Over the last two weeks we ran a Twitter contest in celebration of the launch of our 2012 Global Security Report. This contest asked our SpiderLabs Twitter follows to find the answers to various questions within the report. We had around 100 active participants and gave out $500.00 in total gift cards to randomly selected winners who answered the question correct each day.
Here is a summary of the questions and answers:
- Question 1: One out of approximately 800 devices on the Internet is vulnerable to what type of attack method?
- Answer: "BNAT - Broken Network Address Translation" and was part of the "Walking Through Firewalls" section (pages 51-54) in the Trustwave 2012 Global Security Report.
- Question 2: Which industry ranked third in total number of breaches investigated by Trustwave SpiderLabs in 2011?
- Answer: "Hospitality" and was part of the "2011 Incident Response Investigations" section (pages 3-20) in the Trustwave 2012 Global Security Report.
- Question 3: What was the 7th most popular password found during a Business Password Analysis of over 2M hashes by Trustwave SpiderLabs?
- Answer: "123456" and was part of the "Business Password Analysis" section (pages 35-40) in the Trustwave 2012 Global Security Report.
- Question 4: What was the top "origin" of attack as seen through Trustwave SpiderLabs investigations in 2011?
- Answer: "Unknown" or "Unknown Origin" and was part of the "International Perspectives" section (pages 10-16) in the Trustwave 2012 Global Security Report.
- Question 5: (Jeopardy Style) This data aggregation attack technique obtains data while it is being processed or access by a system or application.
- Answer: "What is In-transit or In-transit Attacks?" and was introduced on page 9 and in more detail as part of the "Malware Statistics" section (pages 17-18) in the Trustwave 2012 Global Security Report.
- Question 6: What are the two main motivations for web-based attacks as seen in 2011 by Trustwave SpiderLabs?
- Answer: "Hacking for Profit and Ideological Hacking" and discussed in the "The Web" section (pages 29-33) in the Trustwave 2012 Global Security Report.
- Quesiton 7: One in how many organizations use insecure remote access solutions as seen through vulnerability scans performed by Trustwave?
- Answer: "One in Five" or "22%" and discussed in the "The Network - Legacy Issues Still At Large" section (pages 22-26) in the Trustwave 2012 Global Security Report.
We also kept track of all the correct answers throughout the contest and randomly selected one grand prize winner. The grand prize is a trip to Las Vegas for Black Hat USA and DEF CON 20. It includes airfare, hotel, conference passes, and a VIP invite to the famous "Spiders are FUN!" party.
The randomly selected winner of the grand prize is:
Ray Davidson (@RayDavidson)