1 / 40

Dr. Scott A. Wells Ph.D. socialmedia@ultimateknowledge.com Facebook: UltimateKnowledge

Ultimate Knowledge Institute’s. Social Media Security Course. Focusing on Social Media Foundations and Security Concepts. Dr. Scott A. Wells Ph.D. socialmedia@ultimateknowledge.com Facebook: UltimateKnowledge Twitter: UKI_Twitter. Welcome.

adonica
Download Presentation

Dr. Scott A. Wells Ph.D. socialmedia@ultimateknowledge.com Facebook: UltimateKnowledge

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Ultimate Knowledge Institute’s Social Media Security Course Focusing on Social Media Foundations and Security Concepts Dr. Scott A. Wells Ph.D. socialmedia@ultimateknowledge.com Facebook: UltimateKnowledge Twitter: UKI_Twitter

  2. Welcome

  3. By 2010 GenY will outnumber the baby boomers. And 96% of them have joined a Social network. Socialnomics: How Social Media Transforms the Way We Live and Do Business Three of the world’s most popular brands online are social-media related and the world now spends over 110 billion minutes on social networks and blog sites. http://blog.nielsen.com/nielsenwire/global/social-media-accounts-for-22-percent-of-time-online/ Social Media is the New Medium Social Media has overtaken porn as the #1 activity on the web Socialnomics: How Social Media Transforms the Way We Live and Do Business

  4. There are an estimated……… 850 million people using Facebook These 850 million people…… account for 1 out of every 5 page views on the internet worldwide Facebook Statistics ……… And …. 250 million photos are uploaded to Facebook daily

  5. Facebook Statistics ……… As a country Facebook would be the third most populated country behind China and India

  6. There are over 3 billion videos watched per day on YouTube. and… Video Over 35 hours of video uploaded every minute. 5 billion – Photos hosted by Flickr (September 2010 and… Images 3000+ – Photos uploaded per minute to Flickr. Some Social Media Statistics by Category ……… 25 billion – Number of sent tweets on Twitter and… Tweets 175 million – People on Twitter as of September 2010

  7. Egypt Tunisia Yemen Served as Mechanism for political change Libya

  8. Assists in disaster notification and response

  9. The Dark Side of Social Media………. Robin Sage gained roughly……. LinkedIn ----- 148 connections Facebook ----- 110 friends Twitter ----- 141 followers. Over a period of 28 days starting in late December and ending in January of this year. Source: http://www.darkreading.com/insider-threat/167801100/security/privacy/225702468/index.html

  10. The Dark Side of Social Media………. OPERATION AUROA Attackers are employing reconnaissance techniques to penetrate computer networks Source: http://www.securecomputing.net.au/News/165600,hackers-ran-detailed-reconnaissance-on-google-employees.aspx

  11. The Dark Side of Social Media………. People who are using Facebook either do not care about protecting their information or do not know how. This is a systemic problem across the majority of Social Media platforms Attackers are employing reconnaissance techniques to penetrate computer networks http://www.betanews.com/article/Personal-data-of-170-million-Facebook-users-exposed-collected-and-shared-without-any-hacking/1280439164

  12. The Dark Side of Social Media………. Source: http://www.nytimes.com/2010/11/29/world/29cables.html?_r=1

  13. Leveraging the Dark Side The Matrix (1999 film)

  14. Really More Like This

  15. Attack Characterization & Anatomy

  16. Social Media Attacks Characterization & Anatomy For the next slides we will characterize and walk through some typical attacks associated with Social Media • Data Profiling • Malware Based Attacks • Phishing Attack • Evil Twin • Identity Theft Ref: Ultimate Knowledge Institute

  17. Social Media Attacks Characterization & Anatomy Data Profiling Data profiling attacks normally include multiple threat activities defined earlier in this seminar. Data profiling attacks are used as a basis for many other attacks. Lets take a methodology employed in a data profiling attack. During the the preparation phase the attacker develops the attack plan that will be used within the attack phase 1 Preparation Phase During the attack phase the attacker employs Social Media focused attack techniques. 2 Attack Phase During the back out phase the attacker finalizes the attack phase and covers tracks. Back out Phase 3 Ultimate Knowledge Institute

  18. Social Media Attacks Characterization & Anatomy Data Profiling Preparation Phase Engagement Timeline Identify the expected timeline for Social Media Dossier Attack. This will tie into the overall goals of the dossier build and how the information gathered will be used (extortion, blackmail, defamation, reputation attack preface for espionage activity etc….) Create a Dossier Repository The amount of data that will be collected will be immense needs to be searchable. This data should be stored in a database with some form of frontend. Ultimate Knowledge Institute

  19. Social Media Attacks Characterization & Anatomy Data Profiling Preparation Phase Target Characterization Using open and closed sources identify the target’s personal information. Names, relatives, locations, public records etc. Closed sources include the hiring of private investigators or background investigation services. Ultimate Knowledge Institute

  20. Social Media Attacks Characterization & Anatomy Data Profiling Preparation Phase Using characterization information conduct a discovery of the individuals Social Media presence and document all Social Media profiles and activity. Social Media Presence Discovery Search for Presence Output is a list of social sites that the target is a member of. Target: John Smith Ultimate Knowledge Institute

  21. Social Media Attacks Characterization & Anatomy Data Profiling Preparation Phase Lets use Maltego-3 and some other internet based tools and do a little Open Source Intelligence Gathering. For this demo will start with a target, create a digital profile of activities, and determine locations and relationships. Ref: http://www.paterva.com/web5/ Ultimate Knowledge Institute

  22. Social Media Attacks Characterization & Anatomy Data Profiling Preparation Phase Another great source of gathering information is GeoTagging. Many social media photo based websites allow you the ability to strip out geotag coordinates but others do not. Flickr is a great source for geotags. Ultimate Knowledge Institute

  23. Social Media Attacks Characterization & Anatomy Data Profiling Preparation Phase Document the Targets Social Context Determine how the individual use Social Media, what type of social presence and the level of social activity. • Unique Attributes of Social Media Presence • Images and Media • Relationships with people • 3rd Party Applications • External Links and Usage Ultimate Knowledge Institute

  24. Social Media Attacks Characterization & Anatomy Data Profiling Preparation Phase Determine Tools and Techniques Identify the expected tools and techniques that will be used during the attack phase. These tools will need to integrate with data repositories Ultimate Knowledge Institute

  25. Social Media Attacks Characterization & Anatomy Data Profiling Preparation Phase Develop Social Actors • Develop actors that will be used in the Dossier building. • These actors should have their own Social Media character profile /context and they should align with the Social media context and profile of the target. • Actors can assume the role of an individual, application, place or business. • Time should be allocated to develop Social Media actors. Ultimate Knowledge Institute

  26. Social Media Attacks Characterization & Anatomy Data Profiling Preparation Phase Develop Social Actor Activity Plan • Each actor’s activity should be carefully scripted. • The activity plan will document the specific roles and activities of each actor when populated within the targets Social Media presence. • Assurances should be made that each activity plan has a monitoring plan to detect for target anomalies such as switching Social Sites or actor realization. Populate Social Sites Using developed actors and activity plans populate Social Media sites Ultimate Knowledge Institute

  27. Social Media Attacks Characterization & Anatomy Data Profiling Attack Phase Develop and Execute Supporting Attacks Attacker • The intent is to compromise the targets relationships. • Supporting attacks include executing web based attacks against targets relations and impersonations (multiple actor types). • Supporting attacks require dedicated plans and should be conducted outside of the dossier attack plan. • Support plans should have a mechanism to feed information into the dossier attack plan. Target Target’s Relationships Ultimate Knowledge Institute

  28. Social Media Attacks Characterization & Anatomy Malware Based Attacks The Cross Site Scripting Attack is commonly used to propagate Malware. Persistent Non-Persistent (Reflected) The code is upload to the vulnerable server within the application. The client activated the script when the page is loaded The code is delivered to the victim by the attacker via link embedded with malicious JavaScript. 2 2 3 1 4 1 3 Ref:http://en.wikipedia.org/wiki/Cross-site_scripting Ultimate Knowledge Institute

  29. Social Media Attacks Characterization & Anatomy Malware Based Attacks The Cross Site Scripting Attack is commonly used to propagate Malware. Input Output Reflected Ultimate Knowledge Institute

  30. Social Media Attacks Characterization & Anatomy Malware Based Attacks The Cross Site Scripting Attack is commonly used to propagate Malware. Input Output Source Stored Ultimate Knowledge Institute

  31. Social Media Attacks Characterization & Anatomy Malware Based Attacks Persistent XSS Attacks and Social Media - Twitter 3 Establish AJAX Connection 1 View Infected Profile Twitter 7 Post Status & Change More Info. URL 6 Steal Auth Token Victim 5 2 Download Malicious JavaScript Image Request 4 Forward cookie and username Attacker Site StalkDaily.Com Attacker Michael Mooney Ref:http://www.technewsworld.com/rsstory/68946.html Ultimate Knowledge Institute

  32. Social Media Attacks Characterization & Anatomy Malware Based Attacks Hackers selling $25 toolkit to create malicious Facebook apps The do-it-yourself toolkit offers a template for spreading malware, directing users to click-fraud accounts and for pushing Facebook users to bogus surveys to hijack personal information. This commoditization of Facebook malware is further confirmation that social networks are a happy hunting ground for cyber-criminals looking to hijack personal data for use in identity theft attacks. SpyEye TINIE VIRAL APP V3.6 RAMNIT Zues Facebook Profile Creeper Tracker Pro http://www.zdnet.com/blog/security/hackers-selling-25-toolkit-to-create-malicious-facebook-apps/8104 Ultimate Knowledge Institute

  33. Social Media Attacks Characterization & Anatomy Malware Based Attacks Koobface The Koobface does not just exist for “fun”but for “profit” as well. Koobface Attack Phases Koobface Monetization Phase 3 Phase 2 Phase 4 Phase 1 Pay Per Click Affiliates Malicious AV Affiliates Hijacked website with JS Fake Video with .exe Koobface Mothership Malicious bit.ly and blogspotURLredirect to…. Compromised Host User redirected to…. Server that spreads Koobface Fake posts are redirected to…. Ref:http://www.infowar-monitor.net/reports/iwm-koobface.pdf http://www.abuse.ch/?p=2103 Ultimate Knowledge Institute

  34. Social Media Attacks Characterization & Anatomy Phishing Attacks Phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication 3.2 Billion Lost in 2010 – Gartner Group Anatomy of Generic Phishing Attack Categories of Attacks Categories of Attacks Victim Steal Identity Fraudulent Transaction Impersonate Victim • Spearphishing • Phishing • Pharming • Vishing • Redirect Attacks • Disclosure Attacks • Impersonation • Unauthorized Usage Actual Site Spoofed Site Attacker Phase IV Unauthorized Usage Phase III Impersonation Phase II Disclosure Phase I Redirect Ref:http://en.wikipedia.org/wiki/Phishing Ultimate Knowledge Institute

  35. Social Media Attacks Characterization & Anatomy Phishing Attacks Phishing Attacks and Social Media – Facebook App. User clicks on the link and is presented with a Facebook login The attack then returns you to Facebook, installs an app called “Media Player HD”,and asks you to download the “FLV player” --- Malware! Ref:http://en.wikipedia.org/wiki/Phishing Ultimate Knowledge Institute

  36. Social Media Attacks Characterization & Anatomy Impersonation Attacks Impersonation Attacks involve the registering a username with the intent to mislead others as to the identity behind the username. Impersonation Individual or Organization Conduct Malicious Activities Confidence attacks Phishing Attack John Smith John Smith Compromise Relationships Damage Reputation Identity Theft Activities John Smith Sam Hacker Ref: http://www.gnucitizen.org/blog/social-networks-evil-twin-attacks/ Ultimate Knowledge Institute

  37. Social Media Attacks Characterization & Anatomy Data Leakage Social Media Data Leakage is characterized as the unauthorized release of organizational information. Leak Distribution Propagation Ultimate Knowledge Institute

  38. Social Media Attacks Characterization & Anatomy Identity Theft Identity theft is the actual taking over the identity of an individual. The Firefox plugin “Firesheep” is a tool that automates the capturing of a set of predefined Social Media session cookie’s. This allows an attacker to steal an unsuspecting victims Social Media identity. Ref: http://codebutler.com/firesheep Ultimate Knowledge Institute

  39. Overview UKI Social Media Program • Ultimate Knowledge Institute is offering both a training and certification program for Social Media Technologies. Social Media Foundations Course Social Media Practitioner Certification The Social Media Foundations Course is designed for individuals who must indoctrinate other users and who work with Social Media on a daily basis The Social Media Engineering and Security Course and Certification is meant for individuals who must design, implement and operate secure Social Media solutions. Social Media Engineering & Security Certification Social Media Engineering & Security Course The Social Media for Managers course and certification encompasses the governance strategies policy development and processes that should be put into place to support Social Media initiatives within an organization. Social Media for Managers Course Social Media Governance Certification Ultimate Knowledge Institute

  40. Questions # Questions are not limited to one hundred and forty characters

More Related