y3dips - Who Own Your Sensitive Information?
-
Upload
ammar-wk -
Category
Technology
-
view
1.160 -
download
0
description
Transcript of y3dips - Who Own Your Sensitive Information?
Who Own your Sensitive Information ?
How It was Taken & How To Protect It
SNKI - 29, December 2010 - y3dips
Who Own It ?
HACKER
CYBER MAFIA
CYBER TERRORIST
Movie
CYBER ARMY
WIKILEAKS
Who Own It ?
How It Was Taken ?
Famous Attack Vector
• Password (Authentication)
• Insecure Infrastructure
• Insecure Data Protection
• There isnt any Policy and Procedure
• Intrusion/hacking
• Social Engineering
PASSWORD TREAT
INSECURE INFRASTRUCTURE
Hacking Example
Video Demo
WikiLeaks
Bradley Manning
an Army Intellegence
analyst
US Airstrikes
• Baghdad “AirStrikes” Incident
• Copy the Data into a “LADY GAGA” labeled CD
• Bradley Submit to Wikileaks
• Wikileaks confirm 3 Month Decrypting it - but it never encrypted said Bradley.
http://www.wired.com/threatlevel/2010/06/wikileaks-chat/#ixzz0qYdG9xzE
Wikileaks Publication
• Unprotected “Private” Network
• Unpatched/Out of date server/system
• Zip - aes256 - password protected partial usage
• Lack on Physical Security - 5 digit door access = knock
Attack Vector
WikiLeaks
Secret US Embassy Cables
Secret US Embassy Cables
How To Protect It ?
• Upgrade your Security Awareness
• Read The “Security” Manual
• Give a serious attention to your Authentication/Credentials
• Use a relatively Strong Encryption (e.g for file, network communication)
• Use AntiVirus, Firewall, e.t.c
Password Management
File/Partition Encryption
SECURITYIs a Process
No System 100% Secure
Human is the Weakest Link
Reference
• http://google.com “For most of the Images”
• http://wired.com “for Bradley and Lamo Chat transkrip”
• http://guardian.co.uk “For US Embassy Cablegate Diagrams”
Who Own your Sensitive Information ?
How It was Taken & How To Protect It
@y3dips - [email protected]