Title | 2021EH02 Data Breaches |
---|---|
Author | Anonymous User |
Course | Ethical Hacking |
Institution | Danmarks Tekniske Universitet |
Pages | 11 |
File Size | 983.2 KB |
File Type | |
Total Downloads | 55 |
Total Views | 143 |
Examples of different data breaches and assignment...
Ethical Hacking Data Breaches in the Real World
The Story of What Really Happened
2
DTU Compute Technical University of Denmark
Ethical Hacking
1
Learning from Mistakes Tesla on “Autopilot” Crash
Norwegian Frigate Sinks after Collision with Oil Tanker
Miracle on the Hudson US Airways Flight 1549
• Transport safety is improved by studying accidents – Causes of the accident • External factors (threat agent) • Material factors (vulnerabilities) • Procedural factors (opportunity for attackers) – Timeline for the accident – How the accident could have been avoided • What we need to do in the future 3
DTU Compute Technical University of Denmark
Ethical Hacking
Diginotar
4
DTU Compute Technical University of Denmark
Ethical Hacking
2
Sony Pictures Entertainment
5
DTU Compute Technical University of Denmark
Ethical Hacking
Home Depot
6
DTU Compute Technical University of Denmark
Ethical Hacking
3
TKMaxx
7
DTU Compute Technical University of Denmark
Ethical Hacking
Target
8
DTU Compute Technical University of Denmark
Ethical Hacking
4
Stuxnet
9
DTU Compute Technical University of Denmark
Ethical Hacking
Carbanak
10
DTU Compute Technical University of Denmark
Ethical Hacking
5
Equifax
11
DTU Compute Technical University of Denmark
Ethical Hacking
Kapsersky Labs
12
DTU Compute Technical University of Denmark
Ethical Hacking
6
Hacking Team
13
DTU Compute Technical University of Denmark
Ethical Hacking
NotPetya cyber attack
14
DTU Compute Technical University of Denmark
Ethical Hacking
7
SolarWinds
15
DTU Compute Technical University of Denmark
Ethical Hacking
Hafnium
16
DTU Compute Technical University of Denmark
Ethical Hacking
8
Colonial Pipeline Hack
17
DTU Compute Technical University of Denmark
Ethical Hacking
Data Breach Examination • Each Group will be assigned one of the cases above to analyse • What happened? – Describe the target of the attack and the attackers • Motives, means and opportunity – Present a timeline of the data breach
• Why could it happen? – Present a brief technical explanation of the vulnerability • Describe data and communication protocols if necessary
• How could it be avoided? – Identify security controls to resolve the security problem (remedy) • Preventive Controls? • Corrective Controls? • Detective Controls?
• What can be learned? 18
DTU Compute Technical University of Denmark
Ethical Hacking
9
References • Diginotar –
https://www.rijksoverheid.nl/documenten/rapporten/2011/09/05/diginotar-public-report-version-1
–
https://www.rijksoverheid.nl/binaries/rijksoverheid/documenten/rapporten/2011/09/05/diginotar-publicreport-version-1/rapport-fox-it-operation-black-tulip-v1-0.pdf
–
https://en.wikipedia.org/wiki/DigiNotar
• Sony –
https://www.sans.org/reading-room/whitepapers/casestudies/case-study-critical-controls-sony-implemented36022
• Home Depot –
https://www.sans.org/reading-room/whitepapers/casestudies/case-study-home-depot-data-breach-36367
–
http://krebsonsecurity.com/tag/home-depot-breach/
• TJX
19
–
http://sydney.edu.au/engineering/it/courses/info5990/Supplements/Week07_Malware&Security/Supp074TJXCaseDetails.pdf
–
https://www.computerworld.com/article/2544306/security0/tjx-data-breach--at-45-6m-card-numbers--it-s-thebiggest-ever.html
–
https://www.computerworld.com/article/2538711/cybercrime-hacking/one-year-later--five-takeaways-from-thetjx-breach.html
DTU Compute Technical University of Denmark
Ethical Hacking
References II • Target: –
http://krebsonsecurity.com/2014/02/target-hackers-broke-in-via-hvac-company/
–
https://www.sans.org/reading-room/whitepapers/casestudies/case-study-critical-controls-prevented-target-
–
https://www.commerce.senate.gov/public/_cache/files/24d3c229-4f2f-405d-b8db-
breach-35412 a3a67f183883/23E30AA955B5C00FE57CFD709621592C.2014-0325-target-kill-chain-analysis.pdf
• Stuxnet: –
https://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_stuxnet_dossier
–
http://www.langner.com/en/wp-content/uploads/2013/11/To-kill-a-centrifuge.pdf
–
https://en.wikipedia.org/wiki/Stuxnet
.pdf
• Carbanak: –
http://www.securityweek.com/hackers-hit-100-banks-unprecedented-1-billion-cyber-attack-kaspersky-lab
–
http://25zbkz3k00wn2tp5092n6di7b5k.wpengine.netdna-cdn.com/files/2015/02/Carbanak_APT_eng.pdf
–
https://www.fox-it.com/en/files/2014/12/Anunak_APT-against-financial-institutions2.pdf
• Kapsersky Labs:
20
–
https://securelist.com/files/2015/06/The_Mystery_of_Duqu_2_0_a_sophisticated_cyberespionage_actor_returns .pdf
–
https://media.kaspersky.com/en/Duqu-2-0-Frequently-Asked-Questions.pdf
DTU Compute Technical University of Denmark
Ethical Hacking
10
References III • Hacking Team: –
http://arstechnica.com/security/2016/04/how-hacking-team-got-hacked-phineas-phisher/
• Solarwinds –
https://www.csoonline.com/article/3601508/solarwinds-supply-chain-attack-explained-why-organizationswere-not-prepared.html
–
https://www.microsoft.com/security/blog/2021/01/20/deep-dive-into-the-solorigate-second-stage-activationfrom-sunburst-to-teardrop-and-raindrop/
–
https://www.securityweek.com/continuous-updates-everything-you-need-know-about-solarwinds-attack
• Hafnium: –
https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/
–
https://www.msspalert.com/cybersecurity-news/microsoft-exchange-hafnium-attack-timeline/
–
https://www.dubex.dk/aktuelt/nyheder/hafnium-attack-dubex-recommendations
• Colonial Pipeline Hack: –
https://www.theverge.com/2021/5/13/22434381/colonial-pipeline-darkside-hacker-ransomware-ransom-oil
–
https://www.wired.com/story/colonial-pipeline-ransomware-attack/
• This list of references is incomplete – Look for more information (Google is your friend) 21
DTU Compute Technical University of Denmark
Ethical Hacking
Final Thoughts • Large volumes of data available online – Business Process Data, Customer Data, Intellectual Property – Valuable to organizations and attractive to attackers
• Many security products, standards and best practises – Must be put in place • Which one(s) to choose? • Is it sufficient to protect the systems?
• Arms race between attackers and defenders – Attackers only need one mistake, defenders must get everything right – Zero-day vulnerabilities • Huge software bases in most systems – 60 percent of enterprise codebases contain open-source vulnerabilities1
• Huge attack surface (e.g. through Internet of Things) 1) https://www.zdnet.com/article/60-percent-of-codebases-contain-open-source-vulnerabilities/ 22
DTU Compute Technical University of Denmark
Ethical Hacking
11...