Time
8 hours 28 minutes
Difficulty
Beginner
CEU/CPE
10

Video Transcription

00:00
hello and welcome to another application of the minor attack framework discussion.
00:06
Today. We're going to be looking at our case study on collection now.
00:12
The phrase for this particular discussion today is what is the pot of gold or what's the pot of gold?
00:18
So items of interest typically the threat Actors targets toe hold for ransom targets to sell access to so your internal infrastructure. Your office 365 10 it
00:29
dated to sell could include credit card information, medical data, any type of personal information. Really?
00:35
So all of these areas are of interest to a threat
00:39
actor. Now, some of these breaches from 2019 or maybe not on the scale for you is a small business or midsize business.
00:49
But you have to keep in mind that some of these organizations likely have the capability
00:54
to provide the type of controls that should protect sensitive information overall. But things happen to any business bigger, small and so, looking at these numbers, you have to imagine what the payday waas for these threat actors and so capital. One
01:11
160 million records, even 100 million records Door dash 4.9 potential
01:15
records 108 million on the last X Server, third party, Facebook at 540 million items for sell on Dream Market. This is a number of multiple domains. 620 million. We're talking billions
01:30
of records billions, even if those
01:34
Yeah,
01:38
at 50 cents a record,
01:40
you're talking about $500 million
01:42
but they're not. They're way more than that. And so the potential pound here is huge. This is why we are struggling day in and day out with threat actors. And we're struggling with this kind of black market where data is being sold constantly and our information is being exposed constantly. So
02:01
even if
02:02
you're a smaller organization,
02:06
if you've got 100 records that are stolen and they're worth 50 bucks a pop, 20 bucks a pop, that's still
02:12
Tom well spent for a threat after. If you don't have records that are of benefit, your systems are still valuable to a threat actor. Because they could be used to serve up illegal content, they can be used to attack other organizations. There would be nothing more embarrassing for a local business.
02:29
Have the FBI show up and sees your equipment because it's being used to attack government entities. It's being used to serve up content. It's being used. Teoh
02:39
do any number of things. And so you don't wanna have to defend yourself in a court of law. You don't wanna have to worry about these things. And so you need to start asking yourself what's out there on my systems? That would be worth money to a threat. Actor
02:54
All my systems worth money to a threat actor How are my systems exposed to the Internet?
03:01
And what can I do today to kind of sure my systems up and make sure I'm doing my due diligence? Because these numbers don't lie. People. There is value in this type of information. There's value in what these threat actors air collecting and taking from these organizations. And if you think that any of us
03:21
whether it's a personal system that you use at home or your business systems, if you think any of those air immune you're living in a fantasy. So you have to start considering even
03:31
in the most, uh, small of waste how your systems could benefit a threat actor. So start taking those things into account in your day to day life in your day to day use of systems and your business use of systems. Whatever it may be, we need to start thinking about how do we protect ourselves, and how do we make the job of threat actors that much
03:52
harder in the long run?
03:53
So with that, I want to thank you for your time today, and I look forward to seeing you again soon.

Up Next

Application of the MITRE ATT&CK Framework

This MITRE ATT&CK training is designed to teach students how to apply the matrix to help mitigate current threats. Students will move through the 12 core areas of the framework to develop a thorough understanding of various access ATT&CK vectors.

Instructed By

Instructor Profile Image
Robert Smith
Director of Security Services at Corsica
Instructor