R u hacked
- 1. R U Hacked? You website
has gone?
Sumedt Jitpukdebodin
Senior Security Researcher
CompTIA Security+, LPIC-1 , NCLA, C|EHv6, eCPPT, eWPT, IWSS,
CPTE, GIAC GPEN
- 2. Whoami
Name: Sumedt Jitpukdebodin
Jobs: Senior Security Researcher
Nonprofit jobs: OWASP Thailand - Leader Technical
Part, admin of 2600Thailand
Hobby: Hacking stuff, Malware analysis, Python
programming, read the security news, etc.
- 5. Agenda
The rise of cybersecurity
Internet of things
Ransomware
DDoS
Web Application Attack
Conclusion
- 7. Trend of technology 2015
Computing Everywhere
Internet of things
3D Printing
Advanced, Pervasive and Invisible Analytics
Context-Rich Systems
Smart Machines
Cloud/Client Computing
Software-Defined Applications and Infrastructure
Web-Scale IT
Risk-Based Security and Self-Protection
• Reference:: http://www.itbusinessedge.com/slideshows/top-10-strategic-technology-trends-for-2015-02.html
- 23. What can I do about it?
Backup your data
Show hidden file-extension
Filters EXE in email
Disable files running from AppData/LocalAppData folders
Use the CryptoLocker Prevention Kit(http://community.spiceworks.com/topic/396103-cryptolocker-
prevention-kit-updated)
Disable RDP
Patch or update software
Use a AntiVirus
Scan the file with many online scanner (http://www.virustotal.com, https://malwr.com)
Use System Restore to get back to a known-clean state
- 24. Denial of Service (DoS)
By VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VOLUME 2, ISSUE 3 – 3RD QUARTER 2015
- 25. Attack Size BPS
By ATLAS Q2 2015 Global DDoS Attack Trends (http://www.slideshare.net/Arbor_Networks/atlas-q2-2015final)
- 35. What can I do about it?
Black-Holing
Firewall ACL
Intrusion Detection/Prevention Systems
Servers tuning
DDoS Mitigating Appliances + Scrubbing Centre
Buy more link
- 39. When will you get hack?
Digital Ocean Incident
Try to attack the VPS after 10 minutes
Got root in 2 days
Use the host to be the botnet in 1 days after got
root.
- 43. Damage of website got hack
Defame the company [Defacement]
Stealing information
Stealing internal information
Use as DDoS Tool
Spread the malware
- 45. Conclusion
More awareness, more security
Don’t have anything secure 100%, we just want to
closely 100%
Always think like an attacker perspective.
Risk Management