InfoSec on the Road - WordPress.com · 2011. 7. 11. · InfoSec on the Road -or- Keeping what's...
Transcript of InfoSec on the Road - WordPress.com · 2011. 7. 11. · InfoSec on the Road -or- Keeping what's...
![Page 1: InfoSec on the Road - WordPress.com · 2011. 7. 11. · InfoSec on the Road -or- Keeping what's yours, yours. HU UK 2011 meeting – 26th June 2011 Alexandros Papadopoulos, CISSP](https://reader035.fdocuments.net/reader035/viewer/2022071114/5feb6ebe7813655533388761/html5/thumbnails/1.jpg)
InfoSec on the Road
-or-
Keeping what's yours, yours.
HU UK 2011 meeting – 26th June 2011
Alexandros Papadopoulos, CISSP
![Page 2: InfoSec on the Road - WordPress.com · 2011. 7. 11. · InfoSec on the Road -or- Keeping what's yours, yours. HU UK 2011 meeting – 26th June 2011 Alexandros Papadopoulos, CISSP](https://reader035.fdocuments.net/reader035/viewer/2022071114/5feb6ebe7813655533388761/html5/thumbnails/2.jpg)
How do you use computers on the road?
Withdrawing money from ATMs
E-Banking
Saving photos
Writing your blog/book
Posting in forums
Emailing for work or personal stuff
Chatting with friends and family
……………….. Skimmers
……………………………………… Sensitive info stolen (malware)
…….……..…………………………………… Data loss, privacy
Censorship, privacy, sensitive info stolen
![Page 3: InfoSec on the Road - WordPress.com · 2011. 7. 11. · InfoSec on the Road -or- Keeping what's yours, yours. HU UK 2011 meeting – 26th June 2011 Alexandros Papadopoulos, CISSP](https://reader035.fdocuments.net/reader035/viewer/2022071114/5feb6ebe7813655533388761/html5/thumbnails/3.jpg)
ATMs (1)
Beware of skimmers
Designed to steal your:
Bank card's information
PIN
Cash
http://krebsonsecurity.com/all-about-skimmers/
![Page 4: InfoSec on the Road - WordPress.com · 2011. 7. 11. · InfoSec on the Road -or- Keeping what's yours, yours. HU UK 2011 meeting – 26th June 2011 Alexandros Papadopoulos, CISSP](https://reader035.fdocuments.net/reader035/viewer/2022071114/5feb6ebe7813655533388761/html5/thumbnails/4.jpg)
ATMs (2) Stealing the bank card information
![Page 5: InfoSec on the Road - WordPress.com · 2011. 7. 11. · InfoSec on the Road -or- Keeping what's yours, yours. HU UK 2011 meeting – 26th June 2011 Alexandros Papadopoulos, CISSP](https://reader035.fdocuments.net/reader035/viewer/2022071114/5feb6ebe7813655533388761/html5/thumbnails/5.jpg)
ATMs (3) Stealing your PIN
![Page 6: InfoSec on the Road - WordPress.com · 2011. 7. 11. · InfoSec on the Road -or- Keeping what's yours, yours. HU UK 2011 meeting – 26th June 2011 Alexandros Papadopoulos, CISSP](https://reader035.fdocuments.net/reader035/viewer/2022071114/5feb6ebe7813655533388761/html5/thumbnails/6.jpg)
ATMs (4) Anything wrong with this ATM?
![Page 7: InfoSec on the Road - WordPress.com · 2011. 7. 11. · InfoSec on the Road -or- Keeping what's yours, yours. HU UK 2011 meeting – 26th June 2011 Alexandros Papadopoulos, CISSP](https://reader035.fdocuments.net/reader035/viewer/2022071114/5feb6ebe7813655533388761/html5/thumbnails/7.jpg)
ATMs (5) Hidden mobile phone camera captures PIN
![Page 8: InfoSec on the Road - WordPress.com · 2011. 7. 11. · InfoSec on the Road -or- Keeping what's yours, yours. HU UK 2011 meeting – 26th June 2011 Alexandros Papadopoulos, CISSP](https://reader035.fdocuments.net/reader035/viewer/2022071114/5feb6ebe7813655533388761/html5/thumbnails/8.jpg)
ATMs (6) Stealing your cash: Cash Trapping
![Page 9: InfoSec on the Road - WordPress.com · 2011. 7. 11. · InfoSec on the Road -or- Keeping what's yours, yours. HU UK 2011 meeting – 26th June 2011 Alexandros Papadopoulos, CISSP](https://reader035.fdocuments.net/reader035/viewer/2022071114/5feb6ebe7813655533388761/html5/thumbnails/9.jpg)
e-banking
• Most publicly accessible computers are infected with malware
• They can therefore not be trusted for e-banking
• Carrying a password generator with you makes this a bit safer
![Page 10: InfoSec on the Road - WordPress.com · 2011. 7. 11. · InfoSec on the Road -or- Keeping what's yours, yours. HU UK 2011 meeting – 26th June 2011 Alexandros Papadopoulos, CISSP](https://reader035.fdocuments.net/reader035/viewer/2022071114/5feb6ebe7813655533388761/html5/thumbnails/10.jpg)
What is malware?
• Malicious + software = malware
• Example: Zeus & URLZone - dynamically rewrite your online bank statements (after it has
stolen your bank login and used it to drip-feed money out of your account)
• Example: StuxNet – destroys nuclear plant equipment
• Generally, crooks are after your passwords
• Your phone, camera, GPS, laptop, USB stick will probably be infected
![Page 11: InfoSec on the Road - WordPress.com · 2011. 7. 11. · InfoSec on the Road -or- Keeping what's yours, yours. HU UK 2011 meeting – 26th June 2011 Alexandros Papadopoulos, CISSP](https://reader035.fdocuments.net/reader035/viewer/2022071114/5feb6ebe7813655533388761/html5/thumbnails/11.jpg)
Malware – Is this legit?
![Page 12: InfoSec on the Road - WordPress.com · 2011. 7. 11. · InfoSec on the Road -or- Keeping what's yours, yours. HU UK 2011 meeting – 26th June 2011 Alexandros Papadopoulos, CISSP](https://reader035.fdocuments.net/reader035/viewer/2022071114/5feb6ebe7813655533388761/html5/thumbnails/12.jpg)
Malware – amateurs!
![Page 13: InfoSec on the Road - WordPress.com · 2011. 7. 11. · InfoSec on the Road -or- Keeping what's yours, yours. HU UK 2011 meeting – 26th June 2011 Alexandros Papadopoulos, CISSP](https://reader035.fdocuments.net/reader035/viewer/2022071114/5feb6ebe7813655533388761/html5/thumbnails/13.jpg)
Malware – webfake I
![Page 14: InfoSec on the Road - WordPress.com · 2011. 7. 11. · InfoSec on the Road -or- Keeping what's yours, yours. HU UK 2011 meeting – 26th June 2011 Alexandros Papadopoulos, CISSP](https://reader035.fdocuments.net/reader035/viewer/2022071114/5feb6ebe7813655533388761/html5/thumbnails/14.jpg)
Malware – webfake II
![Page 15: InfoSec on the Road - WordPress.com · 2011. 7. 11. · InfoSec on the Road -or- Keeping what's yours, yours. HU UK 2011 meeting – 26th June 2011 Alexandros Papadopoulos, CISSP](https://reader035.fdocuments.net/reader035/viewer/2022071114/5feb6ebe7813655533388761/html5/thumbnails/15.jpg)
Malware – Fake Bank Statement
![Page 16: InfoSec on the Road - WordPress.com · 2011. 7. 11. · InfoSec on the Road -or- Keeping what's yours, yours. HU UK 2011 meeting – 26th June 2011 Alexandros Papadopoulos, CISSP](https://reader035.fdocuments.net/reader035/viewer/2022071114/5feb6ebe7813655533388761/html5/thumbnails/16.jpg)
Saving photos
• Your enemies:
• Vibrations, humidity, thieves, weight, accidental deletion, software error…
• Your allies:
• Online storage – Flickr ($25/year)
• Multiple copies
• Solid state media (SD cards)
• Encrypted storage (TrueCrypt)
![Page 17: InfoSec on the Road - WordPress.com · 2011. 7. 11. · InfoSec on the Road -or- Keeping what's yours, yours. HU UK 2011 meeting – 26th June 2011 Alexandros Papadopoulos, CISSP](https://reader035.fdocuments.net/reader035/viewer/2022071114/5feb6ebe7813655533388761/html5/thumbnails/17.jpg)
Saving files (general)
• Google Docs
• Dropbox
• TrueCrypt “Portable Mode” USB sticks
Possible to have a secure “password file” with you
![Page 18: InfoSec on the Road - WordPress.com · 2011. 7. 11. · InfoSec on the Road -or- Keeping what's yours, yours. HU UK 2011 meeting – 26th June 2011 Alexandros Papadopoulos, CISSP](https://reader035.fdocuments.net/reader035/viewer/2022071114/5feb6ebe7813655533388761/html5/thumbnails/18.jpg)
The best defence against all this…
• Is free!
• Allows you to completely ignore the software installed on the machine you use
• Like carrying your own computer-on-a-stick!
![Page 19: InfoSec on the Road - WordPress.com · 2011. 7. 11. · InfoSec on the Road -or- Keeping what's yours, yours. HU UK 2011 meeting – 26th June 2011 Alexandros Papadopoulos, CISSP](https://reader035.fdocuments.net/reader035/viewer/2022071114/5feb6ebe7813655533388761/html5/thumbnails/19.jpg)
DIY bootable USB stick
http://www.ubuntu.com/download/ubuntu/download
![Page 20: InfoSec on the Road - WordPress.com · 2011. 7. 11. · InfoSec on the Road -or- Keeping what's yours, yours. HU UK 2011 meeting – 26th June 2011 Alexandros Papadopoulos, CISSP](https://reader035.fdocuments.net/reader035/viewer/2022071114/5feb6ebe7813655533388761/html5/thumbnails/20.jpg)
This is what you get
![Page 21: InfoSec on the Road - WordPress.com · 2011. 7. 11. · InfoSec on the Road -or- Keeping what's yours, yours. HU UK 2011 meeting – 26th June 2011 Alexandros Papadopoulos, CISSP](https://reader035.fdocuments.net/reader035/viewer/2022071114/5feb6ebe7813655533388761/html5/thumbnails/21.jpg)
Stories from Iran
• The charming “foreigners police” connected my camera’s SD card to one of their Windows PCs to check out my photos
• No software copyright enforcement => pirated software everywhere => no security updates => everything infected with malware
• HTTPS necessary if you want to speak your mind on email/blog.
![Page 22: InfoSec on the Road - WordPress.com · 2011. 7. 11. · InfoSec on the Road -or- Keeping what's yours, yours. HU UK 2011 meeting – 26th June 2011 Alexandros Papadopoulos, CISSP](https://reader035.fdocuments.net/reader035/viewer/2022071114/5feb6ebe7813655533388761/html5/thumbnails/22.jpg)
Keep snoopy governments from (easily) reading your emails
![Page 23: InfoSec on the Road - WordPress.com · 2011. 7. 11. · InfoSec on the Road -or- Keeping what's yours, yours. HU UK 2011 meeting – 26th June 2011 Alexandros Papadopoulos, CISSP](https://reader035.fdocuments.net/reader035/viewer/2022071114/5feb6ebe7813655533388761/html5/thumbnails/23.jpg)
Signs of country-level blocking
![Page 24: InfoSec on the Road - WordPress.com · 2011. 7. 11. · InfoSec on the Road -or- Keeping what's yours, yours. HU UK 2011 meeting – 26th June 2011 Alexandros Papadopoulos, CISSP](https://reader035.fdocuments.net/reader035/viewer/2022071114/5feb6ebe7813655533388761/html5/thumbnails/24.jpg)
Signs of country-level proxying
![Page 25: InfoSec on the Road - WordPress.com · 2011. 7. 11. · InfoSec on the Road -or- Keeping what's yours, yours. HU UK 2011 meeting – 26th June 2011 Alexandros Papadopoulos, CISSP](https://reader035.fdocuments.net/reader035/viewer/2022071114/5feb6ebe7813655533388761/html5/thumbnails/25.jpg)
Recent high-profile cases
• Stuxnet (travellers most certainly involved!)
• Hijacked webmail/Facebook accounts
• The goodies I brought home when I returned from UK2India
Invisible in Windows XP/7 with 3 different antivirus suites
Visible but untouchable in MacOS X
Finally deleted with GNU/Linux
![Page 26: InfoSec on the Road - WordPress.com · 2011. 7. 11. · InfoSec on the Road -or- Keeping what's yours, yours. HU UK 2011 meeting – 26th June 2011 Alexandros Papadopoulos, CISSP](https://reader035.fdocuments.net/reader035/viewer/2022071114/5feb6ebe7813655533388761/html5/thumbnails/26.jpg)
Once you’re back home
• Systematically disinfect all removable media (GPS memory card, camera, any USB sticks you used during the trip) • Use a trusted system like a recent GNU/Linux bootable disk
to delete all files you don’t recognise from your media
• Change your passwords (bank, webmail, forums etc)
![Page 27: InfoSec on the Road - WordPress.com · 2011. 7. 11. · InfoSec on the Road -or- Keeping what's yours, yours. HU UK 2011 meeting – 26th June 2011 Alexandros Papadopoulos, CISSP](https://reader035.fdocuments.net/reader035/viewer/2022071114/5feb6ebe7813655533388761/html5/thumbnails/27.jpg)
Questions?
• Personal data protection tips: http://thinkingspaces.org (my security blog)
• Surveillance self-defence project by the Electronic Frontier Foundation: https://ssd.eff.org/
• Remote backup software: http://www.crashplan.com
• Encryption software: http://www.truecrypt.org
• Anonymous browsing: https://ssd.eff.org/tech/tor
Get this presentation: http://tinyurl.com/infosecontheroad