Tag Archive for CERT

Web Defacement & Gang Graffiti

As an instructor for Iowa Central Community College’s Criminal Justice Program, Joey Hernandez worked to develop future Law Enforcement personnel by integrating their background in standard law enforcement to  criminal activity on the web. Hernandez strived to make all lesson interactive.

Follow along in the podcast and presentation to see how the inter-workings of Gang Graffiti & Web Defacement are directly integrated.

View the presentation: Web Defacement & Gang Graffiti

Search These Terms To Interact   (At Your Own Risk):

/#Own3d By <<Root.Dark.Team>>

Text Snippet Example:

hxxp://www.universinet.it
• @xllLinuxeroDeatllx
• @Mantr@x
• @AZ4TH0TH
• @Br4nd
• @Pr4X!
• @ThopJuliet(Cloud)
• @Shell|Black
• @Maximus Well
• @NodSprut
Notice the common members throughout and with
each of defacement an additional member is added.

 

Defense Mitigation Against The Cyber Kill CHain

Joey Hernandez perspective on Mitigation Against Cyber Kill Chain

Joey Hernandez perspective on Mitigation Against Cyber Kill Chain

As we continue to develop capabilities within organizations providing Defensive Cyber Operations it is critical to develop organizational maturity. Current methodologies although effective are unsustainable do to the rapid evolvement of cyber threat.
A organizational level approach can be made by adopting some of the following objectives:
1. Increase the pay scale for “qualified” CND Analysts – CIRT staff are often the lowest paid tier of Incident Response personnel.
2. Hire “Analytical” people – A Great Sys Admin does not a Great System Defender Guarantee. “Better analytical capability makes up for a lot of memorized technical knowledge. Having both makes you a god.”
3. Function Rotation – Although specialization is a critical capability, functional rotations assists in creating analytical thought by adding perspective and insight to all aspects of DCO.
4. Teach analyst how to communicate – share your best business practices what’s worked and not worked. Not only with internal teams, but with colleagues in industry. It is terrible to have great analysts that nobody wants to work with..
5. Hire passionate team players – I can send you to all the certification training in infosec the world has to offer but if you aren’t doing this because you live it…. We are both wasting our time.
6. Employ – “better leadership to foster Passion”
7. Start utilizing the sensors and systems in place to their capacity/capability – Too many times systems are not employed fully whether lack of system training or misunderstood vendor support agreements. Garbage in garbage out.. Nothing in nothing out
8. Require training and certification – Ensure a common baseline for both the technical and communication side (GCIH, CISM, Project Management, MBCI) the management piece is to ensure analysts can write and follow from beginning to the end and understand the operational impact of incidents. Although this seems obvious take a look around
9. Exercise your capabilities – through, xnet or similar means to make teams operate together
10. Audit and assess – internally often, (show me, tell me, provide me documentation) to ensure organizational maturity. The team will have a vested interest.
Proactive efforts to accomplish specific steps will assist in maturing the DCO craft.

A passion for this work helps people dig for root cause, and gets people looking for the needles in needle stacks, fixing the broke, and documenting processes to help build the whole team rather than oneself.
Special Thanks To Kevin Partridge https://twitter.com/usefulinfo#! For helping me see the light on the need for great leadership to foster the passion (6) the quote on (2), and elevating my maturity focus from a team to an organization on (10) – All Through a G+ posting
http://www2.gwu.edu/~nsarchiv/NSAEBB/NSAEBB424/docs/Cyber-060.pdf Cyberspace Operations