Let's Go To The Movies

Let’s Go To The Movies Introduction to Cybersecurity

Dennis M. Allen https://www.linkedin.com/in/dennis-m-allen-cissp-a709724

NOW SHOWING

WarGames – 1983

© 1983 Metro-Goldwyn-Mayer Studios Inc. All Rights Reserved. http://www.imdb.com/title/tt0086567

PG Cybersecurity Elements

0:10:36 - 0:13:45 “Take the men out of the loop,”

WOPR, big data, war gaming 0:17:35 - 0:17:55 Password insecurity 0:20:20 - 0: 22:15 Old school tech, grade tampering 0:24:25 - 0:25:30 War dialing, “Saul’s fish market” 0:26:14 - 0: 30:17 War dialing (Bank, PanAm, Games) 0:32:30 - 0: 33:40 “Mr. Potatohead, back door’s are not

secrets!” 0:38:28 - 0:45:35 Unauthorized access, Artificial

Intelligence, Global Thermal Nuclear War, Operations Centers

1:03:47 - 1:06:10 Physical security and tone hacking 1:11:28 - 1: 12:45 Payphone hacking

Sneakers – 1992

http://www.imdb.com/title/tt0105435 © 1992 Universal Pictures Studios, Inc. All Rights Reserved.

PG-13 Cybersecurity Elements

0:01:45 - 0:03:05 Wire Fraud 0:05:15 - 0:10:58 Penetration Testing including

social engineering & physical security:

“Your communication lines are vulnerable, fire exits need to be monitored, and your rent-a-cops are a tad under trained”

0:11:38 - 0:14:20 Government hired hadckers 0:25:20 - 0:30:51 Reconnasaince, shoulder surfing,

security bypass with cake & baloons 0:39:39 - 0:46:30 Electronics hacking, unauthorized

access, code breaking 1:21:27 - 1:22:54 Dumpster diving – trash analysis 1:27:34 - 1:41:06 Security control bypass (guard,

cameras, voice authentication, etc.), failure to review the security log!

Hackers – 1995

http://www.imdb.com/title/tt0113243 © 1995 UNITED ARTISTS PICTURES INC. ALL RIGHTS RESERVED


0:04:33 - 0:08:33 Social engineering (skip the war

dialing), hacking a TV station 0:13:34 - 0:15:02 Student record modification, and

hacker handles – poor Joey 0:18:53 - 0:20:02 Late night hacking, Sprinkler test 0:22:40 - 0:25:40 1984, Rainbow Books, Common

Passwords & Attack methodology? 0:25:42 - 0:29:29 Joey hacks the Gibson as God and

downloads some “Garbage” 0:31:13 - 0:31:18 Hack the planet, Tone hacking with

Razor and Blade 0:33:00 - 0:33:40 USS collection and Interview,

“These people are terrorists”

The Net – 1995

http://www.imdb.com/title/tt0113957 © 1995 Columbia Pictures Industries, Inc. All Rights Reserved.

PG-13

Cybersecurity Elements

0:03:38 - 0:05:14 Malware Analysis, Assembly Lang. 0:11:30 - 0:13:16 Clean versus Analyze? 0:14:17 - 0:15:06 Airplane navigation hacked 0:15:45 - 0:16:20 Runtime analysis, talent recruiting 0:17:22 - 0:17:56 Airport computer malfunction 0:19:00 - 0:20:50 Beach computing, Social Engineering 0:39:22 - 0:40:45 Identity manipulation 0:48:02 - 0:48:29 Cell phone tracking and triangulation 0:55:00 - 0:57:02 International ISP, unauthorized system

access, IP attribution, medical records 0:57:28 - 0:59:29 Chat user attribution and recruiting 1:20:55 - 1:22:04 False sense of security from software 1:30:53 - 1:37:36 Physical security, Social Engineering,

Terminal Echo, Command and Control App, Attribution

1:42:00 – 1:45:00 Hacking from RSA or MacWorld?

Track down / Takedown – 2000

http://www.imdb.com/title/tt0159784

R

2000 Dimension Films (presents) Millennium Films (in association with) Hacker Productions (copyright owner)


0:03:12 - 0:04:31 1st Meeting with undercover LE 0:05:50 - 0:06:53 Social Engineering for serial number and

manufacturer info 0:07:22 - 0:08:45 Social Engineering for specs and docs 0:09:11 - 0:10:22 Switched Access Services – S.A.S.,

Telephone monitoring service for LE? 0:14:15 - 0:15:58 Mitnick Article 0:20:57 - 0:23:07 Rollerblading in a data center –

“Challenge accepted!” 0:24:35 - 0:26:17 Stealing Nokitel code and deleting files (backups?) 0:27:23 - 0:27:42 Tape recorder tone dialing 0:28:55 - 0:30:25 Contempt virus 0:33:14 - 0:35:02 Messing with Agent Gibson (Water, Gas, Power) 0:35:51 - 0:39:01 Tsutomu Shimomura - Investigation (connections,

firewalls, modems, log files) 0:47:17 - 0:49:03 CellularOne investigation, hijacking cell phones,

cloning cards, signal tracking 1:01:05 - 1:03:52 Dumpster diving, Social Engineering and using

University computing resources 1:04:50 - 1:07:42 ISP (Netcom) and identifying last hop (real PoP) 1:08:40 - 1:09:55 Civilian investigation – “What can we do?” 1:10:22 - 1:14:13 Social Engineering and using University computing 1:16:23 - 1:18:07 Trolling/Cell scope/ War driving 1:26:17 - 1:26:42 Packet Capture to recover lost files on final upload

Antitrust – 2001

http://www.imdb.com/title/tt0218817 © METRO-GOLDWYN-MAYER PICTURES INC. (2001)


0:00:20 - 0:03:35 Programming, “First Mover Advantage” 0:03:40 - 0:05:00 The Garage Business 0:09:36 - 0:19:00 Smart Home 0:10:10 - 0:10:34 Open Source/Free v. Software Business 0:11:35 - 0:12:58 Synapse architecture, backdoors, etc. 0:16:08 - 0:17:04 Government recruiting (42K and a Buick) 0:18:26 - 0:18:45 Security briefing 0:20:00 - 0:21:10 Programmer swag – The Egg 0:44:10 - 0:48:35 Tailgating, Building and Badge Security,

Unlocked terminal with privileged access (Printed badge, altered security feeds)

0:49:40 - 1:00:24 Milo snooping – No multi-factor!!!!!! 0:54:00 - 1:00:24 Very detailed NURV employee database

Good ol’ Linux CLI 1:27:39 Vehicle Tracking System 1:29:20 - 1:40:00 Milo versus Gary and who can access

the Satellites faster, Release of Synapse source code to the world

Other interesting points: •  Social Engineering to get an invite to the Art Museum Benefit •  Several Java code and compilation examples throughout

http://www.imdb.com/title/tt0244244

Swordfish – 2001

© 2001 Village Roadshow Films (BVI) Limited. All rights reserved.

R Cybersecurity Elements

0:27:00 - 0:30:00 Performance Based Interview 0:51:40 – 0:53:00 Stashing worm generator code on

an Internet accessible PDP-10 0:55:05 – 0:57:10 Creating the Hydra.

Terrible, yet spectacular. Other interesting points: •  Ironically, the movie starts by stressing the importance

of realism in movies •  Bad guys and good guys recruiting the same talent •  Computer facilitated crime funding terrorists

To be clear – The technology is terrible!

Firewall – 2006

http://www.imdb.com/title/tt0408345 © 2006 Warner Bros. Entertainment Inc. 2006 Village Roadshow (BMI) Limited. All rights reserved

PG-13


0:07:02 - 0:07:33 Wireshark and Cisco ACLs (kinda) 0:07:50 - 0:09:00 Boardroom and CISO challenges 0:10:42 - 0:11:15 ID Theft and dumpster diving 0:53:00 - 0:55:54 Building the scanner 0:58:07 - 1:01:52 Navigating the Data Center 1:02:50 - 1:08:08 Cat & Mouse (Catching an insider) 1:29:19 - 1:30:08 PET-NAV 3000

Untraceable – 2008

http://www.imdb.com/title/tt0880578 © 2008 Lakeshore Entertainment Group LLC. All Rights Reserved.

R


0:03:40 - 0:06:14 FBI Cyber tradecraft: - Chats, - Honeypots - Virtual machines - Fake data - Hack back authority? - Attribution

0:14:52 - 0:15:46 IP black holing, Fast flux DNS,

Russian hosting, botnets of compromised hosts

0:56:52 - 0:57:05 Horsez – Trojan – RAT,

unauthorized network access 1:22:20 – 1:23:20 Automobile hacking

Blackhat – 2015

http://www.imdb.com/title/tt2717822 © 2015 Universal Studios. All Rights Reserved

R Cybersecurity Elements

0:01:28 - 0:06:03 Cooling system failure in 8 nuclear reactors – STUXNET-ish (about 1 min is good)

0:07:49 - 0:08:15 Thor’s prison phone/attack tool 0:09:02 - 0:10:15 RAT malware discussion (in Chinese). Motivations.

Collaboration with FBI? 0:10:22 - 0:11:18 Profiling and discussion about Nation-state cyber 0:11:25 - 0:12:03 Initial code analysis – with some key pounding 0:13:50 - 0:18:00 Run up on Soy, Different authors for the RAT and the

payload, Justifying use of a “blackhat” 0:23:38 - 0:25:30 Datacenter, fancy language, thumb print keyfab, a

little CLI, insider threat 0:25:30 - 0:26:30 Some more ode analysis, and discussion for motives 0:31:00 - 0:31:50 Little bit of forensics (WRT hardware, TOR, chat/email

history, impersonation) 0:39:48 - 0:41:00 Whois lookups and a little CLI from ghostman 0:48:16 - 0:54:40 Tracking the money mules and a little bluetooth

signals tracking – GPG, 512-bit encryption 1:09:19 - 1:14:00 HD recovery from the hot zone, snippets of malware in

memory, access “Black Widow” 1:14:45 - 1:15:15 Plausible deniability 1:16:11 - 1:17:32 Spear Phishing NSA with a malicious PDF/keylogger,

Internet accessible systems, EtherApe? 1:18:18 - 1:18:59 Bulletproof hosting in Indonesia from hard drive

recovery – some missing steps though 1:19:30 - 1:19:58 Hi resolution satellite imagery 1:37:07 - 1:39:00 Physical recon/security, same model pump controlled

by the same model PLC, motivation reveal 1:42:00 - 1:43:45 Compromising the data center (with a car), physical

access is key, more CLI to image hard drives 1:43:46 - 1:44:10 Malware source code analysis 1:45:38 - 1:47:05 Social Engineering, Removable media, Waiting for

your shell, pivoting to banking apps 1:47:13 - 1:47:52 SSH and CLI trash talking – Linux command “write”

1:52:29 - 1:54:00 Fight hacking

•  RealGenius(1985),h3p://www.imdb.com/>tle/30089886

•  PiratesofSiliconValley(1999),h3p://www.imdb.com/>tle/30168122

•  TheItalianJob(2003),h3p://www.imdb.com/>tle/30317740

•  TheMatrixReloaded(2003),h3p://www.imdb.com/>tle/30234215

•  TheBourneUl>matum(2007),h3p://www.imdb.com/>tle/30440963

•  LiveFreeorDieHard(2007),h3p://www.imdb.com/>tle/30337978

•  TheGirlwiththeDragonTa3oo(2009),h3p://www.imdb.com/>tle/31132620

•  TheSocialNetwork(2010),h3p://www.imdb.com/>tle/31285016

•  TronLegacy(2011),h3p://www.imdb.com/>tle/31104001

•  Code2600(2011),h3p://www.imdb.com/>tle/31830538

•  Skyfall(2012),h3p://www.imdb.com/>tle/31074638

•  TheInternship(2013),h3p://www.imdb.com/>tle/32234155

•  TheImita>onGame(2014),h3p://www.imdb.com/>tle/32084970

At the Dollar Cinema

•  VerizonDataBreachReport,h3p://www.verizonenterprise.com/DBIR

•  FBICyberMostWanted,h3p://www.î.gov/wanted/cyber

•  DigitalCarjackersShowOffNewA3acks,h3ps://www.youtube.com/watch?v=oqe6S6m73Zw

•  NMAPinthemovies,h3p://nmap.org/movies

•  BureauofJus>ceSta>s>cs,h3p://www.bjs.gov/index.cfm?ty=tp&>d=42

•  Opera>onGetRichorDieTrying,h3p://www.hulu.com/watch/420138

•  FBIWarnsofCyberTerror,h3p://freebeacon.com/na>onal-security/î-warns-of-an>-israel-cyber-a3acks

•  HackersBreachMajorLawEnforcementPortal,h3ps://www.iden>tyforce.com/blog/hackers-breach-law-enforcement-portal-leo-gov

•  PBS–NOVARiseoftheHackers,h3p://www.pbs.org/wgbh/nova/tech/rise-of-the-hackers.html

•  ThefirstNa>on-statecyberweapon?h3p://www.wired.com/2014/11/countdown-to-zero-day-stuxnet

•  Nasdaqhacked,h3p://www.bloomberg.com/bw/ar>cles/2014-07-17/how-russian-hackers-stole-the-nasdaq

•  KevinMitnicknowselling0-daysh3p://www.wired.com/2014/09/kevin-mitnick-selling-zero-day-exploits

•  AnOutlawinCyberspace,h3p://www.ny>mes.com/1996/02/04/books/an-outlaw-in-cyberspace.html?pagewanted=all

•  VulnerableCri>calInfrastructure,h3p://www.forbes.com/sites/realspin/2014/11/11/americas-cri>cal-infrastructure-is-vulnerable-to-cyber-a3acks

•  Hackerssuccessfullyground1,400passengers,h3p://www.cnn.com/2015/06/22/poli>cs/lot-polish-airlines-hackers-ground-planes/

•  Southwest:Noevidencehackerscausedflightdelays,h3p://thehill.com/policy/cybersecurity/256676-southwest-no-evidence-hackers-caused-flight-delays

•  GradeTampering,h3p://www.nbclosangeles.com/news/local/Corona-del-Mar-High-School-Chea>ng-Hacking-Scandal-Tutor-242423361.html

•  GPSTracking,h3p://www.pe3racker.com

•  Moviemistakesandtrivia,h3p://www.moviemistakes.com

Other Things to Check Out

Encore?

•  NetSmartzWorkshop,h3p://www.netsmartz.org

•  FBICyberSurfIslands,h3ps://sos.î.gov

•  CIAKids’Zone,h3ps://www.cia.gov/kids-page

•  TheCarnegieCadets:MySecureCyberspace,h3p://www.carnegiecyberacademy.com

•  CyberCIEGE,h3p://cisr.nps.edu/cyberciege

•  Control-Alt-Hack,h3p://www.controlalthack.com

•  CyberAwarenessChallenge,h3p://iase.disa.mil/eta/cyberchallenge/launchPage.htm

•  OnGuardOnline.gov,h3p://www.onguardonline.gov

•  PBS–NovaCybersecurityLab,h3p://www.pbs.org/wgbh/nova/labs/lab/cyber

•  UsingVideoGamestoPreparetheNextGenera>onCyberWarriorsh3p://resources.sei.cmu.edu/library/asset-view.cfm?assetID=442338

Games

Cyber-Fic*on

•  JeffAikenNovels:ZeroDaybyMarkRussinovichandHowardSchmidt(Aug2012)TrojanHorsebyMarkRussinovichandKevinMitnick(Sep2012)RogueCodebyMarkRussinovich(May2014)

•  StealingtheNetwork: HowtoOwntheBoxbyRayanRussellandothers(May2003) HowtoOwnaCon>nentbyFXandothers(May2004) HowtoOwnanIden>tybyRyanRussellandothers(May2005) HowtoOwnaShadowbyJohnnyLongandothers(Feb2007)

Non-Fic*on

•  TheCuckoo’sEgg:TheCuckoo'sEgg:TrackingaSpyThroughtheMazeofComputerEspionage,CliffStoll

•  CyberWar:TheNextThreattoNa>onalSecurityandWhattoDoAboutIt,RobertK.Knake

•  SpamNa>on:TheInsideStoryofOrganizedCybercrime–fromGlobalEpidemictoYourFrontDoorbyBrianKrebs

•  AmericatheVulnerable:NewTechnologyandtheNextThreattoNa>onalSecuritybyJoelBrenner

•  Kingpin:HowOneHackerTookOvertheBillion-DollarCybercrimeUndergroundbyKevinPoulsen

•  CountdowntoZeroDay:StuxnetandtheLaunchofthWorld’sFirstDigitalWeaponbyKimZe3er

Books

•  Na>onalIni>a>veforCybersecurityCareersandStudies,h3p://niccs.us-cert.gov•  Compe>>ons,h3p://niccs.us-cert.gov/training/tc/search/cmp/new•  Games&Programming,h3p://niccs.us-cert.gov/educa>on/cyber-games-and-programming•  CampsandClubs,h3p://niccs.us-cert.gov/educa>on/cyber-camps-clubs

•  UniversityExamples•  CarnegieMellonPicocr,h3ps://picocr.com•  RochesterIns>tuteofTechnologyCPTC,h3p://cptc.csec.rit.edu

•  SANSIns>tute•  NetWars,h3ps://www.sans.org/netwars/•  CyberAces,h3p://cyberaces.org

•  Other“Challenges”•  h3p://www.na>onalccdc.org•  h3p://www.cyberaces.org/compe>>ons/•  h3p://www.uscyberchallenge.org

•  HackerChallenges(EdSkoudis),•  h3p://www.counterhack.net/Counter_Hack/Challenges.html

Competitions

•  ScholarshipforServiceh3ps://www.sfs.opm.gov/StudFAQ.aspx

•  Na>onalCentersofAcademicExcellenceinInforma>onAssurance/CyberDefenseh3ps://www.nsa.gov/ia/academic_outreach/nat_cae/

•  ProfessionalOrganiza>ons

•  h3ps://www.rocissa.org

•  h3ps://www.owasp.org/index.php/Rochester

•  h3p://www.isaca.org/chapters11/Western-New-York

Training, Education & Awareness

•  The10MostNotoriousHackersofAllTime!(8:19)h3ps://www.youtube.com/watch?v=-XpPEmcnKCk

•  5MostDangerousHackersOfAllTime(4:31)h3ps://www.youtube.com/watch?v=7UaPL5PGywo

•  TheSecretInterna>onalCyberWarDividingNa>ons(42:17)h3ps://www.youtube.com/watch?v=zAS-agcQqEk

•  25BiggestCyberA3acksinHistory(14:07)h3ps://www.youtube.com/watch?v=Zl_BQoJqClM

•  Opera>onGetRichorDieTrying(43:21)h3p://www.hulu.com/watch/420138

YouTube & Hulu – Must Watch

•  ITFreeTraining,h3p://www.youtube.com/user/irreetraining

•  itTaster,h3p://www.youtube.com/user/i3aster

•  ProfessorMesser,h3ps://www.youtube.com/user/professormesser

•  StormWindLive,h3ps://www.youtube.com/user/StormWindLive

•  ElitheComputerGuy,h3ps://www.youtube.com/user/elithecomputerguy

•  MicrosoxSupportVideos,h3ps://www.youtube.com/user/MicrosoxCSSVideo

•  DansCourses,h3p://www.youtube.com/user/danscourses

•  InfoSecIns>tuteTraining,h3ps://www.youtube.com/user/InfoSecIns>tute

•  SoxwareEngineeringIns>tute,h3ps://www.youtube.com/user/TheSEICMU

•  Hak5(h3ps://hak5.org),h3ps://www.youtube.com/user/Hak5Darren

YouTube Learning Channels

•  CyberAggregator,@cybfor

•  TheHackerNews,@TheHackersNews

•  TeamCymru,@teamcymru

•  WhiteHatSecurity,@whitehatsec

•  Threatpost,@threatpost

•  Briankrebs,@briankrebs

Twitter

The End