Destiney M. Plaza, CISSP
I Spy With My Hacker Eye: How Hackers Use Public Info to Crack Your Creds
Destiney M. Plaza is a Cybersecurity Engineer at Carnegie Mellon University’s Software Engineering Institute. Destiney is heavily invested in mentorship, and loves inspiring others to join the tech field. She has given multiple talks and workshops to a diversity of audiences ranging from beginners to cybersecurity professionals. She holds a CISSP, BS in computer science, and MS in management information systems with a concentration in information assurance.
Did you know there are 500 million tweets per day? 2.9 billion monthly active Facebook users? 900 million LinkedIn members? Are you one of them? Did you know that your shared information could be putting you at risk? Publicly Available Electronic Information (PAEI) can make it easier for hackers to target you for monetary or reputation damage. Without knowing how exactly a hacker can crack your password, it can be difficult to take steps to protect yourself from bad actors. A survey from the Digital Guardian mentioned that about 50% of participants reuse passwords. It also stated that 32.8% did not know what two-factor authentication was, 38.6% write their password on a sticky note, and 16.1% store their password in a file. With great power comes great responsibility, and this applies to user password practices. Passwords are the #1 desired data type by hackers, and personal data is ranked #2 according to the 2021 Verizon Data Breach Report. Additionally, 89% of web application breaches involved credential abuse. In this talk, we will go over how a hacker can use seemingly benign information to customize their attack on a victim by showing a scenario-based attack and demo (using free and open-source tools). Additionally, you will learn how hackers can gather information about you, common mistakes people make that put themselves at risk, and how to protect yourself.