Cisco Security Ninja White Belt-Network Engineer...The Cisco Security Ninja program is a technical...
Transcript of Cisco Security Ninja White Belt-Network Engineer...The Cisco Security Ninja program is a technical...
![Page 1: Cisco Security Ninja White Belt-Network Engineer...The Cisco Security Ninja program is a technical security awareness program created in 2012. The goal of this program is to change](https://reader034.fdocuments.us/reader034/viewer/2022052616/609e0cb127cd87054d413bb6/html5/thumbnails/1.jpg)
© 2015 Cisco and/or its affiliates. All rights reserved. 1
Notes
The Cisco Security Ninja program is a technical security awareness program created in 2012. The goal of this program is to change the security culture of Cisco from within. This slide deck is a tailored module from within our first level, White Belt, with a few slides borrowed from Green Belt. The purpose of this deck is to summarize key security information for network or security engineers. We are releasing this module to raise awareness and also to provide an example you could deploy in your organization!
![Page 2: Cisco Security Ninja White Belt-Network Engineer...The Cisco Security Ninja program is a technical security awareness program created in 2012. The goal of this program is to change](https://reader034.fdocuments.us/reader034/viewer/2022052616/609e0cb127cd87054d413bb6/html5/thumbnails/2.jpg)
© 2015 Cisco and/or its affiliates. All rights reserved. 2
White Belt for a Network or Security Eng Authored by: Chris Romeo
![Page 3: Cisco Security Ninja White Belt-Network Engineer...The Cisco Security Ninja program is a technical security awareness program created in 2012. The goal of this program is to change](https://reader034.fdocuments.us/reader034/viewer/2022052616/609e0cb127cd87054d413bb6/html5/thumbnails/3.jpg)
© 2015 Cisco and/or its affiliates. All rights reserved. 3
Learning Outcomes
By the end of this module, you will be able to: ü Understand some basic security terms that security
professionals throw around
ü Explain the state of the hacker economy and the impact of attacks
ü Describe social engineering and what you can do to prevent it
![Page 4: Cisco Security Ninja White Belt-Network Engineer...The Cisco Security Ninja program is a technical security awareness program created in 2012. The goal of this program is to change](https://reader034.fdocuments.us/reader034/viewer/2022052616/609e0cb127cd87054d413bb6/html5/thumbnails/4.jpg)
© 2015 Cisco and/or its affiliates. All rights reserved. 4
The Defender’s Dilemna • Defender = The Protector • Attacker = Needs only one entry point • Advantage = The Attackers Only YOU can secure your products!
Why Do You Care?
https://flic.kr/p/8DryyL
![Page 5: Cisco Security Ninja White Belt-Network Engineer...The Cisco Security Ninja program is a technical security awareness program created in 2012. The goal of this program is to change](https://reader034.fdocuments.us/reader034/viewer/2022052616/609e0cb127cd87054d413bb6/html5/thumbnails/5.jpg)
© 2015 Cisco and/or its affiliates. All rights reserved. 5
The Security Problem
Changing Business Models
Dynamic Threat Landscape
Complexity and Fragmentation
![Page 6: Cisco Security Ninja White Belt-Network Engineer...The Cisco Security Ninja program is a technical security awareness program created in 2012. The goal of this program is to change](https://reader034.fdocuments.us/reader034/viewer/2022052616/609e0cb127cd87054d413bb6/html5/thumbnails/6.jpg)
© 2015 Cisco and/or its affiliates. All rights reserved. 6
Information is not unexpectedly
modified
0 CONFIDENTIAL
?
Is it Secure? Consider C.I.A.
Availability
Of device, service, or data.
Information can only be viewed by authorized parties
Information or resources are available when needed
https://flic.kr/p/7eVCjY
Grades Updated!
https://flic.kr/p/7CDfhH
![Page 7: Cisco Security Ninja White Belt-Network Engineer...The Cisco Security Ninja program is a technical security awareness program created in 2012. The goal of this program is to change](https://reader034.fdocuments.us/reader034/viewer/2022052616/609e0cb127cd87054d413bb6/html5/thumbnails/7.jpg)
© 2015 Cisco and/or its affiliates. All rights reserved. 7
Threat Agent An entity that exploits a threat
Threats
Threat A potential danger that could cause harm to information or a system
https://flic.kr/p/6jTfiN https://flic.kr/p/56iS
https://flic.kr/p/9VUCrU https://flic.kr/p/a7RGBX
https://flic.kr/p/c5xUxS
![Page 8: Cisco Security Ninja White Belt-Network Engineer...The Cisco Security Ninja program is a technical security awareness program created in 2012. The goal of this program is to change](https://reader034.fdocuments.us/reader034/viewer/2022052616/609e0cb127cd87054d413bb6/html5/thumbnails/8.jpg)
© 2015 Cisco and/or its affiliates. All rights reserved. 8
Vulnerability
Vulnerability A weakness, design or coding error, or lack of protection in a product that enables an attack
Vulnerabilities can result from Design, Programming, or Operational flaws. https://flic.kr/p/LhHyk
![Page 9: Cisco Security Ninja White Belt-Network Engineer...The Cisco Security Ninja program is a technical security awareness program created in 2012. The goal of this program is to change](https://reader034.fdocuments.us/reader034/viewer/2022052616/609e0cb127cd87054d413bb6/html5/thumbnails/9.jpg)
© 2015 Cisco and/or its affiliates. All rights reserved. 9
Exploits and Attacks
Exploits and attacks go hand in hand.
Exploit A practical method to take advantage of a specific vulnerability
Attack Vector A theoretical application of an exploit
Attack The use of an exploit against an actual vulnerability
Zero-Day Attack An attack that exploits a previously unknown vulnerability for which there is not yet a defense https://flic.kr/p/5EAwg3
![Page 10: Cisco Security Ninja White Belt-Network Engineer...The Cisco Security Ninja program is a technical security awareness program created in 2012. The goal of this program is to change](https://reader034.fdocuments.us/reader034/viewer/2022052616/609e0cb127cd87054d413bb6/html5/thumbnails/10.jpg)
© 2015 Cisco and/or its affiliates. All rights reserved. 10
The Evolution of Hacking
2000 1990 1995 2005 2010 2015 2020 Viruses 1990–2000
Worms 2000–2005
Spyware and Rootkits 2005–Today
APTs Cyberware Today +
Hacking Becomes an Industry
Sophisticated Attacks, Complex Landscape
Phishing, Low Sophistication
![Page 11: Cisco Security Ninja White Belt-Network Engineer...The Cisco Security Ninja program is a technical security awareness program created in 2012. The goal of this program is to change](https://reader034.fdocuments.us/reader034/viewer/2022052616/609e0cb127cd87054d413bb6/html5/thumbnails/11.jpg)
© 2015 Cisco and/or its affiliates. All rights reserved. 11
How Hackers Monetize
Social Security $1
Medical Record >$50
DDOS as a Service
~$7/hour
WELCOME TO THE HACKERS’ ECONOMY
DDoS
Credit Card Data $0.25-$60
Bank Account Info >$1000
depending on account type and balance
$�
Exploits $1000-$300K
Facebook Account $1 for an account
with 15 friends
Spam $50/500K emails
Malware Development
$2500 (commercial malware)
Global Cybercrime
Market: $450B-$1T
Mobile Malware $150
![Page 12: Cisco Security Ninja White Belt-Network Engineer...The Cisco Security Ninja program is a technical security awareness program created in 2012. The goal of this program is to change](https://reader034.fdocuments.us/reader034/viewer/2022052616/609e0cb127cd87054d413bb6/html5/thumbnails/12.jpg)
© 2015 Cisco and/or its affiliates. All rights reserved. 12
Top 3 Impacts of Security Failures
Damage to infrastructure Increase in
expenses
Loss of market share
![Page 13: Cisco Security Ninja White Belt-Network Engineer...The Cisco Security Ninja program is a technical security awareness program created in 2012. The goal of this program is to change](https://reader034.fdocuments.us/reader034/viewer/2022052616/609e0cb127cd87054d413bb6/html5/thumbnails/13.jpg)
© 2015 Cisco and/or its affiliates. All rights reserved. 13
What is Social Engineering?
The clever manipulation of the natural human tendency to trust
“Social engineering is using deception, manipulation and influence to convince a human who has access to a computer system to do something, like click on an attachment in an e-mail.”
– Kevin Mitnick
![Page 14: Cisco Security Ninja White Belt-Network Engineer...The Cisco Security Ninja program is a technical security awareness program created in 2012. The goal of this program is to change](https://reader034.fdocuments.us/reader034/viewer/2022052616/609e0cb127cd87054d413bb6/html5/thumbnails/14.jpg)
© 2015 Cisco and/or its affiliates. All rights reserved. 14
Why am I vulnerable?
• Natural human desire to be helpful • Tendency to trust people • Desire to feel included or receive benefit • Fear of getting into trouble • Willingness to cut corners for a “good reason”
Social Engineers know their targets!
https://flic.kr/p/cHjZBw
![Page 15: Cisco Security Ninja White Belt-Network Engineer...The Cisco Security Ninja program is a technical security awareness program created in 2012. The goal of this program is to change](https://reader034.fdocuments.us/reader034/viewer/2022052616/609e0cb127cd87054d413bb6/html5/thumbnails/15.jpg)
© 2015 Cisco and/or its affiliates. All rights reserved. 15
Inference Collecting and assembling “innocent” information from public sources to build a profile of a target • Facebook • LinkedIn • Twitter • Personal blog/website • Public forums • Improperly protected info
Popular Social Engineering techniques Warning: Social Engineering attacks often combine multiple techniques!
Impersonation Posing as an employee or other authorized party to gain access or information
• Phone, e-mail, or in person
• “Act like you are supposed to be there”
Dumpster Diving Collecting confidential information from improperly protected sources
• Discarded documents • Old hard drives • May literally mean going
through a dumpster!
![Page 16: Cisco Security Ninja White Belt-Network Engineer...The Cisco Security Ninja program is a technical security awareness program created in 2012. The goal of this program is to change](https://reader034.fdocuments.us/reader034/viewer/2022052616/609e0cb127cd87054d413bb6/html5/thumbnails/16.jpg)
© 2015 Cisco and/or its affiliates. All rights reserved. 16
Popular Social Engineering Techniques
Phishing Posing as a trustworthy entity to acquire confidential information • Type of e-mail spoofing fraud • Usernames, passwords, etc.
Spear Phishing Phishing targeted at a specific person or group • Has detailed information meant to
persuade the specific target
Warning: Social Engineering attacks often combine multiple techniques!
![Page 17: Cisco Security Ninja White Belt-Network Engineer...The Cisco Security Ninja program is a technical security awareness program created in 2012. The goal of this program is to change](https://reader034.fdocuments.us/reader034/viewer/2022052616/609e0cb127cd87054d413bb6/html5/thumbnails/17.jpg)
© 2015 Cisco and/or its affiliates. All rights reserved. 17
Key Take Aways
ü Know the basic security terms of security professionals
ü In the hacker economy, data is money, and the impact of attacks is damage to infrastructure, increase in expenses, and loss of market share
ü Social engineers will use any and all information and tactics
• Be suspicious; be prudent
• Verify sources and trust your instincts
![Page 18: Cisco Security Ninja White Belt-Network Engineer...The Cisco Security Ninja program is a technical security awareness program created in 2012. The goal of this program is to change](https://reader034.fdocuments.us/reader034/viewer/2022052616/609e0cb127cd87054d413bb6/html5/thumbnails/18.jpg)
© 2015 Cisco and/or its affiliates. All rights reserved. 18
Notes
We hope this overview of our learning approach for the Cisco Security White Belt has been helpful. It is our goal to share our approach with the community, to assist in building technical security awareness within all organizations.
![Page 19: Cisco Security Ninja White Belt-Network Engineer...The Cisco Security Ninja program is a technical security awareness program created in 2012. The goal of this program is to change](https://reader034.fdocuments.us/reader034/viewer/2022052616/609e0cb127cd87054d413bb6/html5/thumbnails/19.jpg)
© 2015 Cisco and/or its affiliates. All rights reserved. 19
Chris Romeo [email protected]
@edgeroute
If you have any questions, please contact me