strategy difference between responsibility and authority – DHS has responsibilities – DoD has many clearly defined authorities National Cyber Policy is challenging – AFCEA story
86
86 Steganography Stuff hidden in pictures Stuff hidden in other non-obvious places
87
87 Who votes for #1?
88
88 Who votes for #2?
89
89 Who votes for #3?
90
90 Who votes for #4?
91
91 Steganography Lets check your votes...
92
92 #1 Malamute???; not Malware
93
93 #2
94
94 #2 is Malodorous; not Malware
95
95 #3 is Mal-wear; not Malware
96
96 #4 is Malicious; not Malware
97
97 Steganography None of those pictures – I dont think anyway… Very hard to detect in a single picture – Potential detection if you have both pictures 50 KB450 KB
98
98 Other Scary/Cool Concepts Segmented polymorphic malware – Bad stuff that changes its looks, delivered in parts Metamorphic malware – Bad stuff that changes what it does Cloud Computing – distributed virtualization – Which denomination? Hadoop – sons toy elephant – Cloud Security – Cloud Forensics Zero-day – Brand new malware or exploits
99
99 Should I click?
100
100 Social Networking On the Internet, nobody knows youre a dog – New Yorker Magazine, 1993 – Still true today Do you really know who your Friends are? – Would you cross the street to see them in person? – What are you revealing in your posts?
101
101 Fake Profile???
102
102 Social Networking On the Internet, nobody knows youre a dog – New Yorker Magazine, 1993 – Still true today Do you really know who your Friends are? – Would you cross the street to see them in person? – What are you revealing in your posts? My Daddys dating… Twitter – Spontaneous and quick – No filter / no retraction
104
104 Location-based Services Facebook Places and Foursquare Preparation for Travel – Set up light timers – Make your home look lived in Check in at out of state locations Photo metadata Okay for my Friends to know What about Friends of Friends? – What about Mafia Wars Friends of Friends?
105
105 User Names and Passwords Anonymous and LULZ Sony Attacks – 77 million users affected Other large data thefts User Name and Password combinations – How many do you use? – Remember the Bots?!? – This got my attention!
106
106 What do we do? I dont know… I think education helps…
107
107 Cyber Increases Volume Variety Velocity
108
108 Cyber Increases Volume = 111 slides Variety Velocity
109
109 Cyber Increases Volume = 111 slides Variety = 21 topics Velocity
110
110 Cyber Increases Volume = 111 slides Variety = 21 topics Velocity = 1 hour = <33 sec per slide
111
111 Thats all weve got!
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.