Feb 21, 2017
Why Targeting Is the Next Big Trend in Attacks
Lance CottrellChief Scientist
Ntrepid Corporation
2
If you got an e-card from your mother on your birthday, with your childhood picture
4
would you open it?
The Fraction of Companies Which Said:
“Targeting is a concern or inevitable”
Most Companies are TargetsQuocira Study
Targeting Big Fish
The Email Threat
» Two Realities:• Masterfully crafted spear
phish will catch almost everyone
• People need to click to work
The Browser is the Biggest ThreatThe Browser is the Biggest Threat
Targeted Attacks
Spear Phishing
Un-targeted Attacks
Targeted
Made you click!
Social Engineering
Not just a Watering Hole
Snipers at the Watering Hole
Do you read news online?
Do you feel at risk?
Waterbug / Turla
Dark Hotel
Stay Below the Radar
Conserves Zero-day Exploits
More Damaging
DNC Emails
Stuxnet
Am I a Target?
» Obvious high profile individuals» Access to valuable data» Access to exploitable data» Access to money» Access to networks» Access to people» Obviously weak defenses
Can We Avoid Targeting?
Email is Really Hard
» No organizational domain» No correspondence with org» Work in full alias
On the Web, Maybe
» Delete cookies» Hide IP address» Scrub persistent trackers» Mask browser fingerprint» Disposable VM with VPN
What does targeting mean for our
defensive strategy?
“Bummer of a birthmark, Hal.”
You can’t train your way out of this
You can’t train your way out of this
You can fool some of the people all of the time
ANDYou can fool all of the people
some of the time
Detection works worst when you
need it most
We need next generation security
Damage Reduction
Isolation
Leverage Virtualization
» Enables isolation» Easy remediation and restoration» Keep them small
Recover…whether or not you detect anything
Keep your boxas empty as possible
Remember
To Do…
Lance CottrellChief Scientist
[email protected]@LanceCottrell