Think about all the passwords we use to access information every day. Whether it is email, social media, financial institutions or numerous other services, passwords have become the keys to our digital kingdoms. So it’s no surprise that Advanced Persistent Threat (APT) actors and malicious software target these credentials once they have compromised a system or systems in our network to further entrench and seek profit from unlocking our personal and corporate data. In order to curb this problem, most enterprises and operating systems encrypt this data to keep it safe. However, we have seen with the right tools these credentials can be unencrypted and used for more nefarious means. This problem has plagued even the largest organizations and the list of companies suffering from credential leaks is growing almost daily and includes such giants as LinkedIn, EHarmony and Yahoo. In this talk, we discuss how these breaches occur, the risks to the organization as well as the individual and what can be done to mitigate this growing security epidemic. An “Enclave Protected Defense-in-Depth” strategy toward creating, securing and managing passwords against this class of attack will be propounded and a focus will be placed on explicating the tools, techniques and practices (TTPs) used by malicious actors that leverage these attacks to gain access within the network to breach critical data that can bring harm to the individual and organization. Lastly, we will explore how to improve personal and enterprise password strategies, discuss alternatives like two factor authentication and Active Directory Group Policy strategies to help mitigate this risk and, finally, speculate to what the future of authentication may look like.
For a decade, John has provided information technology and security education to aspiring computer professional in the greater Detroit area. John has taught classes ranging from hacker techniques to computer forensics as well many other topics and courses.