Embed Size (px)
Citation preview
WWW.ALPINESECURITY.COM 1
Alpine Security Live Hacking &
Professional Development Event
Presented by Alpine SecurityChristian Espinosa
Objectives
• Generate Interest in our Cybersecurity Training
• Announce EC-Council Partnership
• Introduce New EC-Council Course Offerings
• Live Hacking Demonstrations
• Discuss Social Engineering
• Questions
Technical Level – Moderate
WWW.ALPINESECURITY.COM 2
Overview
• Alpine Security Background
• EC-Council Partnership
• New Course Offering Overviews
• Context – Social Engineering
• Hacking Demonstrations
• Course Relevance
• Questions – any time
WWW.ALPINESECURITY.COM 3
How many CPEs is this thing?
1
Alpine Security Background
• Service Disabled Veteran Owned Small Business (SDVOSB)
• Areas of Focus:• Cybersecurity Training• Penetration Testing• Incident Response• Cybersecurity Strategy• Audits, based on Top 20 Critical
Security Controls
WWW.ALPINESECURITY.COM 4
www.alpinesecurity.com
Cybersecurity Training Differentiators
• All of our trainers are practitioners with real-world experience
• EC-Council Accredited Training Center (ATC)
• CompTIA Authorized Delivery Partner
• Both Live Online and Live In-Person Training
• Exam Vouchers included
• Exam Pass Guarantee
• Private and Custom courses available
• Dynamic and fun trainers
WWW.ALPINESECURITY.COM 5
EC-Council ATC
• Official EC-Council curriculum
• Access to latest EC-Council materials
• Onsite Exam administration
WWW.ALPINESECURITY.COM 6
New Courses
• ECSAv9 (EC-Council Certified Security Analyst)
• CND (Certified Network Defender)
• CSCU (Certified Secure Computer User)
WWW.ALPINESECURITY.COM 7
Course schedule on website and brochure
ECSAv9 – EC-Council Certified Security Analyst
• 5 Day, 70% Hands-On Course
• Progression Certified Ethical Hacker (CEH)
• Goal is to provide a practical-based certification• Reduces paper tigers
• Exam has two parts:• 60 Day practical – perform a penetration test and
submit a report
• If pass the practical – 150 question multiple choice exam (70% to pass)
WWW.ALPINESECURITY.COM 8
CND – Certified Network Defender
• 5 Day, Hands-On Course
• Skills-based course, based on the National Initiative of Cybersecurity Education (NICE)
• Mapped to roles and responsibilities for DoD system and network administrators
• Complements CEH and ECSA• Offense vs Defense
• Exam:• 100 Multiple Choice Questions• 4 hours long
WWW.ALPINESECURITY.COM 9
CSCU – Certified Secure Computer User
• 2 Day course, can be shortened
• Designed for “users”
• Fulfills User Awareness Training Requirements
• Exam:• 50 Multiple Choice
• 2 hours long
• 70% passing
WWW.ALPINESECURITY.COM 10
Password Demo
WWW.ALPINESECURITY.COM 11
iLabs – online Cyber Range
• Most of our courses come with an iLabs subscription
WWW.ALPINESECURITY.COM 12
iLabs Demo
WWW.ALPINESECURITY.COM 13
State of Affairs
WWW.ALPINESECURITY.COM 14
Tools
Skill
Time
5 Step HackingDemo
WWW.ALPINESECURITY.COM 15
Context
• CEH and ECSA – skills to run these attacks and more
• CND – skills to protect, detect, and respond
• CSCU – increased awareness
WWW.ALPINESECURITY.COM 16
Social Engineering – Hacking Humans
• Social engineering exploits human behaviors and trust
• It is often easier to exploit human vulnerabilities than computer or network vulnerabilities
• Why it works –• People want to be helpful
• People want to be liked
• People want to comply with figures of authority
• People don’t always think clearly under stress
• People are curious
WWW.ALPINESECURITY.COM 17
Thumb Drive Drop
• Attacker places malicious files on a thumb drive and drops the thumb drive(s) around the target facility
• Files often given provocative names, like payroll or layoff information
• Several thumb drives may be used and dropped in different locations, to increase the likelihood that someone will use it
WWW.ALPINESECURITY.COM 18
2017 Layoff Campaign
WWW.ALPINESECURITY.COM 19
Distribution – 5 Drives
WWW.ALPINESECURITY.COM 20
2017 Layoff Campaign Payload
• Reverse Meterpreter Shell that automatically ran “winenum” script to gather info on target• Allowed remote access
• Tunneled traffic (not encrypted) over TCP Port 53 (DNS)
• Benign, due to ROE
• Why Reverse Shell?
WWW.ALPINESECURITY.COM 21
winenum
WWW.ALPINESECURITY.COM 22
Results
WWW.ALPINESECURITY.COM 23
Scope Creep
WWW.ALPINESECURITY.COM 24
Thumb Drive Drop Results
• Objectives Met
• 5 Thumb Drives left
• 250+ people infected• We closed down the C2 server when the ROE window closed
• Client was unhappy and frustrated• Users broke several policies
• Inserted unofficial thumb drives
• Opened unofficial files
• Clicked “Enable Content”
• Copied file marked “sensitive” and emailed it
WWW.ALPINESECURITY.COM 25
Phishing Campaign Objectives
• Steal Credentials
• Measure “clicks”
WWW.ALPINESECURITY.COM 26
Phishing -Non Discrimination Policy Update
27
WWW.ALPINESECURITY.COM 28
Phishing Campaigns
• Stolen Credentials (Non-Discrimination Policy)• 11 out of 30 people
• 37%
• Clicks (LinkedIn Invite)• 16 out of 25 people
• 64%
• Only sent to males
WWW.ALPINESECURITY.COM 29
SET Demo
WWW.ALPINESECURITY.COM 30
Context
• CEH and ECSA – skills to run these attacks and more
• CND – skills to protect, detect, and respond
• CSCU – increased awareness!
WWW.ALPINESECURITY.COM 31
Summary
• Alpine Security Background
• EC-Council Partnership
• New Course Offering Overviews
• Context – Social Engineering
• Hacking Demonstrations
• Course Relevance
• Questions
WWW.ALPINESECURITY.COM 32
