Breaking In and Breaking Records:A Look Back at 2016 CybercrimesTravis Smith, Senior Security ResearcherChris Conacher, Manager, Security Content and Research
2
Hollywood Presbyterian Medical CenterFebruary 15
3
4
Hollywood Presbyterian Medical Center
Allen StefanekCEO, CHA Hollywood Presbyterian Medical Center
February 15
The quickest and most efficient way to restore our systems and administrative
functions was to pay the ransom and obtain the decryption key. In the best interest of restoring normal operations, we did this.
5
Decryption Keys Available
Link to nomoreransomware.com
NoMoreRansom.org
6
iPhone HackingSan Bernardino Shooter iPhone
7
BadLock BustApril 12
8
9
10
DNC Hacked, A Tale of Two Attackers
First Attacker had persistence for over a year, siphoned communications Second Attacker had persistence for months, stole research on Donald Trump Both groups believed to be Russian affiliated National Republican Senatorial Committee (NRSC) also hacked, siphoning off
credit card data
June
11
Attribution
TTPs – Tactics, Techniques, and Procedures C2 Addresses Used Re-Used Certificates Data Dumps Translated Into Cyrillic
How It’s Done
?
12
13
14
Mirai Botnet Emerges
620 - 665 Gbps DDOS attack against Brian Krebs' website Not an amplification or reflection attack, but launched from hacked IoT Devices Source code released October 1st
Rumors that Liberia was knocked offline by the Botnet on Oct 4, but probably not true
October 21, Mirai brings down Twitter, Amazon, Reddit, GitHub, Netflix, among others.
September 20
15 SOURCE: Cisco
0
10
20
30
40
Bill
ions
of d
evic
es
1988 1992 1996 2000 2004 2008 2012 2016 2020
GROWTH IN THE INTERNET OF THINGSThe number of connected devices will exceed 50 Billion by 2020
19921M
20030.5B
2009IoT
Inception
20128.7B
201311.2B
201414.2B
201518.2B
201622.9B
201728.4B
201834.8B
201942.1B
202050.1B
16
Update Classes
Manual Search
Unsupported Devices User Notifications
Auto Updating
17
Windows UpdatesOctober
18
More Vulnerabilities
As Of December 13, 2016
All Year
CVE (v2 Scores) 2015 2016High 2,408 2,339Medium 3,489 3,144Low 591 574Total 6,488 6,112
MS Security Bulletins 2015 2016Critical 35 61Important 92 86Moderate 8 6Total 135 153
19
Old Microsoft Bulletin Pagehttps://technet.microsoft.com/en-us/security/bulletins.aspx
20
New Microsoft Security Portalhttps://portal.msrc.microsoft.com/en-us/
Thank You!
Top Related