4 ways your organisation can be hacked · • the ways your organisation can be hacked • how...
TRANSCRIPT
![Page 1: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/1.jpg)
4 Ways Your Organisation Can Be Hacked
Kennet JohansenSolutions EngineerNetwrix
Brian JohnsonSecurity Enthusiast / Podcaster7 Minute Security
![Page 2: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/2.jpg)
Housekeeping
• All attendees are on mute
• Ask your questions!
• Questions will be answered during
the session or at the Q&A at the end
• You will receive a copy of slides and
webinar recording in the follow-up
• Duration: Up to 60 minutes
We hope you enjoy!
Type your question
here
Click “Send”
![Page 3: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/3.jpg)
Agenda
• Introduction
• The ways your organisation can be hacked
• How Netwrix can help to detect the attacks
• Q&A session
![Page 4: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/4.jpg)
Who’s this guy?
Security engineer for 7 Minute Security
Podcaster Not famous Tiny movie star
![Page 5: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/5.jpg)
![Page 6: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/6.jpg)
The story
Evil Eric Gordon got fired from Madison Hotels, Inc.
and he want revenge!
Can Netwrix help save the day?
![Page 7: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/7.jpg)
Eric Gordon is angry…
Laid off for bad behavior
He wants revenge!
Can Billy defend the Madison Hotels network?!
VS
![Page 8: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/8.jpg)
Eric’s hacking playbook
Attack the wifi!
Log into my old Active Directory account
Password spraying attacks
Try to add a new local admin account
Plant malware
Mousejacking attack!
Get domain admin access
Cover my tracks
![Page 9: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/9.jpg)
Wireless attack – try old wifi password!
![Page 10: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/10.jpg)
Wireless attack – get Wifite
![Page 11: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/11.jpg)
Wireless attack – capture/crack handshake
![Page 12: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/12.jpg)
Login with old account
![Page 13: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/13.jpg)
Detected: Login with an old account
![Page 14: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/14.jpg)
Eric’s hacking playbook
Attack the wifi!
Log into my old Active Directory account
Password spraying attacks
Try to add a new local admin account
Plant malware
Mousejacking attack!
Get domain admin access
Cover my tracks
![Page 15: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/15.jpg)
Password spray attack (domain account)
![Page 16: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/16.jpg)
Detected: Password spray attack (domain account)
![Page 17: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/17.jpg)
Password spray attack (local PC)
![Page 18: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/18.jpg)
Detected: Password spray attack (local PC)
![Page 19: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/19.jpg)
Eric’s hacking playbook
Attack the wifi!
Log into my old Active Directory account
Password spraying attacks
Try to add a new local admin account
Plant malware
Mousejacking attack!
Get domain admin access
Cover my tracks
![Page 20: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/20.jpg)
Plant malware
![Page 21: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/21.jpg)
Detected: Plant malware
![Page 22: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/22.jpg)
Detected: Plant malware
![Page 23: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/23.jpg)
Eric’s hacking playbook
Attack the wifi!
Log into my old Active Directory account
Password spraying attacks
Try to add a new local admin account
Plant malware
Mousejacking attack!
Get domain admin access
Cover my tracks
![Page 24: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/24.jpg)
Mousejacking attack
![Page 25: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/25.jpg)
Mousejacking attack
![Page 26: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/26.jpg)
Lets stop for a minute
If someone gained Domain Admin on your Active Directory right now…
Would you know?
Are you logging for it?
Could you respond quickly?
![Page 27: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/27.jpg)
Undetected: Mousejacking attack
But…
![Page 28: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/28.jpg)
Undetected: Mousejacking attack
But…
![Page 29: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/29.jpg)
Undetected: Mousejacking attack
But…
![Page 30: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/30.jpg)
Undetected: Mousejacking attack
But…
![Page 31: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/31.jpg)
Mousejacking attack cleanup
![Page 32: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/32.jpg)
Eric’s hacking playbook
Attack the wifi!
Log into my old Active Directory account
Password spraying attacks
Try to add a new local admin account
Plant malware
Mousejacking attack!
Get domain admin access
Cover my tracks
![Page 33: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/33.jpg)
Conclusion
Netwrix alerts us to key events happening in our AD environment:
Password spraying
Login attempts to disabled accounts
New local accounts added to key systems
High privilege group membership changes
Malicious user behaviour – complete with video proof!
![Page 34: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/34.jpg)
About Netwrix Auditor
Netwrix Auditor is an agentless data security platform that empowers organisations to accurately identify
sensitive, regulated and mission-critical information and apply access controls consistently, regardless of where
the information is stored.
It enables them to minimise the risk of data breaches and ensure regulatory compliance by proactively reducing
the exposure of sensitive data and promptly detecting policy violations and suspicious user behaviour.
Netwrix Auditor
![Page 35: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/35.jpg)
Useful links
Free trial: Set up Netwrix Auditor in your own test environment
netwrix.com/auditor9.8
In-browser demo: Run a demo right in your browser with no need to install anything
netwrix.com/go/browser_demo
If you want to learn more about Netwrix Auditor, register now for the upcoming Product Demo!
![Page 36: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/36.jpg)
Questions?
![Page 37: 4 Ways Your Organisation Can Be Hacked · • The ways your organisation can be hacked • How Netwrix can help to detect the attacks • Q&A session. Who’s this guy? Security engineer](https://reader033.vdocument.in/reader033/viewer/2022051321/5fff4b9145da8221fb3ecca1/html5/thumbnails/37.jpg)
Thank you!
Kennet JohansenSolutions EngineerNetwrix
Brian JohnsonSecurity Enthusiast / Podcaster7 Minute Security