CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE...
Transcript of CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE...
![Page 1: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/1.jpg)
CYBER CRIME THE ANATOMY OF THE HACK
![Page 2: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/2.jpg)
ME Aaron Sparling
Portland Police Bureau Criminal Intelligence Unit
TFO United States Secret Service ECTF (Seattle)
Cyber Investigator (OSINT)
Computer Forensic Examiner
Interests: Network Intrusions, Malware and Memory Forensics, Penetration Testing, OSINT.
What I am NOT “Spelling Bee Champion”
![Page 3: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/3.jpg)
OBJECTIVES
① Know the Profile of a Network Breach (Target, Home Depot)
② Cybercrime (ecosystem)and Organization
③ Safe Internet Practices
④ Understand Key Terms and Concepts
![Page 4: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/4.jpg)
CYBERCRIME MODEL
![Page 5: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/5.jpg)
Types of Computers
PC or Personal Computer (Desktop Workstation)
Laptop/Netbook/Chromebook (Mobile/Portable)
Server (Companies, Government, Education, Commerce)
Micro Controllers (Small form Factor ex: Raspberry PI)
Mobile Devices (IOS, Android, Windows, Linux)
![Page 6: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/6.jpg)
THE COMPUTER
![Page 7: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/7.jpg)
![Page 8: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/8.jpg)
THE INTERNET
![Page 9: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/9.jpg)
Internet or WWW
Established in the 1960’s by US Military as a fail safe form of communication.
Early stage mostly used by Government and Large Universities (Distributive Processing)
Grew exponentially in the 1990’s
Now covers entire globe and has numerous economies built on it infrastructure (Ecommerce, Gold Farming, Bitcoins)
Wireless technologies Connect people via WIFI and Broadband Communications
![Page 10: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/10.jpg)
Networks
A Network is more than one computer connected and able to communicate with one another following set protocols.
Many Different Types of networks
Large = Government Small = Home
Public (The WEB)
Private (PPB Intranet)
Dark Net or Deep Net (TOR, P2P, VPN Services)
![Page 11: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/11.jpg)
DEEP WEB DARK NET
Hidden Services
Financial Services
Commercial Services
Hosting Services
BLOGS
Forums / Boards / IRC
Email / Messaging
IRC Command and Control Servers (BOTS/Malware)
![Page 12: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/12.jpg)
DARK NET Underbelly of the Internet
![Page 13: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/13.jpg)
PORTLAND
![Page 14: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/14.jpg)
HOW DOES IT WORK TOR Network
![Page 15: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/15.jpg)
EXAMPLES OF CYBERCRIME
o Steal valuable information (financial)
o Embarrassment (personal Email or Photos)
o HACKTIVISM
o Destroy your Identity (financial and personal)
o Plant evidence on your system by using OR turning your machine into a BOT
o Use your System as DDOS platform or a BOT
![Page 16: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/16.jpg)
CYBER CRIME
![Page 17: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/17.jpg)
RECONNAISSANCE
SCANNING MAINTAINING
ACCESS
EXPLOITATION
Anatomy of the Breach
GAIN ACCES TO THE
NETWORK
![Page 18: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/18.jpg)
RECONNAISSANCE
o OSINT (Open Source Intelligence) o Google-Fu (web based search engines/Bing, Yandex, ect)
o Facebook, Twitter, Linkedin,
o OSINT Tools (Maletgo, Creepy, Spokeo, Casefile, ect.)
o Recon (Passive and Physical) o War Driving/ War Flying
o Scan and Identify AP’s (Open/Crypto Protected)
o Social Engineering Attacks
o Persuasion, dumpster diving, phishing attacks,
![Page 19: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/19.jpg)
OSINT Facebook, Twitter, Linkedin,
OSINT Tools (Maletgo, Creepy, Spokeo, Casefile,
![Page 20: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/20.jpg)
RECON Scan and Identify AP’s (Open/Crypto Protected)
![Page 21: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/21.jpg)
War Driving/ War Flying
Scan and Identify AP’s (open/Crypto Protected)
![Page 22: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/22.jpg)
SOCIAL ENGINEERING
![Page 23: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/23.jpg)
SOCIAL ENGENEERING PHISHING ATTACKS
o Use Social Profiling to gain detailed personal information
(From the OSINT phase)
o Create FAKE websites which match the OSINT profile
o Send email with legitimate looking link to website
o Victim clicks the link directing them to a fake website
o Attacker either executes malicious code or records victims credentials
![Page 24: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/24.jpg)
CRYPTOLOCKER
o Computer is infected by clicking an email link (UPS, Fed-EX, or other tracking number type link which looks legit) Social Engineering Attack
o Malicious code finds all data files and wraps them in RSA 2048 bit encryption algorithm(private key stored on CC Server)
o Displays a Big red screen with instructions and count down timer, you pay or files are encrypted permanently
o 12,000 computers were infected in 1 week in United States, threatening 1 million mark in UK
o Last month Massachusetts PD paid 2 Bitcoins ($750)
o Bitcoin 12/24/13 trading at $667.00
![Page 25: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/25.jpg)
Cryptolocker
![Page 26: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/26.jpg)
EBOLA MALWARE
![Page 27: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/27.jpg)
THE MALWARE
![Page 28: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/28.jpg)
ACCESS THE NETWORK
o Direct Tap (Ethernet/Cat5)
o Drop Box Method
o Cracking WIFI (WEP, WPA/WPA2)
o M.I.M. Attack (Man in the Middle)
![Page 29: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/29.jpg)
DROPBOX
PWN PI PWN PI Apps
![Page 30: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/30.jpg)
PORTABLE PENTESTING TOOLS
PWN Plug
![Page 31: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/31.jpg)
M.I.M. Man In The Middle Attack
![Page 32: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/32.jpg)
SCANNING
o Port Scanning-Find Open Port-Run Exploit
o **PORTS…. WHAT ARE THEY**
o Wireshark – Packet captures
o Captures plain text information across the network
o Grab password hashes
o Study the network…better understand what is normal vs abnormal activity
![Page 33: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/33.jpg)
EXPLOITATION
o Malware
o Spyware
o Key loggers
o Access Camera and Microphone
o Pivot other machines or the network
o BOTS/BOTNETS
o Ransonware (Cryptolocker) **New kid on the block**
![Page 34: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/34.jpg)
MAINTAIN ACCESS
o ROOT Kits (RAT)
o Root or Administrator Privileges
o Change settings (open or close ports)
o Erase your tracks and logfiles
![Page 35: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/35.jpg)
EXFILTRATE DATA
o Remotely phone home (Activate RAT)
o Encrypted Text File via Email Script
o IRC Channel via SSH to CC Server
![Page 36: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/36.jpg)
BREACH LIFECYCLE
![Page 37: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/37.jpg)
PASSWORD CRACKING
o Once the password hashes are retrieved they have to be cracked (LinkedIn 6.5 million)
o Passwords are stored as a HASH (one way function) o Example (Password! = 0040f2abc2cff0c8f59883b99ae9fab6)
o Collect all the stored HASH’s to a text file
o Export text file to Hacker system
o Use a specialized GPU hacking system Multiple GPU cards
![Page 38: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/38.jpg)
GPU Hacking
![Page 39: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/39.jpg)
HOME BUILT GPU MACHINE
o Economical $ 3,000 Machine
o 11 days for 8 character password
o Using Hashcat.ocl or similar (27/55 character length)
o Expand the system as resources grow
o Easy to make upgrades as technology improves
o Local Distribution (circle of trust)
![Page 40: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/40.jpg)
PUBLIC CLOUD COMPUTING
o Amazon / Peer 1 / Penguin Computing
o 23 hours for a 8 character password = 3,000$
o Fast and easy
o Can handle large amounts of data at one time
o NO circle of trust (find a way to mask transaction)
![Page 41: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/41.jpg)
Low Tech Credit Card Theft
o Skimming
o Small (pocket sized) device
o Reads cards and stores number
o Usually waiters in restaurants
o Recruited by higher-level criminal/organization
o Card is out of view
o No indication to cardholder that number has been stolen
o Waiter returns skimmer to handler
o Paid $10-$20 per swipe
![Page 42: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/42.jpg)
Skimming Skimmed number gets uploaded to a computer
Magnetic stripe-writing software
Magnetic stripe writer
Illegally re-encoded card, aka, “swipe”
“Box”
“Machine”
![Page 43: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/43.jpg)
LARGE DATA BREACH
![Page 44: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/44.jpg)
HOW DOES IT WORK Target Breach
o Compromise the Networks Point of Sales System (Server)
o Install the Malware – which executes as designed (date, time, duration, storage, exfiltration)
(harvest CC track date)
o CC track data is written to an encrypted text file
o Malware calls back home to Command Control server and emails the text file containing the CC track data back to the Cybercriminals
o CC numbers are broken off into batches and sold on CC hosting sites (Darknet)
![Page 45: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/45.jpg)
EXAMPLE OF A CREDIT CARD HOSTNG SITE
TARGET NUMBERS
![Page 46: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/46.jpg)
Then What?
o Good o Buy merchandise and fund your lifestyle
o Better o Buy gift cards, then use the gift cards to fund your lifestyle
o Best o Buy gift cards, use them to buy merchandise, return the
merchandise for cash, then use the cash to fund your lifestyle
![Page 47: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/47.jpg)
o Local Criminals purchase a batch of CC numbers $10-$50 a number on the Dark Net or CC hosting sites
o Local Criminals encode the number to a forged CC or VISA type gift card
o Local Criminals than use the cloned cards to make purchases of high value merchandise which they than return for cash/credit or sale on Ebay or Craigslist
o In Portland we are averaging 1 out of state group about every 7-10 days *One group has racked up 900K in 180 days.
o TARGET = 40 million CC/Debit numbers in 19 days. Estimated cost to target is currently 3 Billion Dollars
![Page 48: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/48.jpg)
How do Criminals Use Stolen Numbers?
o Get money! o High-value merchandise (fence)
o Airline tickets for human smuggling
o High-liquidity merchandise o Gift cards
o Printer ink
o Razor blades
o Cigarettes
o Exploit a merchant with a loose return policy
![Page 49: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/49.jpg)
Return Fraud
o Buy something expensive
o Return it
o Get cash o Gift card
o Credit the value to a debit card
![Page 50: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/50.jpg)
![Page 51: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/51.jpg)
![Page 52: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/52.jpg)
BITCOIN
![Page 53: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/53.jpg)
WHAT IS IT?
Decentralized Peer to Peer Cryptographic Currency
Introduced in 2009 by Satoshi Nakamoto (Unknown). OPEN SOURCE CODE. Believed to have 1 million coins ($371,255,000.00)
Self Stabilizing Economy (auto-adjust to inflation = mining rate)
All Payments are Public, Traceable, and Permanently Stored in the Public Ledger
21 Million coins in total (year 2140)
1 block created every 10 minutes (25 coins)
![Page 54: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/54.jpg)
Offers Anonymity for Transactions when coupled with TOR
Bitcoin address is only used to show where stored and or sent in regards to traceability and transparency.
Bitcoin miners are part of the ecosystem they approve transactions
Requires use of a Bitcoin wallet to store and conduct transactions (software application /Computer or Mobile)
Wallet offers: Encrypted, Non-Encrypted and Offline transactions. **Paper Wallet**
Use of Digital Signatures: Private and Public Key Encryption scheme
Private key creates the transaction
Public key verifies (checks) the transaction
![Page 55: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/55.jpg)
Public Key is also the send to address
Generate a transaction message with private key, network nodes use the Public Key to verify that you are the originator of the transaction
Once a transaction is used it can’t be re-used. NO double spending
Block chains prevent fraud…Transaction is broken into blocks and the network nodes solve these blocks, each chain has a hash that point to the next block in the chain
Uses ECDSA (Elliptic Curve Digital Signature Algorithm)
![Page 56: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/56.jpg)
BITCOIN MINING
![Page 57: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/57.jpg)
MINING
Computer (node) is given a complex algorithm to solve which creates a 64 digit number
Rewarded with New Block Solve (25 Bitcoins) * every 4 years block chain reward is cut in half
Solve rate = 1 block every 10 minutes
Difficulty of algorithm is propionate to rate of solve
Miners help approve transactions within the network
Pool mining (GPU intensive)
![Page 58: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/58.jpg)
WHAT CAN YOU DO?
o Lock down your network (make sure it is closed and hidden)
o Use WPA2
o Use passphrase vs. password
o Scan you network to make sure no unauthorized devices are on it.
o Scan network for open ports…CLOSE them!
o Run a good firewall and virus software
o Use encryption (partial or full disk)
![Page 59: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/59.jpg)
Continued
o Back up or better yet store all important data on External drive and ENCRYPYT it
o Do a clean re-install
o Convenience vs. Security (Auto detect) o IOS/Android Mobile devices
o Educate your family and implement good security practices o Decrease your Digital Footprint
o Travel (safe practices) o Airport WIFI/Hotel WIFI/Coffee Shops WIFI/ ect. o Low hanging fruit
![Page 60: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/60.jpg)
THE LAB
![Page 61: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/61.jpg)
FORENSIC WORKSTATIONS
![Page 62: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/62.jpg)
DUPLICATION/WIPING
![Page 63: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/63.jpg)
SECURE EVIDENCE ROOM
![Page 64: CYBER CRIME THE ANATOMY OF THE HACK€¦ · CYBER CRIME THE ANATOMY OF THE HACK . ME . ... LARGE DATA BREACH . HOW DOES IT WORK Target Breach . o Compromise the Networks Point of](https://reader030.fdocuments.in/reader030/viewer/2022040308/5f03c4707e708231d40aab9c/html5/thumbnails/64.jpg)