1 / 7

Remote Access Review

This document by Bob Lukens explores the vulnerabilities of remote access systems within cyber security. It addresses the various ways attackers exploit these systems, highlighting methods such as password compromise, malware installation, and the use of zero-day vulnerabilities. The potential impacts of these attacks are significant, ranging from financial losses and data theft to reputational damage. By understanding the threats and means utilized in these attacks, organizations can better protect their digital assets and maintain secure remote access practices.

willem
Download Presentation

Remote Access Review

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Remote Access Review Cyber Security Threats Bob Lukens December 1, 2010 

  2. Content • Why Us? • Ways and Means • Examples • RE: Remote Access • Potential Impacts

  3. Why Us? Not “Mission-Targeted” – drive-by attacks • Target of Convenience – random scans • Bragging Rights / Curiosity • Feral Code • Financial Gain – our computers or our money Targeted – who we are or appear to be • The Friends We Keep – Guilt by Association • Proprietary technical and scientific information • Misinformed spies • Politics • Disgruntlement

  4. Ways and Means Get a seat inside … • Compromise Passwords – phishing, cracking, network sniffing, Bluetooth sniffing, shoulder surfing, keyboard sniffing, credential theft (Zeus virus) • Install Code – via Adobe, IE, Outlook, malicious web pages, infected media, trojaned applications • “Zero Day” vulnerabilities or unpatched systems • Follow the path from infected laptop or remote machine Then look around • Scan local net and shares • Install root kit – hide, record key stokes, wait to escalate privileges, collect credentials, call home, reprogram firmware, complete the ‘mission’

  5. Examples • Nuclear plant controls infected (Stuxnet, Iran 2010) • $960,000 transferred to Chinese bank (UVa 2010) • 12 passwords compromised for a spam bot (JLab 2010) • Webmail Phishing with follow-up internal mail • ‘I love you’ virus on financial systems (JLab ~2003) • Wipe and load ~5 machines per month (JLab 2010) • Virus detected on ‘magdev0’ (JLab ~2005) • Licensed PM application update infected (JLab ~2007) • IOC rebooted by “curious” hacker (JLab 2002) • Sniffed password, installed IRC, got root on Linux box

  6. RE: Remote Access Unmanaged machines (travel, home, at remote user sites, public, smart phones) are more likely to be compromised Compromised machines • Like portable media, could infect colleagues’ machines when brought on site • Provide no assurance that user’s password is secure • Make any authentication suspect

  7. Potential Impacts • Loss of process control • Safety issues, hardware damage • Loss of computational resources • Loss of research time • Loss of data that was not backed up • Loss of reputation and credibility

More Related