SC Congress cyber-attack demo, as it happened

On Wednesday at the SC Congress Security Conference and Expo, the show's big closing number was an on-stage simulation in real time of a cyber attack, which I live-tweeted from @cwceditor. Here's How it played out, with Terry Cutler from Novell and Dale Tidd from Defilaide as the main characters.
Cyberwarfare demo at SC Congress in 10 minutes. Warmup music: Won't get fooled again.
Or is it the theme from CSI: Miami? I'm never sure.
A BlackBerry isn't great for tweeting when your eyes are bad and your thumbs are big. Apologies in advance for any typos.
Terry Cutler from Novell apparently about to go on.
Cutler: infiltrate any company with an infected LinkedIn request. Not sure I heard that right.
Cutler: nobody's robbing banks anymore.
Cutler: Lots of information for hackers from business cards
Cutler: crack a user.s log in, escalate to admin, install exploit, hide your tracks.

Cutler: hackers will harden a system against other hackers
Dale from Defilade: raise your hand if you've attacked a bank
Dale: wouldn't security posture improve if every IT pro, not just security, understood basic hacking techniques?
90 pc of IT pros have never conducted a hands-on attack.
Defilaide's cyberwarfare battlefield environment about to be demoed.
Using Core Impact on attack machine.
With poisoned LinkedIn request, downloads all the passwords in IE.
Sends e-mail from compromised account to CEO telling him to install patch.
Tip: don't click on LinkedIn messages from web mail; check the LinkedIn account
Now a pass the hash attack. Not what it sounds like.
Passes hashed log in to a server like a regular windows login to sql server.
Watching 19K cc numbers being downloaded. Fake, I'm hoping.


Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada
Dave Webb
Dave Webb
Dave Webb is a freelance editor and writer. A veteran journalist of more than 20 years' experience (15 of them in technology), he has held senior editorial positions with a number of technology publications. He was honoured with an Andersen Consulting Award for Excellence in Business Journalism in 2000, and several Canadian Online Publishing Awards as part of the ComputerWorld Canada team.

Featured Download

IT World Canada in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Latest Blogs

Senior Contributor Spotlight