Which side are you? Dark Side or Light Side

By Sumedt Jitpukdebodin

Senior Intelligence Response @ I-SECURE Co., Ltd.

$ whoami• Name: Sumedt Jitpukdebodin

• Job: Senior Intelligence Response @ I-SECURE

• Interesting: Hacking, Malware Analysis, Digital Forensic, Final Fantasy (Games), Travel, etc.

• Social: @materaj, fb.com/hackandsecbook, OWASP Thailand - Technical Side, admin@2600Thailand

What is computer security?http://elamb.org/wp-content/uploads/2014/06/cyber-security-information-security-job-description.png

–Wikipedia

“IT security is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as

well as from disruption or misdirection of the services they provide”

Why’s security?https://security.uci.edu/img/flexslider/security-wordcloud.jpg

Why’s Security

• It’s everywhere.

• It’s easy to learn.

• It’s in demand.

• It’s important.

Light side vs Dark Side

http://imgur.com/INRZbH1

Light Side• Penetration Tester

• Malware Analyzer

• Digital Forensic

• IT Security Auditor

• Chief Information Security Officer (CISO)

• Bug Bounty Hunter

• etc.

Dark Side• Spammer

• Cracker

• DDoSer

• Ransomware Inventor

• etc.

DDoSer

DDoS Simulate• Logstalgia

What is the biggest DDoS in the history

• Victim: OVH - France Hosting

• When: 26 September 2016

• How: 1Tbps

IoT (CCTV) was used to be the zombie.

https://github.com/jgamblin/Mirai-Source-Code

https://intel.malwaretech.com/mirai.html

shodan.io

shodan.io

https://www.exploit-db.com/docs/33859.pdf

thingful.net

censys.io

Default username, password

Default username, password

What is difference between Hacker and Penetration Tester

• Times

• Method

• Scope

IT Security Jobs Salary

From forbes.com, “Top 10 IT Security Jobs And Salaries”, Apr 12, 2016

Bug Bounty Program

• bugcrowd

• hackerone

• zerodium

• etc.

Ransomware Revenue

$1 Billion in 2016

But………

Criminal always be caught

พรบ. คอมพิวเตอร์ 2550

พรบ. คอมพิวเตอร์ 2550

Q & A

Thank you.