The book treats, in an unorthodox fashion, the Earwicker ...
Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik -...
Transcript of Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik -...
![Page 1: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/1.jpg)
Unorthodox Command-and-Control Channels
Tabraiz Malik
PwC UK Cyber Security
www.pwc.com
Building a secure digital society.
What they are and how they work
![Page 2: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/2.jpg)
PwC │ 2
Introduction
Tabraiz Malik
• PwC, Cyber Security
• Work in the Ethical Hacking team (… we are hiring!)
• Previously worked in Rolls-Royce within the HPC team
![Page 3: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/3.jpg)
PwC │ 3
Why this talk?
• Raising awareness of unusual C2 communications
• Emphasising need for identifying future threats
• Strengths and limitations of defensive techniques
![Page 4: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/4.jpg)
PwC │ 4
What is a C2 channel?
• The way in which attackers communicate with victim machines
• Remote channels
Attacker Victim
![Page 5: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/5.jpg)
PwC │ 5
Timeline of Malware
ROKRATTwitter
‘
HammertossTwitterInfected web servers
InstegogramInstagram
FbotBlockchain DNS
Unnamed GroupInstagram and Firefox extension
RogueRobinDNSGoogle Drive
MULTIGRAINDNS
China ChopperWeb shell
2012
2015
2016
2017
2018
2019
VPNFilterTor
DarkBotIRC
SamSamWebshellsRDP
SANNYHTTP
WannaCryTor proxy
1999
PrettyParkIRC
![Page 6: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/6.jpg)
PwC │ 6
Evolution of detection capabilities
• Intrusion Detection Systems (IDS) and Deep Packet Inspection (DPI)
• YARA rules
• Heuristic detection using language modelling and network artefact analysis
• Behavioural analysis and anomaly-based detection
“Hello my name is
CRESTCon”
1-gramString
“Hello my name is
CRESTCon”
“Hello my”
“my name”
“name is”
“is CRESTCon”
“Hello my name”
“my name is”
2-gram 3-gram
“name is CRESTCon”
![Page 7: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/7.jpg)
PwC │ 7
Case studies
3
HTTP21
DNS
5
SteganographySocial Media
“More and more threat actors are using CDN to send payloads past network security appliances” –PwC Threat Intelligence
4
X.509
![Page 8: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/8.jpg)
PwC │ 8
Hammertoss (2015)
Image: https://www2.fireeye.com/rs/848-DID-242/images/rpt-apt29-hammertoss.pdf
1) Dynamically generates Twitter handles
![Page 9: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/9.jpg)
PwC │ 9
Hammertoss (2015)
Image: https://www2.fireeye.com/rs/848-DID-242/images/rpt-apt29-hammertoss.pdf
2) Malware operator publishes a tweet to the Twitter account timeline
3) Inspects tweet address
![Page 10: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/10.jpg)
PwC │ 10
Hammertoss (2015)
4) Visits target URL downloads all content including image files
5) Hide commands in images.
6) Execute commands and upload output to cloud storage service
Read more on Hammertoss: https://www2.fireeye.com/rs/848-DID-242/images/rpt-apt29-hammertoss.pdf
![Page 11: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/11.jpg)
PwC │ 11
Hammertoss (2015)
Challenges to SOC analysts:
• Analysts would require more than just the binary to carry out comprehensive analysis
• Valid Twitter handle required
• Access to malicious tweet(s) to decrypt content
![Page 12: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/12.jpg)
PwC │ 12
Instegogram (2016)
Image: International Journal on Computer Science and Engineering Vol.1 (3), 2009, 137-141
• Steganography can involve messages, images, videos
• Attack infrastructure combines steganography and social media
![Page 13: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/13.jpg)
PwC │ 13
Instegogram (2016)
Image: https://www.youtube.com/watch?v=ICN7rTmQdR4
1) Embed commands into images
2) Upload images to Instagram account
![Page 14: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/14.jpg)
PwC │ 14
Instegogram (2016)
Image: https://www.youtube.com/watch?v=ICN7rTmQdR4
3) Decode image
4) Execute command
5) Embed output in an image and post on
to the Instagram account
Read more on Instegogram: https://www.endgame.com/blog/technical-blog/instegogram-leveraging-
instagram-c2-image-steganography
![Page 15: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/15.jpg)
PwC │ 15
x.509 (2018)
Certificate
keyUsage=<malicious data>
subjectKeyIdentifier=<malicious data>
extendedKeyUsage=<malicious data>
![Page 16: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/16.jpg)
PwC │ 16
x.509 (2018)
Image: https://www.fidelissecurity.com/threatgeek/2018/02/exposing-x509-vulnerabilities
Transferring a malicious executable (Mimikatz) in an X.509 certificate.
Read more on x.509 as a C2:
https://www.fidelissecurity.com/threatgeek/threat-
intelligence/x509-vulnerabilities
• Misusing the TLS handshake
• Bypassing detection methods that fail to inspect the certificates which underpin TLS
![Page 17: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/17.jpg)
PwC │ 17
Novel C2 Channels
• My contributions to this research subject
• Threat Intelligence driven approach
• Exploring technologies that have become more prevalent in corporate environment
![Page 18: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/18.jpg)
PwC │ 18
GitHub
Why GitHub?
• 28 million users
• 57 million repositories
C2 PoC
• GitHub API
• Repository used as C2 channel (public/private)
• Activation message: specific string in Git commit
• Communications: Git comments
![Page 19: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/19.jpg)
PwC │ 19
![Page 20: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/20.jpg)
PwC │ 20
Slack
Why Slack?
• Instant messaging
• 10+ million daily active users
• 85,000 paying customers
C2 PoC
• Slack API
• Slack channel used as C2 (public/private)
• Activation message: specific string published to channel
• Communications: messages published to channel
• Human simulated conversation through Slack bots
![Page 21: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/21.jpg)
PwC │ 21
Slack
![Page 22: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/22.jpg)
PwC │ 22
JSFiddle
Why JSFiddle?
• Anonymous sharing
• Permanent fiddles
• Widely used in the development community
C2 PoC
• Public anonymous fiddle
• Queries the most recent fiddle version
• Activation message: not used
• Communication: fiddle updated with commands/output
![Page 23: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/23.jpg)
PwC │ 23
![Page 24: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/24.jpg)
PwC │ 24
Cryptocurrency and Blockchain
Why Blockchain?
• Huge interest in the application of blockchain
Why Cryptocurrencies?
• 32 million Bitcoin wallets
• 7.1 million active Bitcoin users
C2 PoC
• PwCoin
• Valid addresses are accepted on the PwCoin network
• Activation message: not used
• Communication: transactions issued with encoded content
![Page 25: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/25.jpg)
PwC │ 25
Bitcoin and Blockchain
![Page 26: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/26.jpg)
PwC │ 26
Countermeasures (1)
Basic & brittle solutions:
• Domain whitelisting
• Black-listing non-approved Slack subdomains
• Egress filtering and firewall exceptions
![Page 27: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/27.jpg)
PwC │ 27
Countermeasures (2)
Complex & current solutions
• Live system composed of layer 4 metrics associated with timestamps and connection frequencies to determine malicious traffic
• Fingerprinting TLS metadata & network flow analysis
• LogicHub – triage, respond and hunt
• Palo Alto Magnifier
• Software-defined firewalls for malicious traffic detection
![Page 28: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/28.jpg)
PwC │ 28
Future work
• Fine tuning human interaction within C2 channels
• Build non-standard detection models using new machine-learning and data science powered techniques
• Alternative platforms such as Jira, Slido
![Page 29: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/29.jpg)
PwC │ 29
Key takeaways
• Heightened awareness of seemingly benign technologies
• Re-assess risk appetite based on enterprise-wide software inventory
• Automated security solutions are often not enough
• Complement core defences with more advanced detection systems
• Penetration testers can begin to explore similar technologies deployed within organisations
![Page 30: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/30.jpg)
PwC │ 30
At PwC, our purpose is to build trust in society and solve important problems. We’re a network of firms in 157 countries with more than 223,000 people who are committed to delivering quality in assurance, advisory and tax services. Find out more and tell us what matters to you by visiting us at www.pwc.com.
This publication has been prepared for general guidance on matters of interest only, and does not constitute professional advice. You should not act upon the information contained in this publication without obtaining specific professional advice. No representation or warranty (express or implied) is given as to the accuracy or completeness of the information contained in this publication, and, to the extent permitted by law, PricewaterhouseCoopers LLP, its members, employees and agents do not accept or assume any liability, responsibility or duty of care for any consequences of you or anyone else acting, or refraining to act, in reliance on the information contained in this publication or for any decision based on it.
© 2019 PricewaterhouseCoopers LLP. All rights reserved. In this document, "PwC" refers to the UK member firm, and may sometimes refer to the PwC network. Each member firm is a separate legal entity. Please see www.pwc.com/structure for further details.
Design services 31310_PRES_04/18
@wilbourneuk
Thoughts, questions, feedback:
![Page 31: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/31.jpg)
PwC │ 31
References
Reaves, J. (2018). “Covert channel by abusing x509 extensions”. http://vixra.org/pdf/1801.0016v1.pdf. Accessed 26/07/2018.
FireEye. (2015). “Hammertoss: Stealthy Tactics Define a Russian Cyber Threat Group”. https://www2.fireeye.com/rs/848-DID-242/images/rpt-apt29-hammertoss.pdf. Accessed 22/08/2018.
Steganography Image. https://media.wired.com/photos/594db1717c1bde11fe06f341/master/w_799,c_limit/hidden_data-01.png. Accessed 24/08/2018.
Grant, D. (2016) “Instegogram: Leveraging Instagram for C2 Via Image Steganography”, https://www.endgame.com/blog/technical-blog/instegogram-leveraging-instagram-c2-image-steganography. Accessed 28/08/2018.
Deep Secure. (2018). “Stegware Threat Removal for Web Gateways”, https://www.deep-secure.com/uploads/files/deep_secure/resources/18/Deep_Secure_Solution_Brief_Stegware_Threat_Removal_for_Web_Gateways.pdf. Accessed: 02/11/2018.
Berg, G., Davidson, I., Duan, M., Paul, G. (2003). “Searching For Hidden Messages: Automatic Detection of Steganography”. https://www.aaai.org/Papers/IAAI/2003/IAAI03-007.pdf. Accessed 15/10/2018.
Sheridan, S., Keane, A. (2017). “Improving Stealthiness of DNS-based Covert Communication”, https://pdfs.semanticscholar.org/e7bd/7b29b5357e7c9ffe43ff85aad1788e88c983.pdf. Accessed 18/10/2018.
Booth, J. (2018). “Heuristic DNS detections in Azure Security Center”, https://azure.microsoft.com/en-us/blog/heuristic-dns-detections-in-azure-security-center/. Accessed 28/10/2018.
![Page 32: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/32.jpg)
PwC │ 32
References
GB Hackers. (2018) “Domain Fronting: A New Technique For Hiding Malware Command and Control (C2) Traffic within a Content Delivery Network”. https://i0.wp.com/gbhackers.com/wp-content/uploads/2017/07/api.jpg?resize=904%2C420&ssl=1. Accessed: 17/02/2019.
Puodzius, C. (2017). “DownAndExec: Banking malware utilizes CDNs in Brazil”, https://www.welivesecurity.com/2017/09/13/downandexec-banking-malware-cdns-brazil. Accessed 10/01/2019.
LogicHub (2018). https://www.logichub.com/company/news/logichub-accelerates-security-operations-rsa-archer-suite-support. Accessed 12/02/2019.
Google. (2017). ”Malware Beaconing Detection Methods”, https://patentimages.storage.googleapis.com/2a/0d/78/23bdc0f69c794d/US20170187736A1.pdf. Accessed 11/01/2019
Finley, K. (2017). “Why workplace instant messaging is hot again”. https://www.wired.com/story/why-workplace-instant-messaging-is-hot-again. Accessed 21/01/2019.
Gao, S., Li, Z., Yao, Y., Xiao, B., Guo, S., Yang, Y. (2018). “Software-Defined Firewall: Enabling Malware Traffic Detection and Programmable Security Control”. http://www4.comp.polyu.edu.hk/~csbxiao/paper/2018/SDF-asiaccs18.pdf. Accessed 30/01/2019.
Cisco. (2017). “Detect threats in encrypted traffic without decryption, using network based security analytics”. https://clnv.s3.amazonaws.com/2017/usa/pdf/BRKCRS-1560.pdf. Accessed 30/01/2019.
Reaves, J. (2018). “Sometimes What’s Missing is Right In Front of Us, We Only Need to Look”. https://www.fidelissecurity.com/threatgeek/2018/02/exposing-x509-vulnerabilities. Accessed 26/07/2018.
![Page 33: Tabraiz Malik - Unorthodox C2 Channels - v1.1€¦ · Microsoft PowerPoint - Tabraiz Malik - Unorthodox C2 Channels - v1.1.pptx Author: 939508 Created Date: 20190311160349Z ...](https://reader034.fdocuments.us/reader034/viewer/2022042811/5fa75edfad13bc5c6e1b3475/html5/thumbnails/33.jpg)
PwC │ 33
References
Crouch, H. Digital Health. “Message platform Slack reportedly eyeing up US healthcare sector. https://www.digitalhealth.net/2019/02/messaging-platform-slack-healthcare-sector. Accessed: 04/02/2019.
Westbrook, I., BBC. (2015), “Hackers combine codes photos and Twitter to hit targets” https://www.bbc.co.uk/news/technology-33702678. Accessed: 01/01/2019.
Liao, S. (2019). The Verge. “Here are the messaging apps Slack crushed on its road to IPO”. http://www.theverge.com/tldr/2019/2/4/18210980/slack-ipo-messaging-apps-competition-chat. Accessed: 19/02/2019.
Eckert, N. (2019). DBK News. http://www.dbknews.com/2019/02/15/umd-senate-slack-communication-app-meeting-participation-vote. Accessed: 18/02/2019.
Guri, ., Zadov, B., Bykhovsky, D., Elovici, Y. (2018). “PowerHammer: Exfiltrating Data from Air-Gapped Computers through Power Lines”. https://arxiv.org/pdf/1804.04014.pdf. Accessed 13/02/2019.
Guri, M. (2018). “Mind the gap: This researcher steals data with noise, light, and magnets”. https://www.wired.com/story/air-gap-researcher-mordechai-guri. Accessed: 19/02/2019.
Lielacher, A. (2019). “How Many People Use Bitcoin in 2019?”. https://www.bitcoinmarketjournal.com/how-many-people-use-bitcoin