当前位置:首页 > 报告详情

不要让你的帮助台成为网络攻击的切入点.pdf

上传人: 学*** 编号:187748 2024-12-26 21页 2.40MB

1、12024 RSA Security LLC or its affiliates.All rights reserved.Dont Let Your Help Desk Become an Entry Point for Cyberattacks22024 RSA Security LLC or its affiliates.All rights reserved.Todays SpeakerCISORobert Hughes32024 RSA Security LLC or its affiliates.All rights reserved.Audience Poll Have you e

2、ver worked as part of a Help Desk Team?42024 RSA Security LLC or its affiliates.All rights reserved.Attack vector:Tricking the help desk April 2024 US Health Department warns that hackers are targeting help desks September 2023 MGM SEC 8-K filing-USD$100 million impact Caesars Palace-USD$15 million

3、ransom paid 3 other companies hit with similar attacks March 2022 LAPSUS$DEV-0537-attack against Microsoft to get source codeHelp Desks Targeted52024 RSA Security LLC or its affiliates.All rights reserved.Impersonate an Employee Target the Help DeskAttacker may have credentials or some access alread

4、yMay have intel on the employee they are impersonatingLikely target:Get around MFA Multi-Factor Authentication Talk Help Desk into disabling MFA for admin account Talk Help Desk into changing/allowing a new false authenticatorPlan:Get deeper into the networkHelp Desk Attack VectorsImpersonate the He

5、lp Desk Target an employeePre-MFA-extract credentials Post-MFA trick user to complete MFA response,or share MFA info One Time Passwords62024 RSA Security LLC or its affiliates.All rights reserved.Still on targetFeeling its AgeNew Context Call logging,ticketing/proactively identifying possible red fl

6、ags Escalation to supervisor External authentication/remote user guidance Ensure secure and clear business processes Use of MFA techniques Corporate phone systems Focus on IPSec VPNs Focus on hardware/hard tokens Ubiquitous MFA AI and Deepfakes Prevalence of remote users in the post-COVID era Smartp

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
本文主要探讨了帮助台在网络安全中的重要作用以及面临的挑战。文章指出,黑客正通过欺骗帮助台人员来实施网络攻击,例如通过模仿员工身份或利用员工的访问权限。为了应对这些挑战,文章提出了一系列的策略和建议,包括在帮助台中实施多因素认证(MFA)、加强社会工程学培训、确保业务流程的安全性以及提高帮助台的工具和流程的安全性。此外,文章还提到了一些关键的数据,如美国健康部门警告黑客正在针对帮助台、MGM和Caesar's Palace等公司因帮助台攻击而遭受重大损失等。
"如何防止帮助台成为网络攻击的入口点?" "如何确保帮助台在应对网络攻击时保持安全?" "如何提升帮助台在网络安全中的作用?"
客服
商务合作
小程序
服务号
折叠