Upload
syed-salman-hassan
View
213
Download
0
Embed Size (px)
Citation preview
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
1/68
Hacking Countermeasures ShortCourse
Part of subject
ITE516: Hacking Countermeasures
Part of the
Master of Information SystemsSecurity
Master of Management (IT)
#StopCyberCrime
https://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrime8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
2/68
Hacking CountermeasuresWEEK 1
Erdal Ozkaya
[email protected]@csu.edu.au
www.YourC!.com
#S
topCyberCrime
mailto:[email protected]://www.yourmct.com/https://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttp://www.yourmct.com/mailto:[email protected]8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
3/68
"ason Howarth #CS$
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
4/68
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
5/68
arket 'eader( )istance Ed
Source: DEET
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
6/68
arket leader * &!+ ,-+ )omestic
0100200300400500600 504
377 338 315257
200 182
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
7/68
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
8/68
Who am & Master of Information Security, Bachelor of Science in InformationTechnology (B.I.T.), MVP, Microsoft Certied Trainer, IS!"##$ Consultant,Certied %thical &ac'er (C%&), Certied %thical Instructor, is an educator atCharles Sturt niersity.
I am also com*leting my +octor of Philoso*hy (Ph.+.) in IT security andor'ing for -%MP Technologies as egional +irector.
I am a s*ea'er, *roctor for hands/on la0s, and technical e1*ert in
orldide conferences such as Tech%d, &ac'er &alted, MicrosoftManagement Summit, trade shos and in e0casts for Microsoft and %C/Council. %rdal has also deelo*ed and consulted on Microsoft 2cial %1amsand Courses. 3ou can isit his 0log for more information.erdalo5'aya.com
http://www.erdalozkaya.com/http://www.erdalozkaya.com/8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
9/68
#StopCyberCrime
https://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrime8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
10/68
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
11/68
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
12/68
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
13/68
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
14/68
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
15/68
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
16/68
Skills Being Measured
What is in this class ?
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
17/68
Welcome to /Hacking Countermeasures /
6ll hat you need to 'no is here7
htt*
788.itmasters.edu.au8free/short/cour
se/hac'ing/countermeasures8
r#Sto
pCyb
erCrime
http://www.itmasters.edu.au/free-short-course-hacking-countermeasures/http://www.itmasters.edu.au/free-short-course-hacking-countermeasures/https://www.facebook.com/hashtag/stopcybercrimehttp://www.itmasters.edu.au/free-short-course-hacking-countermeasures/http://www.itmasters.edu.au/free-short-course-hacking-countermeasures/https://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttp://www.erdalozkaya.com/http://www.itmasters.edu.au/free-short-course-hacking-countermeasures/http://www.itmasters.edu.au/free-short-course-hacking-countermeasures/http://www.itmasters.edu.au/free-short-course-hacking-countermeasures/http://www.itmasters.edu.au/free-short-course-hacking-countermeasures/8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
18/68
Our main communication channel
htt*s788learn.itmasters.edu.au
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
19/68
Hacking CountermeasuresModule $7
Introduction to &ac'ing Countermeasures
'et0s
S!2! 34
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
20/68
Warning5!his ,resentation Contains Occasional 6ad'anguage 7 Su89ect atter that some ay :nd
)istur8ing and some in%ormation which you should
not use in li;e targets or networks without
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
21/68
Improvements that Microsoft has mae inthe !ino"s p#atforms have riven $%&'()* to ne" tactics+
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
22/68
here are t"o t-pes of or.ani/ations+
hose "ho rea#i/e the-ve beenhace+
hose "ho havent -et rea#i/e the-vebeen hace+
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
23/68
Movin. for"ar, there "i##be t"o t-pes of
or.ani/ations
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
24/68
hose "ho aapt to themoern threatenvironment+
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
25/68
hose "ho ont+
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
26/68
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
27/68
he threat #anscape is chan.in.rapi#-+$ut this time its not just theattacers rivin. chan.e, its -our
users+
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
28/68
,012 &isappearin. perimeter,00# &ene environment
Mobi#it- represents the en perimeter basesecurit-+
)our perimeter is fain., ma-be itsa#rea- .one+
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
29/68
$)& is a top priorit- an one
of the bi..est cha##en.es$ut its not the on#- one"hen it comes to
securit-+
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
30/68
he improvements that *oft"are 'iantshas mae have riven %689* to ne"tactics+
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
31/68
%ttacers have set their si.hts onientit- theftan the-re breain. into s-stems as
-ou
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
32/68
$anin.
*ma##n#ine
$usiness
*ma##n#ine
$usiness
*ma##n#ine
$usiness
*ma##n#ine
$usiness
:75; of users
use the samepass"oron ever- site
%ttacersno" thisan e?p#oitthe
"eaness
%ttacers stea#pass"ors from
sma## on#inebusinessesan use the samepass"or toaccess moreinterestin.accounts
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
33/68
here is a pro#ic an easi#- accessib#eb#ac maret that faci#itates thebu-in. an se##in.of ientities, creit cars, etc+Persona# information about
-ou can a#most certain#- be
foun there
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
34/68
%n so "e have a perfect storm+
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
35/68
6-bercrime costs (* econom- upto @140 bi##ion annua##-, report sa-s
Aos %n.e#es imes B2013C
o" hacers a##e.e#- sto#e Dun#imiteEamounts of cash from bans in just a fe"hours
%rs echnica B2013C
%rs echnica B2013C
(niversities face arisin. barra.e ofc-berattacs
HEADLINES
Ma#"are burro"seep into computer$I* to escape %F
The @egister ASeptember ?911B
9esearchers have iscovere oneof the rst pieces ever use in the"i# that moies the soft"are onthe motherboar of infectecomputers to ensure the infection
cant be easi#- eraicateGHe" )or imes B2013C
6-berattacs on therise a.ainst (*corporations
or.et carjacin.,soon it "i## becarhacin.
The Sydney orning erald A?912B
9isin. c-ber securit- riss torivers as their cars becomeincreasin.#- po"ere b- anconnecte to computers haveprompte the (* auto=safet-
re.u#ator to start a ne" oJcefocusin. on the threatG
8spiona.e ma#"areinfects rafts of.overnments,inustries arounthe "or#
%rs echnica B2013C
6-berspace chan.esthe fo. of "ar
Po#itics+co+u B2013C
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
36/68
T&!
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
37/68
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
38/68
Key ,rinci
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
39/68
$nderstand 2isk anagement
robbilit
Conseuence
4is'
#StopCyberCrime
https://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrime8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
40/68
-olden 2ules 9irst 'ey *rinci*le of securityis that no netor' iscom*letely secure :
information security is reallya0out ris' management
The more im*ortant the
asset is and the more it ise1*osed to security threats,the more resources youshould *ut into securing it
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
41/68
A/S& ?;991"?99:, Clause 2.1B
sset%lements of alue for theorgani5ation
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
42/68
A/S& ?;991"?99:, Clause 2.1B
&denti:cation o% ssets% possib#e c#assication
Personne#
ar"are *oft"are
r.+ *tructure*ite
#StopCyber
Crime
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
43/68
!hreat
Potential cause of an unantedincident, hich may result in harmto a system or organi5ation
6rash#StopCyberCrime
https://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrimehttps://www.facebook.com/hashtag/stopcybercrime8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
44/68
=ulnera8ility
;ea'ness of an asset or grou* of assetsthat can 0e e1*loited 0y one or morethreats
Aoce
A/S& ?;99?"?99:, Clause ?.17B
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
45/68
A/S& ?;99?"?99:, Clause 9.2B
&n%ormation SecurityIs the *rotection ofinformation from a ide
range of threats, inorder to ensure0usiness continuity,minimi5e 0usiness ris',
and ma1imi5e return oninestment and0usiness o**ortunities.
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
46/68
A/S& ?;991"?99:, Clause 2.2B
Con:dentiality
he propert- that information is notmae avai#ab#e or isc#ose tounauthori/e iniviua#s, entities,
or processes
6onentia#
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
47/68
A/S& ?;991"?99:, Clause 2.3B
&ntegrity
he propert- of safe.uarin. theaccurac- an comp#eteness ofassets
6onentia#
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
48/68
A/S& ?;991"?99:, Clause 2.?B
;aila8ility
he propert- of bein. accessib#ean usab#e upon eman b- anauthori/e entit-
&ata
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
49/68
Security ,rinci
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
50/68
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
51/68
2 "a-s to shie# -ourse#ffrom a %6 attac
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
52/68
!he rt o% War ? Sun T5u
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
53/68
6est ,ractices to Kee< Your Ser;ersS>E5
Kee< &n ind5!here is no way to S!O, a Hacker+
you can only make their 9o8H2)E2 5
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
54/68
Knowing Yoursel% 6ccurately assess your on s'ills.
Possess detailed documentation of your
netor'.
nderstand the leel of organi5ational
su**ort you receie.
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
55/68
&denti%ying Your ttacker
$nderstanding &nternal
ttackers&igher leels of trust
Physical access to netor'resources
&uman resources *rotections
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
56/68
Hackers 6eware$nderstanding E?ternal ttackers@oice 6ttac'ers
Intermediate 6ttac'ers
6danced 6ttac'ers
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
57/68
Why do we get attacked @otoriety, acce*tance, and ego
9inancial gain
Challenge 6ctiism
eenge
%s*ionage
Information arfare
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
58/68
odule 9oot*rinting and econnaissance
%
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
59/68
,hases o% Hackers
9econnaissance
*cannin.
'ainin.%ccess
Maintainin.%ccess
6#earin.racs
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
60/68
2econnaissanceefers to *hase here attac'er gathers asmuch information as *ossi0le
Aearn 60out Target $) 6ctie econ
!) Passie econ
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
61/68
Scanning !y
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
62/68
-aining ccess%ttac occurs "hen the hacer moves from simp#-probin. the net"or to actua##- attacin. it+
%fter hacer .aine access, he be.ins to movefrom s-stem to s-stem, spreain. his ama.eas pro.resses+
6omes o"n to si## #eve#, amount of accessachieves, net"or architecture, an con.urationof the victimLs net"or+
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
63/68
aintaining ccess9efers to the phase "hen attacer tries to retain o"nership of thes-stem
he attacer ma- compromise the s-stem
his "here $acoors, 9ootits or rojans prevents -ours-stems
%ttacer can up#oa, o"n#oa or manipu#ate ata, app#ications con.urations of -our s-stems
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
64/68
Clearing !racks
9efer to activates carrie out b- an
attacer to hie the misees
9easons Inc+ the nee for pro#on.e sta-,
continue use of resource, removeevience of hacin.
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
65/68
How does Hackers >ind $s
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
66/68
ow do hac(ers gain access=
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
67/68
8/10/2019 IT Masters CSU Free Short Course - Hacking Countermeasures - Week 1 (1)
68/68
Ae?t Week(Module 7 Scanning @etor'sModule 7 %numeration
+emo7 $ll #n Thm D##n