Trivadis TechEvent 2016 Apache Kafka - Scalable Massage Processing and more! by Guido Schmutz
Pacific Northwest Digital Government Summit Security – How Much is Enough? June 20, 2006 SA...
-
Upload
judith-janis-mcdaniel -
Category
Documents
-
view
214 -
download
0
Transcript of Pacific Northwest Digital Government Summit Security – How Much is Enough? June 20, 2006 SA...
![Page 1: Pacific Northwest Digital Government Summit Security – How Much is Enough? June 20, 2006 SA Kenneth A. Schmutz.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfeb1a28abf838cb81bf/html5/thumbnails/1.jpg)
Pacific Northwest Digital Government SummitSecurity – How Much is Enough?June 20, 2006 SA Kenneth A. Schmutz
![Page 2: Pacific Northwest Digital Government Summit Security – How Much is Enough? June 20, 2006 SA Kenneth A. Schmutz.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfeb1a28abf838cb81bf/html5/thumbnails/2.jpg)
National Priorities
Counterterrorism Counterintelligence Cyber Crime
![Page 3: Pacific Northwest Digital Government Summit Security – How Much is Enough? June 20, 2006 SA Kenneth A. Schmutz.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfeb1a28abf838cb81bf/html5/thumbnails/3.jpg)
Cyber Crime Components
Computer Intrusions BOTNETS DDOS Attacks Intellectual Property Theft Theft of Trade Secrets Virus/Worm Activity
Child Pornography Internet Fraud
![Page 4: Pacific Northwest Digital Government Summit Security – How Much is Enough? June 20, 2006 SA Kenneth A. Schmutz.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfeb1a28abf838cb81bf/html5/thumbnails/4.jpg)
How Severe is the Threat?
THREAT
•Professional Cyber Criminals
•Organized Crime (Foreign and Domestic)
•Money
•Information
![Page 5: Pacific Northwest Digital Government Summit Security – How Much is Enough? June 20, 2006 SA Kenneth A. Schmutz.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfeb1a28abf838cb81bf/html5/thumbnails/5.jpg)
Growing Trend
BOTNETS Distributed Denial Of Service Attacks
(DDoS) Extortion Malicious Attacks
Pay for Click (Adware installations) Network Traffic
Identity Theft (keylogging, phishing) SPAM
![Page 6: Pacific Northwest Digital Government Summit Security – How Much is Enough? June 20, 2006 SA Kenneth A. Schmutz.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfeb1a28abf838cb81bf/html5/thumbnails/6.jpg)
Components of BOTNET
Internet Relay Chat (IRC) Server Usually a compromised Linux box
Zombies- Compromised computers Home, Military, Government, Education,
and Business infected by a worm, trojan, or virus
Botherder – Person controlling BOTNET
![Page 7: Pacific Northwest Digital Government Summit Security – How Much is Enough? June 20, 2006 SA Kenneth A. Schmutz.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfeb1a28abf838cb81bf/html5/thumbnails/7.jpg)
![Page 8: Pacific Northwest Digital Government Summit Security – How Much is Enough? June 20, 2006 SA Kenneth A. Schmutz.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfeb1a28abf838cb81bf/html5/thumbnails/8.jpg)
![Page 9: Pacific Northwest Digital Government Summit Security – How Much is Enough? June 20, 2006 SA Kenneth A. Schmutz.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfeb1a28abf838cb81bf/html5/thumbnails/9.jpg)
Attack Network
Attack Control Computer
![Page 10: Pacific Northwest Digital Government Summit Security – How Much is Enough? June 20, 2006 SA Kenneth A. Schmutz.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfeb1a28abf838cb81bf/html5/thumbnails/10.jpg)
Recent BOTNET Case
ZOTOB Released ~8/2005 Spreads through email and MS05-
039(PnP) Sets up Backdoor via trojan Controlled by Internet Relay Chat (IRC) Zotob A, B, C derived from MyTob Zotob D, E, F derived from Rxbot
![Page 11: Pacific Northwest Digital Government Summit Security – How Much is Enough? June 20, 2006 SA Kenneth A. Schmutz.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfeb1a28abf838cb81bf/html5/thumbnails/11.jpg)
ZOTOB- victims
IRC SERVERDiabl0.turkcoders.net
![Page 12: Pacific Northwest Digital Government Summit Security – How Much is Enough? June 20, 2006 SA Kenneth A. Schmutz.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfeb1a28abf838cb81bf/html5/thumbnails/12.jpg)
ZOTOB - Subjects
Code Analysis
43 41 4e 00 00 00 00 5b 78 5d 20 42 6f 74 7a 6f 72 B-O-T-Z-O-R.SCAN....[x] Botzor
32 30 30 35 20 42 79 20 44 69 61 62 6c 4f 00 00 2005 By DiablO................
![Page 13: Pacific Northwest Digital Government Summit Security – How Much is Enough? June 20, 2006 SA Kenneth A. Schmutz.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfeb1a28abf838cb81bf/html5/thumbnails/13.jpg)
ZOTOB - Subjects
Diabl0FBI Headquarters CyberFBI Seattle Cyber Squad Identify hotmail account for Diabl0
through DNS Whois for blackcarder.net
Worm analysis “greetz to my good friend coder”
![Page 14: Pacific Northwest Digital Government Summit Security – How Much is Enough? June 20, 2006 SA Kenneth A. Schmutz.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfeb1a28abf838cb81bf/html5/thumbnails/14.jpg)
ZOTOB - Subjects
FBI flies to Morocco/Turkey
![Page 15: Pacific Northwest Digital Government Summit Security – How Much is Enough? June 20, 2006 SA Kenneth A. Schmutz.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfeb1a28abf838cb81bf/html5/thumbnails/15.jpg)
ZOTOB Conclusion
Two subjects located and arrested in less than two weeks from infection
![Page 16: Pacific Northwest Digital Government Summit Security – How Much is Enough? June 20, 2006 SA Kenneth A. Schmutz.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfeb1a28abf838cb81bf/html5/thumbnails/16.jpg)
Cyber Prevention Current, patched Operating System
Enable automatic updates Current virus protection
Update as often as service allows Software and Hardware based firewall Anti-Spyware Protection
Now a necessity Identify points of vulnerability
Remote access Laptops
![Page 17: Pacific Northwest Digital Government Summit Security – How Much is Enough? June 20, 2006 SA Kenneth A. Schmutz.](https://reader036.fdocuments.us/reader036/viewer/2022062519/5697bfeb1a28abf838cb81bf/html5/thumbnails/17.jpg)
Resources
www.consumer.gov/idtheft/ www.ic3.gov/ www.annualcreditreport.com (877-322-
8228)