Wednesday, November 13, 2024

1:30 PM - 2:30 PM

Nicholls Theatre

---

Details

The Office of the Australian Information Commissioner (OAIC) annual report suggests compromised credentials - whether by phishing or brute-force attacks - make up the majority of cyber incidents leading to data breaches in Australia. Governments and industry experts have responded to this trend by recommending multi-factor authentication (MFA) as a measure to secure internet-facing services and reduce credential-based attacks. However, by mid-2022, it became apparent that malicious cyber actors were stealing “cookies” associated with credentials, to hijack active authentications. Malicious cyber actors were essentially bypassing MFA controls by using cookie theft (also called session hijacking). Threat intelligence can help us evaluate this emerging trend and the potential risk to our businesses and organisations. It can also inform decisions about the application of security countermeasures within our networks like MFA. Open source-intelligence (OSINT) represents a valuable means of acquiring this threat intelligence. In our presentation we simulate a cookie theft session, demonstrating how cookie theft can be used, informing the audience about these types of attacks. We will then highlight the value of OSINT tools and techniques to identify and track the commercialisation of cookie theft across the surface, deep, and dark web. We will provide real world examples and insights into Dark Web environments and suggest tools and techniques for navigating the dark web safely. We will close the presentation with a summary of key findings, which can be used to inform government and business security programs incorporating MFA.

---

Speaker