Beruflich Dokumente
Kultur Dokumente
Troy Hunt
@troyhunt | www.troyhunt.com
Overview
Identity theft has a huge social cost
Stolen identities are an openly
tradeable commodity
Identity theft frequently involves
impersonating the victim
We see impersonation risks every day
Identity Theft
Identity theft is the deliberate use of someone else's
identity, usually as a method to gain a financial
advantage or obtain credit and other benefits in the
other person's name
17.6 million
$24.7 billion
Juniper Networks
Mat Honan
Temporary
AppleID
password
Last
4 digits
of
Mats
original
card
Mats
recovery
email
address
Gmail
address
Mats
home
Website
address
Impersonation
Someone with
authority
Someone with
seniority
Someone whos
trusted
From: Greg
To: Jussi
Subject: need to ssh into rootkit
im in europe and need to ssh into the
server. can you drop open up firewall
and allow ssh through port 59022 or
something vague? and is our root
password still 88j4bb3rw0cky88 or did
we change to 88Scr3am3r88 ? thanks
From: Jussi
To: Greg
Subject: Re: need to ssh into rootkit
hi, do you have public ip? or should
i just drop fw?
and it is w0cky - tho no remote root
access allowed
From: Greg
To: Jussi
Subject: Re: need to ssh into rootkit
no i dont have the public ip with me
at the moment because im ready
for a small meeting and im in a rush.
if anything just reset my password to
changeme123 and give me public
ip and ill ssh in and reset my pw.
Kevin Mitnick
Summary
Identity theft is big business
Its also a very healthy market
Attacks can be very well thought out and
exploit those human weaknesses
Impersonation is a risk to be aware of on a
daily basis