Scribd Logo
Upload

Welcome to Scribd!

  • Guerrillas in The Wire

    Uploaded by

    LARES
    95 views159 pages
    From 6000 BCE to today we have been schooled in war. Human kind has endured endless attacks, leveraging every tool as a weapon and every weapon as a tool. Throughout this 8000+ year history there have been superpowers which dominated the battlefield and conquered those with far less resources than they possessed. BUT….. Every one of the conquering was eventually beaten. Even the most impressive of military forces have been completely dismantled through the use of tactics and sheer will. In 1809 these tactics were given a name “Guerrilla Warfare”. Juan Martin Diez, with only a few thousand men/woman, used these tactics to beat the invading forces of Napoleon time after time. No matter how many resources, soldiers, and tactics the French threw at the problem… the Guerrillero never gave in. This talk will look at an 8000yr old problem through a historical lens and attempt to provide insight on WHERE WE ARE TODAY and WHERE TO GO FROM HERE. In order to do this, we must discuss if your inflated security budget, mass of troops and BLOCKS of defensive measure make you a Superpower or just another sitting duck?

    Original Title

    Guerrillas in the Wire

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    From 6000 BCE to today we have been schooled in war. Human kind has endured endless attacks, leveraging every tool as a weapon and every weapon as a tool. Throughout this 8000+ year history there have been superpowers which dominated the battlefield and conquered those with far less resources than they possessed. BUT….. Every one of the conquering was eventually beaten. Even the most impressive of military forces have been completely dismantled through the use of tactics and sheer will. In 1809 these tactics were given a name “Guerrilla Warfare”. Juan Martin Diez, with only a few thousand men/woman, used these tactics to beat the invading forces of Napoleon time after time. No matter how many resources, soldiers, and tactics the French threw at the problem… the Guerrillero never gave in. This talk will look at an 8000yr old problem through a historical lens and attempt to provide insight on WHERE WE ARE TODAY and WHERE TO GO FROM HERE. In order to do this, we must discuss if your inflated security budget, mass of troops and BLOCKS of defensive measure make you a Superpower or just another sitting duck?

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    95 views159 pages

    Guerrillas in The Wire

    Uploaded by

    LARES
    From 6000 BCE to today we have been schooled in war. Human kind has endured endless attacks, leveraging every tool as a weapon and every weapon as a tool. Throughout this 8000+ year history there have been superpowers which dominated the battlefield and conquered those with far less resources than they possessed. BUT….. Every one of the conquering was eventually beaten. Even the most impressive of military forces have been completely dismantled through the use of tactics and sheer will. In 1809 these tactics were given a name “Guerrilla Warfare”. Juan Martin Diez, with only a few thousand men/woman, used these tactics to beat the invading forces of Napoleon time after time. No matter how many resources, soldiers, and tactics the French threw at the problem… the Guerrillero never gave in. This talk will look at an 8000yr old problem through a historical lens and attempt to provide insight on WHERE WE ARE TODAY and WHERE TO GO FROM HERE. In order to do this, we must discuss if your inflated security budget, mass of troops and BLOCKS of defensive measure make you a Superpower or just another sitting duck?

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 159

    COMPLIACE

    CHRIS NICKERSON Guerillas in the Wires

    hi. =)

    Thanks

    Anyway...

    Im Chris

    My Credentials?

    Pain in the arse Loudmouth Hacker Punk Tells lies (professionally) Is called all sorts of bad words.. That I will likely say throughout this talk Cant code well Talks $hit Drinks a LOT Is an overall J3rk

    -me

    LARES

    Electronic
    EP Convergance Attacks on physical systems that are network enabled

    Network Pentesting Surveillance/ plants

    ES Convergance Blackmail Phishing Profiling Creating moles

    Physical
    Lockpicking Direct Attack
    PS Convergance Tailgaiting Impersonation

    Social
    In Person Social Engineering Phone Conversation Social Profiling

    Figure Out What is Important to the company

    Steal It !

    To get you awake

    Get you to THINK about what we are doing

    So

    We are clearly doing something wrong

    2012 Infosec Year In review

    2,644 incidents were reported (Up 117.3% from 2011) 267,000,000 records exposed Over 150,000,000 in ONE incident 84.7% of the records exposed came from business 45% of incidents included public releases of passwords

    Persians vs Scythians

    ROME vs Britons

    Mongolians vs Tanguts

    Vs.

    El Empecinado Aka

    Juan Martn Dez

    Structure exists even in Guerilla warfare

    The only patch for Human Stupidity is EXPERIENCE

    So how does all of this apply to us?

    Home Field Advantage

    Environment

    Defender

    Attacker

    ENCRYPTION

    Own the box/steal the keys Keylog GPU Cracking is fun TO the cloud!! Attack 3rd party crypt

    And if all else fails

    Nmap --datalength=0 Or f Or just go faster T5

    Lame that this STILL works in many cases

    Roll your own crypto Use other data streams (mDNS, Airdrop, BITS,DNS, HTTP,SIP) Go to the phones.. (Translate to 16 octave audio and exfil over fax) Hopefully you saw Steffen Wendzels talk if not, go find em

    AV/Anti-

    Custom checksums are not hard theres apps for that =)

    Clearthelog.rb rm Run scripty log cleaners in your tools *MSF,CORE,CANVAS all have **so do most exploit kits (yeay china)

    Of the 6 Top Firewalls How many can effectively block TCP ports?

    -Source NSS Labs Firewall Group test :Section: TCP Split Handshake

    WHAT DO WE DO?

    STEP 0

    EDUCATION

    Implement Awareness and Knowledge Formula

    Defense = capability (awareness + knowledge) +experience Capability =(Knowledge + Awareness) Can we defend against an attack? Experience over all ability to understand/plan/execute/and remain on task during the event
    **ps this is not math just conceptual. Most companies out there couldnt put actual ACURATE values on controls or any of the areas above if they even tried. Crawl,walk,run

    Practice BASIC INFOSEC!

    Patching

    Reduce Complexity

    The more sophisticated the technology, the more vulnerable it is to primitive attack. People often overlook the obvious Dr. WHO

    Align With the business objectives

    What does your company DO???

    How does it do it?

    Now what?

    Grow Revenew Increase Product reliability


    Increase brand value Launch xyz new thing

    Buy firewall Deploy DLP

    Move to Cloud
    Install moar AV WAF

    Increase customer service/satisfaction

    How much do you spend on Disaster Recovery. (Average is 1.8% total)

    Average cost of a downtime $287,600

    Multiply that by the # of bugs found in code that can stop a service

    TEST TO SEE IF IT WORKS.. DUMMY

    Vulnerability Assessments?

    Process

    Figure Out What the Company Thinks is Important

    Steal It !

    5 4 3 2 1

    + Custom designed attack kits

    At ANY time

    Non Interactive, without update

    + Corporate Partner Attacks

    + 0day development

    At ANY time

    Non Interactive, Without update unless urgent/issue based

    + Physical Attacks

    Exploitation of ALL KNOWN vulnerabilities w/ non-interactive sessions


    Exploitation of Known vulnerabilities at ALL layers w/ interactive sessions
    Exploitation of known Vulnerabilities at all layers under Application with interactive sessions

    Extended engagement time window

    Non interactive w/ update

    + Individual attacks

    Unlimited Time window during engagement

    Interactive w/scheduled update

    + Indirect attacks

    Constrained Time windows

    Interactive w/ constant client update

    Direct Attacks

    FOLLOW A REPEATABLE METHODOLOGY

    ACT as you would NORMALLY

    Allow a FULL TEST to get FULL VALUE


    Systems attack : tests IR plan System Error: tracks mean time to issue identification Service Outage: tests/identifies flaws in BCP System down: tests/identifies flaws in DR plan

    SET REASONABLE EXPECTAITONS

    What do you have to lose?

    YOU HAVE ALREADY BEEN HACKED

    You might also like