eastern european black market economy trends · pdf filethe most dynamic and social black...

Report

Post on 20-Mar-2018

215 Views

Category:

Documents

3 Downloads

Preview:

Click to see full reader

TRANSCRIPT

SESSION ID:

#RSAC

Alex Holden

Eastern European Black Market Economy Trends

FLE1-F02

Chief Information Security OfficerHold Security, LLC@HoldSecurity

#RSAC

Why Learn About Hackers?

2

The most dynamic and social black market

Large sharing community

Re-use or secondary market

Learn how to guard against this sector

Current trends and failures

#RSAC

History

#RSAC

History of the Russian Underground

4

Evolution of technology and thirst for knowledge

Early years – the gang wars

Dissolution of gangs and specialization – links in a chain

JabberZeus

CyberVor

#RSAC

What Drives a Hacker

5

For-profit crime

Hacktivism

Revenge

State-sponsored

#RSAC

Communications

6

Forums

Advertising

Marketing

Customer Service

#RSAC

Mass Production

7

Stealing in bulk

Lowest hanging fruit

0day

Unpatched Systems

Weak Passwords

Tools and techniques

Crime ratios

#RSAC

Competition

8

Supply and Demand

Black Market Economics

Respect and order amongst the thieves

Escrow Services

Reputation

DOXing

Destroying the competition

#RSAC

Eastern European Black Markets Today

#RSAC

Black Market Overview

10

Rare direct monetization

Long supply chain

Frequent failure

#RSAC

Education

11

Hacker University

Job After Graduation

Professor’s Insight

#RSAC

Viruses/Malware

12

Botnet flavors

What can you steal

Linguistics adaptation

Injects and Grabbers

Mobile botnets

#RSAC

Spam Operation

13

Spam supply-chain

Spear phishing

Social network abuse

Statistics

#RSAC

Re-shipping

14

Drop dynamic

Supply Chain

#RSAC

Ransomware

15

Simple and Effective

#RSAC

Brute Force Everything

16

Credentials

Services

Monetization

#RSAC

Anonymity

17

Hiding = blending in

Sophistication and ease of use

Escaping detection

WebRTC

Fonts

Local Time

Virtualization

#RSAC

Identity

18

Service authentication

Creating a new person

#RSAC

Dating

19

Praying on desperation

Dating scam – enterprise solution

#RSAC

Skimmers

20

ATM

Credit Cards

New Designs

Old tools

#RSAC

Starting Your Own Black Market Shop

21

Everything sells

Crimeware as a service

#RSAC

Defenses

#RSAC

Applying Knowledge Against the Enemy

23

Not every threat is credible

Creating an unattractive target

Scaling defenses to threats

Viruses/Malware

0day

Credentials

Misconfigurations

#RSAC

Defense

24

Honeypots

Systems

Features

Data

Threat Intelligence

top related

wp the mobile cybercriminal underground market in china
Documents
black market media plan
Documents
the mobile cybercriminal underground market in...
Documents
the mobile cybercriminal underground market in china ·...
Documents
underground 06 (black hat) study guide
Documents
white house-black-market
Business
black market crude - kleinmanenergy.upenn.edu
Documents
black-bury underground connectors underground
Documents
home | msu libraries · message to the black movement a...
Documents
global underground mining equipment market 2015-2019
Technology
most market roundup black fox analysis black fox...most...
Documents
the underground railroad. the underground railroad wasn’t...
Documents
the armor 2019 black market report a look inside the … ·...
Documents
the black market trust
Documents
the market for underground tunnel safety
Documents
black market supplies: a shady business - xerox · black...
Documents
bla-message to the black movement- a political statement...
Education
most market roundup black fox - blackfoxindia.com fox...most...
Documents
nyc anarchist black cross · in 1971, due to relentless fbi...
Documents
a black market
Business