Gartner UK 2015 Anatomy of An Attack
-
Upload
wolfgang-kandek -
Category
Technology
-
view
271 -
download
0
Transcript of Gartner UK 2015 Anatomy of An Attack
Verizon Data Breach Investigation Report
Verizon Data Breach Investigation Report
2122 Data Breaches
2122 Data BreachesFinancial data, Product data,
Personal data, Usernames/Passwords
Vulnerabilities
> 99% over 1 year old
> 99%
But 40 in 2014
But 40 in 2014and 50% within 2 weeks
> 99%
MalwareInfects
Computer
Exploit for known
Vulnerability
TargetedE-mailSpear
Phishing
Social MediaProfile
Exploit for 0-day
Vulnerability
KnownWorm/Virus
InfectedUSBDrive
Find infected
Computers
Command and Control
Username/Passwords
Dataloss
Brand
Finance
Others
> 99%
1. CTO (punk rock fan), punk rock concert offer, doc opened, no run2. Employee, employment offer, doc opened, script ran
3. COO (Greek History), article comment, doc not opened4. Employee, inquiry on side project, doc not opened
5. Employee, survey form of past employment, doc opened, infected, but no privileged account
6. System Admin, professional society membership offer, doc opened, infected - Bingo
Demo
PhishingTraining
PhishingTraining
10%->2%
VulnerabilitiesPatch
VulnerabilitiesPatch
95%/99%
> 99%
> 99%
VulnerabilitiesPatch
95%/99%Priority on Exploits
MS15-020, MS15-051
0-daysHardening
Then:Passwords
Finally:Breach Detection
Now: Vulnerability Assessments3 months: Passwords12 months+: Breach Detection
Resources• Verizon DBIR 2015
http://www.verizonenterprise.com/DBIR/
• Chevronhttps://www.rsaconference.com/events/us15/agenda/sessions/1983/building-a-next-generation-security-architecture
• BSIhttps://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/Lageberichte/Lagebericht2014.pdf
• Hardeninghttps://www.virusbtn.com/pdf/conference_slides/2013/Niemela-VB2013.pdf