IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)

8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)

1/68

Hacking Countermeasures ShortCourse

Part of subject

ITE516: Hacking Countermeasures

Part of the

Master of Information SystemsSecurity

Master of Management (IT)

#StopCyberCrime
https://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrime


2/68

Hacking CountermeasuresWEEK 1

Erdal Ozkaya

[email protected]@csu.edu.au

www.YourC!.com

#S

topCyberCrime
mailto:[email protected]://www.yourmct.com/https://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttp://www.yourmct.com/mailto:[email protected]


3/68

"ason Howarth #CS$


4/68


5/68

arket 'eader( )istance Ed

Source: DEET


6/68

arket leader * &!+ ,-+ )omestic

0100200300400500600 504

377 338 315257

200 182


7/68


8/68

Who am & Master of Information Security, Bachelor of Science in InformationTechnology (B.I.T.), MVP, Microsoft Certied Trainer, IS!"##$ Consultant,Certied %thical &ac'er (C%&), Certied %thical Instructor, is an educator atCharles Sturt niersity.

I am also com*leting my +octor of Philoso*hy (Ph.+.) in IT security andor'ing for -%MP Technologies as egional +irector.

I am a s*ea'er, *roctor for hands/on la0s, and technical e1*ert in

orldide conferences such as Tech%d, &ac'er &alted, MicrosoftManagement Summit, trade shos and in e0casts for Microsoft and %C/Council. %rdal has also deelo*ed and consulted on Microsoft 2cial %1amsand Courses. 3ou can isit his 0log for more information.erdalo5'aya.com
http://www.erdalozkaya.com/http://www.erdalozkaya.com/


9/68

#StopCyberCrime


10/68


11/68


12/68


13/68


14/68


15/68


16/68

Skills Being Measured

What is in this class ?


17/68

Welcome to /Hacking Countermeasures /

6ll hat you need to 'no is here7

htt*

788.itmasters.edu.au8free/short/cour

se/hac'ing/countermeasures8

r#Sto

pCyb

erCrime
http://www.itmasters.edu.au/free-short-course-hacking-countermeasures/http://www.itmasters.edu.au/free-short-course-hacking-countermeasures/https://www.facebook.com/hashtag/stopcybercrimehttp://www.itmasters.edu.au/free-short-course-hacking-countermeasures/http://www.itmasters.edu.au/free-short-course-hacking-countermeasures/https://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttp://www.erdalozkaya.com/http://www.itmasters.edu.au/free-short-course-hacking-countermeasures/http://www.itmasters.edu.au/free-short-course-hacking-countermeasures/http://www.itmasters.edu.au/free-short-course-hacking-countermeasures/http://www.itmasters.edu.au/free-short-course-hacking-countermeasures/


18/68

Our main communication channel

htt*s788learn.itmasters.edu.au


19/68

Hacking CountermeasuresModule $7

Introduction to &ac'ing Countermeasures

'et0s

S!2! 34


20/68

Warning5!his ,resentation Contains Occasional 6ad'anguage 7 Su89ect atter that some ay :nd

)istur8ing and some in%ormation which you should

not use in li;e targets or networks without


21/68

Improvements that Microsoft has mae inthe !ino"s p#atforms have riven $%&'()* to ne" tactics+


22/68

here are t"o t-pes of or.ani/ations+

hose "ho rea#i/e the-ve beenhace+

hose "ho havent -et rea#i/e the-vebeen hace+


23/68

Movin. for"ar, there "i##be t"o t-pes of

or.ani/ations


24/68

hose "ho aapt to themoern threatenvironment+


25/68

hose "ho ont+


26/68


27/68

he threat #anscape is chan.in.rapi#-+$ut this time its not just theattacers rivin. chan.e, its -our

users+


28/68

,012 &isappearin. perimeter,00# &ene environment

Mobi#it- represents the en perimeter basesecurit-+

)our perimeter is fain., ma-be itsa#rea- .one+


29/68

$)& is a top priorit- an one

of the bi..est cha##en.es$ut its not the on#- one"hen it comes to

securit-+


30/68

he improvements that *oft"are 'iantshas mae have riven %689* to ne"tactics+


31/68

%ttacers have set their si.hts onientit- theftan the-re breain. into s-stems as

-ou


32/68

$anin.

*ma##n#ine

$usiness

*ma##n#ine

$usiness

*ma##n#ine

$usiness

*ma##n#ine

$usiness

:75; of users

use the samepass"oron ever- site

%ttacersno" thisan e?p#oitthe

"eaness

%ttacers stea#pass"ors from

sma## on#inebusinessesan use the samepass"or toaccess moreinterestin.accounts


33/68

here is a pro#ic an easi#- accessib#eb#ac maret that faci#itates thebu-in. an se##in.of ientities, creit cars, etc+Persona# information about

-ou can a#most certain#- be

foun there


34/68

%n so "e have a perfect storm+


35/68

6-bercrime costs (* econom- upto @140 bi##ion annua##-, report sa-s

Aos %n.e#es imes B2013C

o" hacers a##e.e#- sto#e Dun#imiteEamounts of cash from bans in just a fe"hours

%rs echnica B2013C

%rs echnica B2013C

(niversities face arisin. barra.e ofc-berattacs

HEADLINES

Ma#"are burro"seep into computer$I* to escape %F

The @egister ASeptember ?911B

9esearchers have iscovere oneof the rst pieces ever use in the"i# that moies the soft"are onthe motherboar of infectecomputers to ensure the infection

cant be easi#- eraicateGHe" )or imes B2013C

6-berattacs on therise a.ainst (*corporations

or.et carjacin.,soon it "i## becarhacin.

The Sydney orning erald A?912B

9isin. c-ber securit- riss torivers as their cars becomeincreasin.#- po"ere b- anconnecte to computers haveprompte the (* auto=safet-

re.u#ator to start a ne" oJcefocusin. on the threatG

8spiona.e ma#"areinfects rafts of.overnments,inustries arounthe "or#

%rs echnica B2013C

6-berspace chan.esthe fo. of "ar

Po#itics+co+u B2013C


36/68

T&!


37/68


38/68

Key ,rinci


39/68

$nderstand 2isk anagement

robbilit

Conseuence

4is'

#StopCyberCrime


40/68

-olden 2ules 9irst 'ey *rinci*le of securityis that no netor' iscom*letely secure :

information security is reallya0out ris' management

The more im*ortant the

asset is and the more it ise1*osed to security threats,the more resources youshould *ut into securing it


41/68

A/S& ?;991"?99:, Clause 2.1B

sset%lements of alue for theorgani5ation


42/68

A/S& ?;991"?99:, Clause 2.1B

&denti:cation o% ssets% possib#e c#assication

Personne#

ar"are *oft"are

r.+ *tructure*ite

#StopCyber

Crime


43/68

!hreat

Potential cause of an unantedincident, hich may result in harmto a system or organi5ation

6rash#StopCyberCrime


44/68

=ulnera8ility

;ea'ness of an asset or grou* of assetsthat can 0e e1*loited 0y one or morethreats

Aoce

A/S& ?;99?"?99:, Clause ?.17B


45/68

A/S& ?;99?"?99:, Clause 9.2B

&n%ormation SecurityIs the *rotection ofinformation from a ide

range of threats, inorder to ensure0usiness continuity,minimi5e 0usiness ris',

and ma1imi5e return oninestment and0usiness o**ortunities.


46/68

A/S& ?;991"?99:, Clause 2.2B

Con:dentiality

he propert- that information is notmae avai#ab#e or isc#ose tounauthori/e iniviua#s, entities,

or processes

6onentia#


47/68

A/S& ?;991"?99:, Clause 2.3B

&ntegrity

he propert- of safe.uarin. theaccurac- an comp#eteness ofassets

6onentia#


48/68

A/S& ?;991"?99:, Clause 2.?B

;aila8ility

he propert- of bein. accessib#ean usab#e upon eman b- anauthori/e entit-

&ata


49/68

Security ,rinci


50/68


51/68

2 "a-s to shie# -ourse#ffrom a %6 attac


52/68

!he rt o% War ? Sun T5u


53/68

6est ,ractices to Kee< Your Ser;ersS>E5

Kee< &n ind5!here is no way to S!O, a Hacker+

you can only make their 9o8H2)E2 5


54/68

Knowing Yoursel% 6ccurately assess your on s'ills.

Possess detailed documentation of your

netor'.

nderstand the leel of organi5ational

su**ort you receie.


55/68

&denti%ying Your ttacker

$nderstanding &nternal

ttackers&igher leels of trust

Physical access to netor'resources

&uman resources *rotections


56/68

Hackers 6eware$nderstanding E?ternal ttackers@oice 6ttac'ers

Intermediate 6ttac'ers

6danced 6ttac'ers


57/68

Why do we get attacked @otoriety, acce*tance, and ego

9inancial gain

Challenge 6ctiism

eenge

%s*ionage

Information arfare


58/68

odule 9oot*rinting and econnaissance

%


59/68

,hases o% Hackers

9econnaissance

*cannin.

'ainin.%ccess

Maintainin.%ccess

6#earin.racs


60/68

2econnaissanceefers to *hase here attac'er gathers asmuch information as *ossi0le

Aearn 60out Target $) 6ctie econ

!) Passie econ


61/68

Scanning !y


62/68

-aining ccess%ttac occurs "hen the hacer moves from simp#-probin. the net"or to actua##- attacin. it+

%fter hacer .aine access, he be.ins to movefrom s-stem to s-stem, spreain. his ama.eas pro.resses+

6omes o"n to si## #eve#, amount of accessachieves, net"or architecture, an con.urationof the victimLs net"or+


63/68

aintaining ccess9efers to the phase "hen attacer tries to retain o"nership of thes-stem

he attacer ma- compromise the s-stem

his "here $acoors, 9ootits or rojans prevents -ours-stems

%ttacer can up#oa, o"n#oa or manipu#ate ata, app#ications con.urations of -our s-stems


64/68

Clearing !racks

9efer to activates carrie out b- an

attacer to hie the misees

9easons Inc+ the nee for pro#on.e sta-,

continue use of resource, removeevience of hacin.


65/68

How does Hackers >ind $s


66/68

ow do hac(ers gain access=


67/68


68/68

Ae?t Week(Module 7 Scanning @etor'sModule 7 %numeration

+emo7 $ll #n Thm D##n

Documents

IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)