Kicking Off Black Hat 2015: Detecting the Signs That Give Attackers Away

The Pwnies have officially landing in Las Vegas! As we kick off what is sure to be an exciting week at Black Hat/DEF CON, we’ve been struck by how mainstream (and sobering) this year’s research and vulnerability disclosures are – for security pros and consumers alike. Theoretical conversations about hackers’ abilities to cause destruction – even death – in the future have become today’s reality. We’ve truly entered an era in which virtually anything can be turned into a weapon to cause harm.

For example, in late July, the world was shocked to learn that two security researchers had successfully pulled off a remote takeover of a Jeep – while it was traveling down a public highway at 60+ miles per hour. A WIRED piece this week highlighted a new experiment in which security researchers found a way to seize control of electric skateboards and toss riders. And at Black Hat, security researchers Runa Sandvik and Michael Auger will reveal how to hack a $13,000 sniper rifle via its Wi-Fi connection and exploit vulnerabilities in its software to alter targeting and affect how the ammunition is fired.

Scary stuff.

But there is a silver lining. Just think of a movie scene – when a sniper takes aim at a target, there’s always a quick flash of the gun in the sunlight, or the telltale red point of the laser from the weapon’s scope. There’s always something – albeit subtle – that gives away the shooter’s position. And the same is true of cyber attackers. There are always signs. You just need to know how to spot them.

As in our personal lives, it’s time to accept that the devices we use everyday to do our jobs are inherently insecure. We can no longer rely on anything to be truly safe (read more in our Internet of Evil Things study). That’s why an enterprise-wide device detection and protection strategy is so critical to regaining control from malicious attackers or, more often, employees who unintentionally wreak havoc. This includes:

  1.     Discovery of all Internet-enabled devices (wired, wireless, Bluetooth, cellular, etc.)
  2.     Real-time threat alerts for high-risk devices: unauthorized, known-bad, vulnerable, misconfigured, suspicious
  3.     Identification, fingerprinting, and historical logging for all detected devices
  4.     Continuous discovery of changes in device attributes and device behavior
  5.     Effective rapid threat response capabilities including device “track & disable” & SIEM/WIPS integration
  6.     Auditing and validation of existing security controls, including enterprise wireless infrastructure and device management technologies
  7.     Secure, centralized management with enterprise-class reporting, trending, peer benchmarking, & cross-sensor correlation

Interested in learning more? Stop by the Pwnie Express Black Hat Booth #IC1 for a demo of Pwn Pulse, the industry’s first full visibility and threat detection platform for the enterprise. And while you’re there, head across the hall to our meeting room MBR 217 to meet with internationally renowned security expert, author and Pwnie Express Infosecurity Ranger Jayson E. Street and grab a signed copy of his soon-to-be-released book Dissecting the Hack: The V3rb0t3n Network.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *