1 / 21

Jeff Jonas

Jeff Jonas. IBM. Spear Phishing en Masse. Jeff Jonas, IBM Distinguished Engineer Chief Scientist, IBM Entity Analytics jeffjonas@us.ibm.com O’Reilly Gov 2.0 – May 27, 2010. What’s Coming. Data will find data and relevance will find you. Amazing ads tailored just for you

njimmy
Download Presentation

Jeff Jonas

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Jeff Jonas IBM

  2. Spear Phishingen Masse Jeff Jonas, IBM Distinguished Engineer Chief Scientist, IBM Entity Analytics jeffjonas@us.ibm.com O’Reilly Gov 2.0 – May 27, 2010

  3. What’s Coming Data will find data and relevance will find you. • Amazing ads tailored just for you • Populations spear phished en masse

  4. How? Context accumulating systems used to deliver real-time, high quality predictions.

  5. Context, definition of: Better understanding something … by taking into account the things around it.

  6. Billy scrila34@msn.com In Barcelona now No Context

  7. Billy scrila34@msn.com In Barcelona now Previously Worked at AOL Is a Google Net Admin Acquaintance of Esther’s Lives in San Jose In Context

  8. In Barcelona Forum In Barcelona now! Whoo Hooo. Note new email: scrila34@msn.com /Billy Is a Google Net Admin Social Media Bill Smith Play: scrila34@msn.com Work: Bill@Google.com About Bill is a computer network administrator at Google. Author. Speaker. Bill@Google.com Data Finds Data

  9. In Barcelona Forum In Barcelona now! Whoo Hooo. Note new email: scrila34@msn.com /Billy Is a Google Net Admin Social Media Bill Smith Play: scrila34@msn.com Work: Bill@Google.com Data Finds Data About Bill is a computer network administrator at Google. Author. Speaker. Bill@Google.com

  10. In Barcelona Previously Worked at AOL Acquaintance of Esther’s Living in San Jose Context Accumulates Is a Google Net Admin

  11. Phish This • Esther is likely influential to Billy • Esther has 2,500+ FaceBook friends • Billy has 103 FaceBook friends • Not best buddies • No recent communications evident on Facebook • No co-references between the two in open source • Timely knowledge finds timely material • Lives in San Jose, in Barcelona now • First Google PDF for: [barcelona travelers guide pdf]

  12. Phish Bait To: Bill@Google.com From: Esther@hotmail.com Billy, sorry we don’t connect more often. Busy busy. A mutual friend tells me you are in Barcelona right now! This is my favorite guide for the area, just in case you need one. Esther PS: The spams killing me, hence the new email address Barcelona eGuide.pdf

  13. Results Amazing click through rates: • Ads • Infections

  14. Spear Phishing en Masse Not a picture of a person. A whole population – the big picture. Humanless, not enuf of ‘em. Targeted searches, subscriptions and crawlers feeding a fully automated context accumulation process. Not a snapshot of the past. What is happening here and now.

  15. Plausible Targets • The technical elite • Network and database administrators • CIO’s, CTO’s, CSO’s, etc. • People in positions of power • Elected officials • Corporate executives • Their staff, family and friends • Let your imagination run wild, there is virtually no limit

  16. Hints for Scripts • Travels • Hobbies • Interests • Charitable causes • Metallica • Family members • Others influential over them

  17. vs. 1,000,000’s Next Gen: lasers on foreheads from 6,940 miles Old School: GhostNet 1 vs. 1

  18. What Now? • Better education • Can’t keep up • Better malware detection • Windows shut too late • Better phone home detection • Traffic masking one-step ahead • Investment for resilience to black swans • Catastrophic outages too rare

  19. Closing Thoughts As context accumulates everyone gets smarter. Great ads. And timely emails from folks you recognize and trust … that aren’t. Will identity authentication be mandated? And how will we square this with our right to be anonymous?

  20. Related Links More About GhostNet http://en.wikipedia.org/wiki/GhostNet http://www.scribd.com/doc/13731776/Tracking-GhostNet-Investigating-a-Cyber-Espionage-Network Related Stuff On My Blog Puzzling: How Observations Are Accumulated Into Context Data Finds Data Prediction: Channel Consolidation

  21. Spear Phishingen Masse Jeff Jonas, IBM Distinguished Engineer Chief Scientist, IBM Entity Analytics jeffjonas@us.ibm.com O’Reilly Gov 2.0 – May 27, 2010

More Related