Www.smartronix.com © 2011 Smartronix, Inc. 1 Cyber Heists & Prevention in 2011 .
8
www.smartronix.com © 2011 Smartronix, Inc. 1 Cyber Heists & Prevention in 2011 www.missionassured.com www.smartronix.com
-
Upload
amy-sartwell -
Category
Documents
-
view
215 -
download
0
Transcript of Www.smartronix.com © 2011 Smartronix, Inc. 1 Cyber Heists & Prevention in 2011 .
www.smartronix.com© 2011 Smartronix, Inc. 1
Cyber Heists & Prevention in 2011
www.missionassured.comwww.smartronix.com
www.smartronix.com© 2011 Smartronix, Inc. 2
Happy Cyber Awareness Month 2011
http://www.whitehouse.gov/the-press-office/2011/10/03/presidential-proclamation-national-cybersecurity-awareness-month
www.smartronix.com© 2011 Smartronix, Inc.
Cyber Crime Still A Growing Industry
• Online bank robberies outpace the “in person” alternatives
• Totals in cyber thefts have been more than twice traditional bank crimes since 2009
3
2000 2011
www.smartronix.com© 2011 Smartronix, Inc.
Will My Organization Be A Target?
• It already is
• Do you have:−Any patents (intellectual property)?−A bank account?−A lot of bandwidth?−A customer contact list or sensitive personal info?
• Do you ever receive:−Phishing email (“You’ve won!!!”)?−Unsolicited Resumes?−Requests to follow links (via Tweet, FB, email…)?
4
www.smartronix.com© 2011 Smartronix, Inc.
Cases Studies in 2011
• Conclusion to Patco Construction’s Ordeal?−2 years worth of legal struggle after $580,000 theft−What are reasonable security measures?
• Experi-Metal vs. Comerica−Comerica not found to be acting in good faith for a
customer−What impact does that have for everyone else?
5
www.smartronix.com© 2011 Smartronix, Inc.
How Exactly Did Those Cases Start?
• The best guess is a single email
6
Subject: You have won - Congratulations From: "MICROSOFT EMAIL PROMOTION" <[email protected]>To: undisclosed-recipients
You have won - Congratulations You are a winner of £450,000 Pounds Sterling courtesy of Microsoft Corporation, United Kingdom in our monthly lottery held on 15th December 2010.
Your secret pin code 092075ML and your reference number REF NO:MICRO-L/2009-END10.
Subject: Email UpgradeFrom: "Webmail Support Team" <[email protected]> Reply-To: [email protected]
Dear Webmail Subscriber, This is to notify you that we are presently working on our webmail User Accounts Owner for safety. We are having congestions due to the anonymous registration of accounts so we are shutting down some accounts that are no more active and your account might be deleted or suspended within 24 hours for security reasons if you do not respond to this mail. We are sending this email to you so that you can verify and let us know if you still want to use this account….
From: "[email protected]" <[email protected]> To: <[email protected]> Subject: setting for your mailbox are changed
SMTP and POP3 servers for [email protected] mailbox are changed. Please carefully read the attached instructions before updating settings.
From: “[email protected]" <applicant@yahoo> To: <[email protected]> Subject: application for employment
To Whom It May Concern,
Please find attached my resume for employment with your company. Thank you.
www.smartronix.com© 2011 Smartronix, Inc.
The Ounce of Prevention
• Dedicated machines for banking - possibly virtual machines fit this bill if you are technically inclined
• Select banks that allow tokens), and ask for the token for online banking ($2), or out-of-band verification
• Review the transaction reports
• Training & testing employees
• Ask about security
7
www.smartronix.com© 2011 Smartronix, Inc.
Thank You
• Contact Information:
Eric Walters
571-481-8708
Jason Gordon
8
