![Page 1: Cyber Civil War: Are You - Team InfoSec or Team Audit? · 2016. 11. 10. · #SOHOpelessly Broken HACK ROUTERS AND GET PAID . . DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon We launched](https://reader034.vdocuments.site/reader034/viewer/2022051903/5ff2f431222be506851f8fd8/html5/thumbnails/1.jpg)
H a c k i n g H o s p i t a l s
Cyber Civil War: Are You - Team InfoSec or Team Audit?
![Page 2: Cyber Civil War: Are You - Team InfoSec or Team Audit? · 2016. 11. 10. · #SOHOpelessly Broken HACK ROUTERS AND GET PAID . . DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon We launched](https://reader034.vdocuments.site/reader034/viewer/2022051903/5ff2f431222be506851f8fd8/html5/thumbnails/2.jpg)
About ISE
• We are: - Ethical Hackers - Computer Scientists
• Our clients are: - Everyone.
• Our perspective is: – Everything is broken! – Whitebox testing rules.
ISE Confidential – Please do not distribute.
![Page 3: Cyber Civil War: Are You - Team InfoSec or Team Audit? · 2016. 11. 10. · #SOHOpelessly Broken HACK ROUTERS AND GET PAID . . DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon We launched](https://reader034.vdocuments.site/reader034/viewer/2022051903/5ff2f431222be506851f8fd8/html5/thumbnails/3.jpg)
#SOHOpelessly Broken
HACK ROUTERS AND GET PAID https://sohopelesslybroken.com
DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon
We launched the first IoT Village @ DEFCON 23
ISE Confidential – Please do not distribute.
![Page 4: Cyber Civil War: Are You - Team InfoSec or Team Audit? · 2016. 11. 10. · #SOHOpelessly Broken HACK ROUTERS AND GET PAID . . DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon We launched](https://reader034.vdocuments.site/reader034/viewer/2022051903/5ff2f431222be506851f8fd8/html5/thumbnails/4.jpg)
ISE IoT Village DEF CON 24
ISE Confidential – Please do not distribute.
![Page 5: Cyber Civil War: Are You - Team InfoSec or Team Audit? · 2016. 11. 10. · #SOHOpelessly Broken HACK ROUTERS AND GET PAID . . DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon We launched](https://reader034.vdocuments.site/reader034/viewer/2022051903/5ff2f431222be506851f8fd8/html5/thumbnails/5.jpg)
About Me
![Page 6: Cyber Civil War: Are You - Team InfoSec or Team Audit? · 2016. 11. 10. · #SOHOpelessly Broken HACK ROUTERS AND GET PAID . . DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon We launched](https://reader034.vdocuments.site/reader034/viewer/2022051903/5ff2f431222be506851f8fd8/html5/thumbnails/6.jpg)
About Me
![Page 7: Cyber Civil War: Are You - Team InfoSec or Team Audit? · 2016. 11. 10. · #SOHOpelessly Broken HACK ROUTERS AND GET PAID . . DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon We launched](https://reader034.vdocuments.site/reader034/viewer/2022051903/5ff2f431222be506851f8fd8/html5/thumbnails/7.jpg)
Rise of the Machines?
“Have you seen this
boy?”
![Page 8: Cyber Civil War: Are You - Team InfoSec or Team Audit? · 2016. 11. 10. · #SOHOpelessly Broken HACK ROUTERS AND GET PAID . . DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon We launched](https://reader034.vdocuments.site/reader034/viewer/2022051903/5ff2f431222be506851f8fd8/html5/thumbnails/8.jpg)
Science Fiction
![Page 9: Cyber Civil War: Are You - Team InfoSec or Team Audit? · 2016. 11. 10. · #SOHOpelessly Broken HACK ROUTERS AND GET PAID . . DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon We launched](https://reader034.vdocuments.site/reader034/viewer/2022051903/5ff2f431222be506851f8fd8/html5/thumbnails/9.jpg)
SCIENCE
![Page 10: Cyber Civil War: Are You - Team InfoSec or Team Audit? · 2016. 11. 10. · #SOHOpelessly Broken HACK ROUTERS AND GET PAID . . DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon We launched](https://reader034.vdocuments.site/reader034/viewer/2022051903/5ff2f431222be506851f8fd8/html5/thumbnails/10.jpg)
Science Fiction
![Page 11: Cyber Civil War: Are You - Team InfoSec or Team Audit? · 2016. 11. 10. · #SOHOpelessly Broken HACK ROUTERS AND GET PAID . . DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon We launched](https://reader034.vdocuments.site/reader034/viewer/2022051903/5ff2f431222be506851f8fd8/html5/thumbnails/11.jpg)
SCIENCE
![Page 12: Cyber Civil War: Are You - Team InfoSec or Team Audit? · 2016. 11. 10. · #SOHOpelessly Broken HACK ROUTERS AND GET PAID . . DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon We launched](https://reader034.vdocuments.site/reader034/viewer/2022051903/5ff2f431222be506851f8fd8/html5/thumbnails/12.jpg)
What’s the point?
![Page 13: Cyber Civil War: Are You - Team InfoSec or Team Audit? · 2016. 11. 10. · #SOHOpelessly Broken HACK ROUTERS AND GET PAID . . DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon We launched](https://reader034.vdocuments.site/reader034/viewer/2022051903/5ff2f431222be506851f8fd8/html5/thumbnails/13.jpg)
Time for Change?
![Page 14: Cyber Civil War: Are You - Team InfoSec or Team Audit? · 2016. 11. 10. · #SOHOpelessly Broken HACK ROUTERS AND GET PAID . . DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon We launched](https://reader034.vdocuments.site/reader034/viewer/2022051903/5ff2f431222be506851f8fd8/html5/thumbnails/14.jpg)
Time for Change?
What’s the one thing that’s not growing with
adoption of technology?
![Page 15: Cyber Civil War: Are You - Team InfoSec or Team Audit? · 2016. 11. 10. · #SOHOpelessly Broken HACK ROUTERS AND GET PAID . . DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon We launched](https://reader034.vdocuments.site/reader034/viewer/2022051903/5ff2f431222be506851f8fd8/html5/thumbnails/15.jpg)
Time for Change?
What’s the one thing that’s not growing with adoption of
technology?
Our ability to properly understand risk and make informed decisions
about the use of technology.
![Page 16: Cyber Civil War: Are You - Team InfoSec or Team Audit? · 2016. 11. 10. · #SOHOpelessly Broken HACK ROUTERS AND GET PAID . . DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon We launched](https://reader034.vdocuments.site/reader034/viewer/2022051903/5ff2f431222be506851f8fd8/html5/thumbnails/16.jpg)
UNDERSTANDING RISK
![Page 17: Cyber Civil War: Are You - Team InfoSec or Team Audit? · 2016. 11. 10. · #SOHOpelessly Broken HACK ROUTERS AND GET PAID . . DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon We launched](https://reader034.vdocuments.site/reader034/viewer/2022051903/5ff2f431222be506851f8fd8/html5/thumbnails/17.jpg)
System Architecture
ISE Confidential – Please do not distribute.
![Page 18: Cyber Civil War: Are You - Team InfoSec or Team Audit? · 2016. 11. 10. · #SOHOpelessly Broken HACK ROUTERS AND GET PAID . . DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon We launched](https://reader034.vdocuments.site/reader034/viewer/2022051903/5ff2f431222be506851f8fd8/html5/thumbnails/18.jpg)
Threat Modeling
ISE Confidential – Please do not distribute.
![Page 19: Cyber Civil War: Are You - Team InfoSec or Team Audit? · 2016. 11. 10. · #SOHOpelessly Broken HACK ROUTERS AND GET PAID . . DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon We launched](https://reader034.vdocuments.site/reader034/viewer/2022051903/5ff2f431222be506851f8fd8/html5/thumbnails/19.jpg)
Threat Modeling
• Assets • Threats • Attack Surfaces • Misuse & Abuse Cases
Now is the time to think like an attacker: outside of the box, open minded, and no limit as to how crazy something might sound.
ISE Confidential – Please do not distribute.
![Page 20: Cyber Civil War: Are You - Team InfoSec or Team Audit? · 2016. 11. 10. · #SOHOpelessly Broken HACK ROUTERS AND GET PAID . . DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon We launched](https://reader034.vdocuments.site/reader034/viewer/2022051903/5ff2f431222be506851f8fd8/html5/thumbnails/20.jpg)
Security Model
• Authentication – Establish an identity – Multiple factors (Know? Have? Are?)
• Authorization – Match identity, request, permissions – Frequently overlooked
• Accountability – Imperative for anomaly detection – Non-repudiation
ISE Confidential – Please do not distribute.
![Page 21: Cyber Civil War: Are You - Team InfoSec or Team Audit? · 2016. 11. 10. · #SOHOpelessly Broken HACK ROUTERS AND GET PAID . . DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon We launched](https://reader034.vdocuments.site/reader034/viewer/2022051903/5ff2f431222be506851f8fd8/html5/thumbnails/21.jpg)
HACKING METHODOLOGY
![Page 22: Cyber Civil War: Are You - Team InfoSec or Team Audit? · 2016. 11. 10. · #SOHOpelessly Broken HACK ROUTERS AND GET PAID . . DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon We launched](https://reader034.vdocuments.site/reader034/viewer/2022051903/5ff2f431222be506851f8fd8/html5/thumbnails/22.jpg)
Hacking Methodology
• Information Gathering • Scanning and Enumeration • Gaining Access • Maintaining Access
![Page 23: Cyber Civil War: Are You - Team InfoSec or Team Audit? · 2016. 11. 10. · #SOHOpelessly Broken HACK ROUTERS AND GET PAID . . DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon We launched](https://reader034.vdocuments.site/reader034/viewer/2022051903/5ff2f431222be506851f8fd8/html5/thumbnails/23.jpg)
Information Gathering
• Administration Settings – Default credentials – Management interface(s)
• WLAN Settings – SSID and wireless encryption
• Network Service Settings – DHCP, DNS, SNMP, UPnP, SMB, FTP, etc.
![Page 24: Cyber Civil War: Are You - Team InfoSec or Team Audit? · 2016. 11. 10. · #SOHOpelessly Broken HACK ROUTERS AND GET PAID . . DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon We launched](https://reader034.vdocuments.site/reader034/viewer/2022051903/5ff2f431222be506851f8fd8/html5/thumbnails/24.jpg)
Scanning and Enumeration
• Identifying active hosts • Identifying open TCP/UDP ports • Identifying running services and versions
![Page 25: Cyber Civil War: Are You - Team InfoSec or Team Audit? · 2016. 11. 10. · #SOHOpelessly Broken HACK ROUTERS AND GET PAID . . DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon We launched](https://reader034.vdocuments.site/reader034/viewer/2022051903/5ff2f431222be506851f8fd8/html5/thumbnails/25.jpg)
Gaining Access
• Service Investigation – Analyze web applications – Analyze servers (e.g., FTP, SMTP, SMB, HTTP) – Source Code Review (Static Code Analysis) – Fuzz Network Services (Dynamic Analysis)
![Page 26: Cyber Civil War: Are You - Team InfoSec or Team Audit? · 2016. 11. 10. · #SOHOpelessly Broken HACK ROUTERS AND GET PAID . . DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon We launched](https://reader034.vdocuments.site/reader034/viewer/2022051903/5ff2f431222be506851f8fd8/html5/thumbnails/26.jpg)
HACKING HOSPITALS
![Page 27: Cyber Civil War: Are You - Team InfoSec or Team Audit? · 2016. 11. 10. · #SOHOpelessly Broken HACK ROUTERS AND GET PAID . . DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon We launched](https://reader034.vdocuments.site/reader034/viewer/2022051903/5ff2f431222be506851f8fd8/html5/thumbnails/27.jpg)
Hacking Hospitals
![Page 28: Cyber Civil War: Are You - Team InfoSec or Team Audit? · 2016. 11. 10. · #SOHOpelessly Broken HACK ROUTERS AND GET PAID . . DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon We launched](https://reader034.vdocuments.site/reader034/viewer/2022051903/5ff2f431222be506851f8fd8/html5/thumbnails/28.jpg)
Hacking Hospitals
![Page 29: Cyber Civil War: Are You - Team InfoSec or Team Audit? · 2016. 11. 10. · #SOHOpelessly Broken HACK ROUTERS AND GET PAID . . DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon We launched](https://reader034.vdocuments.site/reader034/viewer/2022051903/5ff2f431222be506851f8fd8/html5/thumbnails/29.jpg)
CALL TO ACTION
![Page 30: Cyber Civil War: Are You - Team InfoSec or Team Audit? · 2016. 11. 10. · #SOHOpelessly Broken HACK ROUTERS AND GET PAID . . DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon We launched](https://reader034.vdocuments.site/reader034/viewer/2022051903/5ff2f431222be506851f8fd8/html5/thumbnails/30.jpg)
What Can We Do?
• Engage the C-Suite to discuss the new mission
• Review our empirical blueprint with your org
Next week
• Work to separate IS from IT
• Begin an in-depth inventory of all assets; prioritize their defense
30 days • Start to develop a long term security plan
60 days
• Perform a security assessment
90 days
![Page 31: Cyber Civil War: Are You - Team InfoSec or Team Audit? · 2016. 11. 10. · #SOHOpelessly Broken HACK ROUTERS AND GET PAID . . DEFCON 23, DerbyCon v4.0, BSIDES DC, ToorCon We launched](https://reader034.vdocuments.site/reader034/viewer/2022051903/5ff2f431222be506851f8fd8/html5/thumbnails/31.jpg)
What Should We Do?
There’s no solution without collaboration. Let’s talk.
Paul Dant
Chief Strategist @ ISE [email protected]