Upload
dennis-m-allen-cissp
View
174
Download
1
Embed Size (px)
Citation preview
Let’s Go To The Movies Introduction to Cybersecurity
Dennis M. Allen https://www.linkedin.com/in/dennis-m-allen-cissp-a709724
NOW SHOWING
WarGames – 1983
© 1983 Metro-Goldwyn-Mayer Studios Inc. All Rights Reserved. http://www.imdb.com/title/tt0086567
PG Cybersecurity Elements
0:10:36 - 0:13:45 “Take the men out of the loop,”
WOPR, big data, war gaming 0:17:35 - 0:17:55 Password insecurity 0:20:20 - 0: 22:15 Old school tech, grade tampering 0:24:25 - 0:25:30 War dialing, “Saul’s fish market” 0:26:14 - 0: 30:17 War dialing (Bank, PanAm, Games) 0:32:30 - 0: 33:40 “Mr. Potatohead, back door’s are not
secrets!” 0:38:28 - 0:45:35 Unauthorized access, Artificial
Intelligence, Global Thermal Nuclear War, Operations Centers
1:03:47 - 1:06:10 Physical security and tone hacking 1:11:28 - 1: 12:45 Payphone hacking
Sneakers – 1992
http://www.imdb.com/title/tt0105435 © 1992 Universal Pictures Studios, Inc. All Rights Reserved.
PG-13 Cybersecurity Elements
0:01:45 - 0:03:05 Wire Fraud 0:05:15 - 0:10:58 Penetration Testing including
social engineering & physical security:
“Your communication lines are vulnerable, fire exits need to be monitored, and your rent-a-cops are a tad under trained”
0:11:38 - 0:14:20 Government hired hadckers 0:25:20 - 0:30:51 Reconnasaince, shoulder surfing,
security bypass with cake & baloons 0:39:39 - 0:46:30 Electronics hacking, unauthorized
access, code breaking 1:21:27 - 1:22:54 Dumpster diving – trash analysis 1:27:34 - 1:41:06 Security control bypass (guard,
cameras, voice authentication, etc.), failure to review the security log!
Hackers – 1995
http://www.imdb.com/title/tt0113243 © 1995 UNITED ARTISTS PICTURES INC. ALL RIGHTS RESERVED
PG-13 Cybersecurity Elements
0:04:33 - 0:08:33 Social engineering (skip the war
dialing), hacking a TV station 0:13:34 - 0:15:02 Student record modification, and
hacker handles – poor Joey 0:18:53 - 0:20:02 Late night hacking, Sprinkler test 0:22:40 - 0:25:40 1984, Rainbow Books, Common
Passwords & Attack methodology? 0:25:42 - 0:29:29 Joey hacks the Gibson as God and
downloads some “Garbage” 0:31:13 - 0:31:18 Hack the planet, Tone hacking with
Razor and Blade 0:33:00 - 0:33:40 USS collection and Interview,
“These people are terrorists”
The Net – 1995
http://www.imdb.com/title/tt0113957 © 1995 Columbia Pictures Industries, Inc. All Rights Reserved.
PG-13
Cybersecurity Elements
0:03:38 - 0:05:14 Malware Analysis, Assembly Lang. 0:11:30 - 0:13:16 Clean versus Analyze? 0:14:17 - 0:15:06 Airplane navigation hacked 0:15:45 - 0:16:20 Runtime analysis, talent recruiting 0:17:22 - 0:17:56 Airport computer malfunction 0:19:00 - 0:20:50 Beach computing, Social Engineering 0:39:22 - 0:40:45 Identity manipulation 0:48:02 - 0:48:29 Cell phone tracking and triangulation 0:55:00 - 0:57:02 International ISP, unauthorized system
access, IP attribution, medical records 0:57:28 - 0:59:29 Chat user attribution and recruiting 1:20:55 - 1:22:04 False sense of security from software 1:30:53 - 1:37:36 Physical security, Social Engineering,
Terminal Echo, Command and Control App, Attribution
1:42:00 – 1:45:00 Hacking from RSA or MacWorld?
Track down / Takedown – 2000
http://www.imdb.com/title/tt0159784
R
2000 Dimension Films (presents) Millennium Films (in association with) Hacker Productions (copyright owner)
Cybersecurity Elements
0:03:12 - 0:04:31 1st Meeting with undercover LE 0:05:50 - 0:06:53 Social Engineering for serial number and
manufacturer info 0:07:22 - 0:08:45 Social Engineering for specs and docs 0:09:11 - 0:10:22 Switched Access Services – S.A.S.,
Telephone monitoring service for LE? 0:14:15 - 0:15:58 Mitnick Article 0:20:57 - 0:23:07 Rollerblading in a data center –
“Challenge accepted!” 0:24:35 - 0:26:17 Stealing Nokitel code and deleting files (backups?) 0:27:23 - 0:27:42 Tape recorder tone dialing 0:28:55 - 0:30:25 Contempt virus 0:33:14 - 0:35:02 Messing with Agent Gibson (Water, Gas, Power) 0:35:51 - 0:39:01 Tsutomu Shimomura - Investigation (connections,
firewalls, modems, log files) 0:47:17 - 0:49:03 CellularOne investigation, hijacking cell phones,
cloning cards, signal tracking 1:01:05 - 1:03:52 Dumpster diving, Social Engineering and using
University computing resources 1:04:50 - 1:07:42 ISP (Netcom) and identifying last hop (real PoP) 1:08:40 - 1:09:55 Civilian investigation – “What can we do?” 1:10:22 - 1:14:13 Social Engineering and using University computing 1:16:23 - 1:18:07 Trolling/Cell scope/ War driving 1:26:17 - 1:26:42 Packet Capture to recover lost files on final upload
Antitrust – 2001
http://www.imdb.com/title/tt0218817 © METRO-GOLDWYN-MAYER PICTURES INC. (2001)
PG-13 Cybersecurity Elements
0:00:20 - 0:03:35 Programming, “First Mover Advantage” 0:03:40 - 0:05:00 The Garage Business 0:09:36 - 0:19:00 Smart Home 0:10:10 - 0:10:34 Open Source/Free v. Software Business 0:11:35 - 0:12:58 Synapse architecture, backdoors, etc. 0:16:08 - 0:17:04 Government recruiting (42K and a Buick) 0:18:26 - 0:18:45 Security briefing 0:20:00 - 0:21:10 Programmer swag – The Egg 0:44:10 - 0:48:35 Tailgating, Building and Badge Security,
Unlocked terminal with privileged access (Printed badge, altered security feeds)
0:49:40 - 1:00:24 Milo snooping – No multi-factor!!!!!! 0:54:00 - 1:00:24 Very detailed NURV employee database
Good ol’ Linux CLI 1:27:39 Vehicle Tracking System 1:29:20 - 1:40:00 Milo versus Gary and who can access
the Satellites faster, Release of Synapse source code to the world
Other interesting points: • Social Engineering to get an invite to the Art Museum Benefit • Several Java code and compilation examples throughout
http://www.imdb.com/title/tt0244244
Swordfish – 2001
© 2001 Village Roadshow Films (BVI) Limited. All rights reserved.
R Cybersecurity Elements
0:27:00 - 0:30:00 Performance Based Interview 0:51:40 – 0:53:00 Stashing worm generator code on
an Internet accessible PDP-10 0:55:05 – 0:57:10 Creating the Hydra.
Terrible, yet spectacular. Other interesting points: • Ironically, the movie starts by stressing the importance
of realism in movies • Bad guys and good guys recruiting the same talent • Computer facilitated crime funding terrorists
To be clear – The technology is terrible!
Firewall – 2006
http://www.imdb.com/title/tt0408345 © 2006 Warner Bros. Entertainment Inc. 2006 Village Roadshow (BMI) Limited. All rights reserved
PG-13
Cybersecurity Elements
0:07:02 - 0:07:33 Wireshark and Cisco ACLs (kinda) 0:07:50 - 0:09:00 Boardroom and CISO challenges 0:10:42 - 0:11:15 ID Theft and dumpster diving 0:53:00 - 0:55:54 Building the scanner 0:58:07 - 1:01:52 Navigating the Data Center 1:02:50 - 1:08:08 Cat & Mouse (Catching an insider) 1:29:19 - 1:30:08 PET-NAV 3000
Untraceable – 2008
http://www.imdb.com/title/tt0880578 © 2008 Lakeshore Entertainment Group LLC. All Rights Reserved.
R
Cybersecurity Elements
0:03:40 - 0:06:14 FBI Cyber tradecraft: - Chats, - Honeypots - Virtual machines - Fake data - Hack back authority? - Attribution
0:14:52 - 0:15:46 IP black holing, Fast flux DNS,
Russian hosting, botnets of compromised hosts
0:56:52 - 0:57:05 Horsez – Trojan – RAT,
unauthorized network access 1:22:20 – 1:23:20 Automobile hacking
Blackhat – 2015
http://www.imdb.com/title/tt2717822 © 2015 Universal Studios. All Rights Reserved
R Cybersecurity Elements
0:01:28 - 0:06:03 Cooling system failure in 8 nuclear reactors – STUXNET-ish (about 1 min is good)
0:07:49 - 0:08:15 Thor’s prison phone/attack tool 0:09:02 - 0:10:15 RAT malware discussion (in Chinese). Motivations.
Collaboration with FBI? 0:10:22 - 0:11:18 Profiling and discussion about Nation-state cyber 0:11:25 - 0:12:03 Initial code analysis – with some key pounding 0:13:50 - 0:18:00 Run up on Soy, Different authors for the RAT and the
payload, Justifying use of a “blackhat” 0:23:38 - 0:25:30 Datacenter, fancy language, thumb print keyfab, a
little CLI, insider threat 0:25:30 - 0:26:30 Some more ode analysis, and discussion for motives 0:31:00 - 0:31:50 Little bit of forensics (WRT hardware, TOR, chat/email
history, impersonation) 0:39:48 - 0:41:00 Whois lookups and a little CLI from ghostman 0:48:16 - 0:54:40 Tracking the money mules and a little bluetooth
signals tracking – GPG, 512-bit encryption 1:09:19 - 1:14:00 HD recovery from the hot zone, snippets of malware in
memory, access “Black Widow” 1:14:45 - 1:15:15 Plausible deniability 1:16:11 - 1:17:32 Spear Phishing NSA with a malicious PDF/keylogger,
Internet accessible systems, EtherApe? 1:18:18 - 1:18:59 Bulletproof hosting in Indonesia from hard drive
recovery – some missing steps though 1:19:30 - 1:19:58 Hi resolution satellite imagery 1:37:07 - 1:39:00 Physical recon/security, same model pump controlled
by the same model PLC, motivation reveal 1:42:00 - 1:43:45 Compromising the data center (with a car), physical
access is key, more CLI to image hard drives 1:43:46 - 1:44:10 Malware source code analysis 1:45:38 - 1:47:05 Social Engineering, Removable media, Waiting for
your shell, pivoting to banking apps 1:47:13 - 1:47:52 SSH and CLI trash talking – Linux command “write”
1:52:29 - 1:54:00 Fight hacking
• RealGenius(1985),h3p://www.imdb.com/>tle/30089886
• PiratesofSiliconValley(1999),h3p://www.imdb.com/>tle/30168122
• TheItalianJob(2003),h3p://www.imdb.com/>tle/30317740
• TheMatrixReloaded(2003),h3p://www.imdb.com/>tle/30234215
• TheBourneUl>matum(2007),h3p://www.imdb.com/>tle/30440963
• LiveFreeorDieHard(2007),h3p://www.imdb.com/>tle/30337978
• TheGirlwiththeDragonTa3oo(2009),h3p://www.imdb.com/>tle/31132620
• TheSocialNetwork(2010),h3p://www.imdb.com/>tle/31285016
• TronLegacy(2011),h3p://www.imdb.com/>tle/31104001
• Code2600(2011),h3p://www.imdb.com/>tle/31830538
• Skyfall(2012),h3p://www.imdb.com/>tle/31074638
• TheInternship(2013),h3p://www.imdb.com/>tle/32234155
• TheImita>onGame(2014),h3p://www.imdb.com/>tle/32084970
At the Dollar Cinema
• VerizonDataBreachReport,h3p://www.verizonenterprise.com/DBIR
• FBICyberMostWanted,h3p://www.^i.gov/wanted/cyber
• DigitalCarjackersShowOffNewA3acks,h3ps://www.youtube.com/watch?v=oqe6S6m73Zw
• NMAPinthemovies,h3p://nmap.org/movies
• BureauofJus>ceSta>s>cs,h3p://www.bjs.gov/index.cfm?ty=tp&>d=42
• Opera>onGetRichorDieTrying,h3p://www.hulu.com/watch/420138
• FBIWarnsofCyberTerror,h3p://freebeacon.com/na>onal-security/^i-warns-of-an>-israel-cyber-a3acks
• HackersBreachMajorLawEnforcementPortal,h3ps://www.iden>tyforce.com/blog/hackers-breach-law-enforcement-portal-leo-gov
• PBS–NOVARiseoftheHackers,h3p://www.pbs.org/wgbh/nova/tech/rise-of-the-hackers.html
• ThefirstNa>on-statecyberweapon?h3p://www.wired.com/2014/11/countdown-to-zero-day-stuxnet
• Nasdaqhacked,h3p://www.bloomberg.com/bw/ar>cles/2014-07-17/how-russian-hackers-stole-the-nasdaq
• KevinMitnicknowselling0-daysh3p://www.wired.com/2014/09/kevin-mitnick-selling-zero-day-exploits
• AnOutlawinCyberspace,h3p://www.ny>mes.com/1996/02/04/books/an-outlaw-in-cyberspace.html?pagewanted=all
• VulnerableCri>calInfrastructure,h3p://www.forbes.com/sites/realspin/2014/11/11/americas-cri>cal-infrastructure-is-vulnerable-to-cyber-a3acks
• Hackerssuccessfullyground1,400passengers,h3p://www.cnn.com/2015/06/22/poli>cs/lot-polish-airlines-hackers-ground-planes/
• Southwest:Noevidencehackerscausedflightdelays,h3p://thehill.com/policy/cybersecurity/256676-southwest-no-evidence-hackers-caused-flight-delays
• GradeTampering,h3p://www.nbclosangeles.com/news/local/Corona-del-Mar-High-School-Chea>ng-Hacking-Scandal-Tutor-242423361.html
• GPSTracking,h3p://www.pe3racker.com
• Moviemistakesandtrivia,h3p://www.moviemistakes.com
Other Things to Check Out
Encore?
• NetSmartzWorkshop,h3p://www.netsmartz.org
• FBICyberSurfIslands,h3ps://sos.^i.gov
• CIAKids’Zone,h3ps://www.cia.gov/kids-page
• TheCarnegieCadets:MySecureCyberspace,h3p://www.carnegiecyberacademy.com
• CyberCIEGE,h3p://cisr.nps.edu/cyberciege
• Control-Alt-Hack,h3p://www.controlalthack.com
• CyberAwarenessChallenge,h3p://iase.disa.mil/eta/cyberchallenge/launchPage.htm
• OnGuardOnline.gov,h3p://www.onguardonline.gov
• PBS–NovaCybersecurityLab,h3p://www.pbs.org/wgbh/nova/labs/lab/cyber
• UsingVideoGamestoPreparetheNextGenera>onCyberWarriorsh3p://resources.sei.cmu.edu/library/asset-view.cfm?assetID=442338
Games
Cyber-Fic*on
• JeffAikenNovels:ZeroDaybyMarkRussinovichandHowardSchmidt(Aug2012)TrojanHorsebyMarkRussinovichandKevinMitnick(Sep2012)RogueCodebyMarkRussinovich(May2014)
• StealingtheNetwork: HowtoOwntheBoxbyRayanRussellandothers(May2003) HowtoOwnaCon>nentbyFXandothers(May2004) HowtoOwnanIden>tybyRyanRussellandothers(May2005) HowtoOwnaShadowbyJohnnyLongandothers(Feb2007)
Non-Fic*on
• TheCuckoo’sEgg:TheCuckoo'sEgg:TrackingaSpyThroughtheMazeofComputerEspionage,CliffStoll
• CyberWar:TheNextThreattoNa>onalSecurityandWhattoDoAboutIt,RobertK.Knake
• SpamNa>on:TheInsideStoryofOrganizedCybercrime–fromGlobalEpidemictoYourFrontDoorbyBrianKrebs
• AmericatheVulnerable:NewTechnologyandtheNextThreattoNa>onalSecuritybyJoelBrenner
• Kingpin:HowOneHackerTookOvertheBillion-DollarCybercrimeUndergroundbyKevinPoulsen
• CountdowntoZeroDay:StuxnetandtheLaunchofthWorld’sFirstDigitalWeaponbyKimZe3er
Books
• Na>onalIni>a>veforCybersecurityCareersandStudies,h3p://niccs.us-cert.gov• Compe>>ons,h3p://niccs.us-cert.gov/training/tc/search/cmp/new• Games&Programming,h3p://niccs.us-cert.gov/educa>on/cyber-games-and-programming• CampsandClubs,h3p://niccs.us-cert.gov/educa>on/cyber-camps-clubs
• UniversityExamples• CarnegieMellonPicocr,h3ps://picocr.com• RochesterIns>tuteofTechnologyCPTC,h3p://cptc.csec.rit.edu
• SANSIns>tute• NetWars,h3ps://www.sans.org/netwars/• CyberAces,h3p://cyberaces.org
• Other“Challenges”• h3p://www.na>onalccdc.org• h3p://www.cyberaces.org/compe>>ons/• h3p://www.uscyberchallenge.org
• HackerChallenges(EdSkoudis),• h3p://www.counterhack.net/Counter_Hack/Challenges.html
Competitions
• ScholarshipforServiceh3ps://www.sfs.opm.gov/StudFAQ.aspx
• Na>onalCentersofAcademicExcellenceinInforma>onAssurance/CyberDefenseh3ps://www.nsa.gov/ia/academic_outreach/nat_cae/
• ProfessionalOrganiza>ons
• h3ps://www.rocissa.org
• h3ps://www.owasp.org/index.php/Rochester
• h3p://www.isaca.org/chapters11/Western-New-York
Training, Education & Awareness
• The10MostNotoriousHackersofAllTime!(8:19)h3ps://www.youtube.com/watch?v=-XpPEmcnKCk
• 5MostDangerousHackersOfAllTime(4:31)h3ps://www.youtube.com/watch?v=7UaPL5PGywo
• TheSecretInterna>onalCyberWarDividingNa>ons(42:17)h3ps://www.youtube.com/watch?v=zAS-agcQqEk
• 25BiggestCyberA3acksinHistory(14:07)h3ps://www.youtube.com/watch?v=Zl_BQoJqClM
• Opera>onGetRichorDieTrying(43:21)h3p://www.hulu.com/watch/420138
YouTube & Hulu – Must Watch
• ITFreeTraining,h3p://www.youtube.com/user/irreetraining
• itTaster,h3p://www.youtube.com/user/i3aster
• ProfessorMesser,h3ps://www.youtube.com/user/professormesser
• StormWindLive,h3ps://www.youtube.com/user/StormWindLive
• ElitheComputerGuy,h3ps://www.youtube.com/user/elithecomputerguy
• MicrosoxSupportVideos,h3ps://www.youtube.com/user/MicrosoxCSSVideo
• DansCourses,h3p://www.youtube.com/user/danscourses
• InfoSecIns>tuteTraining,h3ps://www.youtube.com/user/InfoSecIns>tute
• SoxwareEngineeringIns>tute,h3ps://www.youtube.com/user/TheSEICMU
• Hak5(h3ps://hak5.org),h3ps://www.youtube.com/user/Hak5Darren
YouTube Learning Channels
• CyberAggregator,@cybfor
• TheHackerNews,@TheHackersNews
• TeamCymru,@teamcymru
• WhiteHatSecurity,@whitehatsec
• Threatpost,@threatpost
• Briankrebs,@briankrebs
The End