Ohio Cyber Range - Seminar Series

Organized by the Department of Electrical Engineering and Computer Science, the School of Information Technology, and the Department of Political Science at UC

Physical Penetration and the Cyber Kill Chain with Recon Tools

Thursday October 18, 2018 / 813 Rhodes / 11am – 12.30pm

Kyle Jones

According to the latest figures, 4.5 billion (Gemalto Breach Level Index) records were compromised in the first six months of 2018. In the US, 3.25 billion records recorded were stolen with 540 breaches.  With 540 breaches it adds up to an increase of 356% in the last month and 98% over the same period in 2017 [Bonhill Group].  What is the first step a hacker would take to steal records?  Reconnaissance and the Cyber Kills Chain.

Penetration tools and reconnaissance are important skill sets to have.  Knowing the tools that are involved can enhance your ability to gain access to secure environments.  Most major cyber-attacks have started with careful and time-consuming recon.  Every major cyber-attack has had well thought out and executed plans including the latest Equifax and Facebook breaches. 

As a part of this talk, Professor Jones will demonstrate some of the physical tools used to collect information including the Wi-Fi Pineapple and how to do reconnaissance on the 2.4 GHz frequency and the ease of creating a man in the middle attack to collect valuable information on a target over Wi-Fi.  He will also demonstrate the use of tools such as bad USB and Rubber Ducky and how data can be taken from a physical machine.  As a part of the talk, Mr. Jones will demonstrate ways to protect yourself and data centers against these recon attacks including newly developed electrically conductive and reflective metalized fabrics.  These fabrics are used in products to protect people and equipment from electromagnetic interference (EMI), radio frequency interference (RFI) and static discharge.      

Bio: Kyle Jones, Chair & Associate Professor of Sinclair’s Computer Information Systems Department. He worked in the IT field for over 17 years before coming to education.  Mr. Jones holds a CompTIA Strata, A+, Network+, Security+ certification as well as an ITIL Foundations.  He holds an Associate Degree in Network Engineering from Southern State, a Bachelors of Business from Wilmington College, and a Master’s Degree in Information Assurance and Security from American Public University. He is a Center of Academic Excellence in Cyber Defense Principal Investigator and serves as the coordinator and curriculum specialist for Sinclair’s CIS 2640 Network Security class. In addition, Mr. Jones has been featured as a public speaker on cyber security topics. Most recently, he participated in a roundtable discussion hosted by the Dayton Business Journal on the present landscape of cyber security, and was featured on WDTN Dayton-Channel 2 in a vignette about “Good Cyber Hygiene.” His previous work experience ranges from working for small PC repair shops to Fortune 500 Datacenters.