Chapter 2 - Part 1: Empirical Data PDF
Document Details
Uploaded by IndebtedOwl
null
Tags
Summary
This document discusses empirical data on how organizations are compromised and the various methods used by attackers. It covers topics like understanding various approaches, implications, current trends of crime in an increasingly technical world, and countermeasures to such schemes.
Full Transcript
Chapter 2 – Part 1 Empirical Data ATP has an excellent understanding of the Big Picture ATP see how all the pieces add up to create a perfect path for compromising a target organization. Organizati...
Chapter 2 – Part 1 Empirical Data ATP has an excellent understanding of the Big Picture ATP see how all the pieces add up to create a perfect path for compromising a target organization. Organization need to understand also from the Big Picture of how their environment have been introduction compromised through the empirical knowledge This chapter gives few empirical example but only few of many There are many assumptions as to what happened in these compromised example of hacking and counter hacking, however they close to the facts Compilation of example data are from: News stories Data dumps from attackers Data from talented security researchers and organizations that compile and report on data The breaches Problem Many compromised organization and breaches are never reported or limited information available with our Not all compromises are discovered Data Set Not all of the discovered compromises are reported Not all the facts of any specific compromises are always uncovered Some facts released may be misleading or even incorrect ATP have and will always prefer to use the extremely stealthy methods when compromising targets. An ATP hacker will avoid leaving artifacts on compromised systems unless it is absolutely necessary to maintain access to the target organization Even when a compromised is discovered, many The organizations choose not to report it. Organizations may fear bad publicity, a loss of customer Problem confidence, or potential legal actions and choose not to report security incidents. with Our Now many organization starting to report compromises due to the level of increase, and also being able to Data Set detect them, and feeling comfortable or more compelled to report compromises. Attacker are constantly changing their strategies and techniques to take advantage of new vulnerabilities and create new attacks. Defenders create new defensive technologies to mitigate those attack. Attackers do not posses any serious technical skills but use technology to complement traditional crimes Techno-Criminals use technology to commit crimes as opposed to cyber-criminals who use the computers or the internet Skimmers are physical devices created to steal credit card data by physically swiping a credit card and storing the data on storage Techno- internal to the skimmer. See page 32-33 pictures from the book Most of these devices are used by criminals in restaurants or coffee Criminals shops, and any other retail establishments where credit cards are used Skimmers Now, it is common to see ATM skimmers, which are designed to be placed on top of ATM machines. Typically placed in front of or on top Evolution of the card slot of an ATM. New skimmers have the ability to send captured data via text messages or other wireless technologies Many also include extremely small cameras the user’s PIN data is captured All these technologies can easily be purchased on the internet and criminal underground