phishing and ransomware peter wood · • steal your passwords, pins, email addresses • infect...

Peter WoodChief Executive Officer

First Base Technologies LLP

Personal Cyber Security

Phishing and Ransomware

© First Base Technologies 2017

Founder and CEO - First Base Technologies LLP

• Engineer, IT and information security professional since 1969

• Fellow of the BCS

• Chartered IT Professional

• CISSP

• Member of the Institute of Information Security Professionals

• 15 Year+ Member of ISACA, Member of the ISACA Security Advisory Group

• Senior Member of the Information Systems Security Association (ISSA)

• Member of the BCS Information Risk Management and Assurance Group

• Chair of white-hats.co.uk

• Chair of OTIS (Operational Technology and IoT Security)

• Member of ACM, IEEE, First Forensic Forum, Institute of Directors

• Member of Mensa

Peter Wood


go.symantec.com/norton-report-2013


What is phishing?

• Emails that look as if they are from a bank, a retailer,

eBay, or even a friend

• The email sender information has been faked

• Can include a malicious attachment

• Or a link to a fake website

• Or a link to a compromised website

• Or a website with malicious adverts

• Or invite simple form filling to capture your details


Why phishing?

• Steal your passwords, PINs, email addresses

• Infect your computer with a banking Trojan

• Infect your computer with ransomware

• Steal your address book (contact list)

• Add your computer to a botnet

• Install spyware, keyloggers or Trojan software


What are botnets?

• Botnets are large groups of computers controlled by

criminals

• Each computer has been infected by malicious

software

• The computers’ owners have no idea that they’ve been

infected

• The criminals control the computers remotely and

silently


How big is this problem?

• Millions and millions of computers around the world are

unwittingly part of botnets

• In 2009 a botnet of 1.9 million computers was found


Who are these criminals?

There are all kinds of criminals working together in an

underground economy: hackers, spammers, money

launderers, even web mafia


Why do botnets exist?

• Send out e-mail spam

• Conduct distributed denial-of-service attacks

• Send out banking Trojans and keyloggers

• Commit click fraud

• Host phishing websites

• Infect more computers and make more botnets


Phishing attacks against companies

• 3,066 employees clicked on a link in a phishing email, and2,398 users entered their username and password

• An analysis of the compromised passwords from emailphishing campaigns revealed single word-based passwordsand 72% of passwords being 10 characters or less inlength

• Email phishing is the most prevalent cyber security threatto organisations. Passwords harvested grant the attackeraccess to external services, such as VPNs and OWA

• Gaining access to these services can provide an attackerwith full remote access into the network


How to spot a phishing email


Trojan software invitation


How do I know a site is safe?


How does Chrome protect me?


How does Firefox protect me?


How does Internet Explorer protect me?


Tips to avoid email attacks

• Never reveal personal or sensitive information in response to

an email, no matter who appears to have sent it

• If you receive a suspicious email, call the person or

organisation before you respond or open any attached files

• Never click links in an email that requests personal or

sensitive information. Enter a known web address into your

browser instead

• Report any suspicious email to the spoofed organisation (for

example your bank)


Ransomware


What is ransomware?


The scale of ransomware


Evolution


RaaS


Tips to defend against ransomware

• Secure, encrypted backups on write-once media

(DVD, Blu-ray)

• Multiple backups (local, cloud and off-line)

• Regular software patching (ref Secunia)

• Ad blocking software for browsers

• Secure home networks

• Anti-phishing training for all friends and family

• Keep up to date on the evolution of ransomware


Password Fun


People hate passwords


A secure password?

• Maggie1

• !J3r3my

• 6k5&R*Gz

• I.love.green.tomatoes

• Password1

• P@ssw0rd1

• Oxford1984


Brute force crack(using a medium-sized botnet)

1. Maggie1 unsafe: brute force instantly

2. !J3r3my unsafe: brute force in 1 second

3. 6k5&R*Gz unsafe: brute force in 1 minute

4. Password1 unsafe: brute force in 2 minutes

5. Oxford1984 unsafe: brute force in 2 hours

6. P@ssw0rd1 unsafe: brute force in 6 days

7. I.love.green.tomatoes 99 quintillion years (99x1030)

http://password-checker.online-domain-tools.com/


Intelligent dictionary crack

1. Maggie1 unsafe: dictionary word + one or two digits

2. !J3r3my unsafe: leet speech + one character

3. Password1 unsafe: dictionary word + one or two digits

4. Oxford1984 unsafe: dictionary word + year

5. P@ssw0rd1 unsafe: leet speech + or two digits

6. 6k5&R*Gz unsafe: brute force in 1 minute

7. I.love.green.tomatoes 99 quintillion years (99x1030)

http://password-checker.online-domain-tools.com/


What about websites?


Automatic password generator


Tips to avoid password theft

• Don’t use passwords based on dictionary words and names

• Use passphrases whenever you can

• Never re-use passwords: “one password to rule them all”

• Use a ‘password safe’ like Password Agent to make it easy

(http://passwordsafe.sourceforge.net/)

Peter WoodChief Executive Officer

First Base Technologies LLP

[email protected]

http://firstbase.co.ukhttp://white-hats.co.ukhttp://peterwood.com

Twitter: @peterwoodx

Need more information?

phishing and ransomware peter wood · • steal your passwords, pins, email addresses • infect...

Documents