DDoS Threats Landscape : Countering Large-scale DDoS attacks
Managing Customer Communications in a Cybersecurity Crisis ...€¦ · Anonymous loose cannon...
Transcript of Managing Customer Communications in a Cybersecurity Crisis ...€¦ · Anonymous loose cannon...
Managing Customer Communications in a Cybersecurity Crisis March 2, 2016
Nicole Miller, WE Communications Senior Vice President, Cybersecurity & Issues Management
Conflict of Interest
Nicole Miller
Has no real or apparent conflicts of interest to report.
• Introduction
• The Media News Cycle
• Creating a Playbook
• Questions
Agenda
Learning Objectives
Construct a cybersecurity incident response playbook
Identify how to engage cybersecurity media to better influence
positive outcomes
Prepare for a cybersecurity breach by developing a communications
plan
Distinguish where your organization is at in the cybersecurity news
cycle and execute your plan accordingly
Distinguish your technical, legal and executive platforms so you can
properly activate them
STEPS: Electronic Secure Data
Perception 12% decrease in customer trust after a breach
Attacks & Media Coverage
10-fold increase in cybersecurity-focused
stories in the last four years
Major Data Breach at Staples Stems From POS
Thieves Jackpot ATMs With ‘Black Box’ Attack
JPMorgan Chase hack due to missing 2-factor authentication on one server
‘Cyber Caliphate’ hacks Malaysia Airlines website
Hacked Hotel Phones Fueled Bank Phishing Scams
Anthem Warns of E-mail Scam In Wake Of Data Breach
FBI: Businesses Lost $215M to Email Scams
Bank Hackers Steal Millions via Malware
Chinese Hackers Hijack Forbes Website to Spread Malware: Report
Sony Hackers Reportedly Used A Zero Day Vulnerability XSS Vulnerability in IE could lead to phishing attacks
Highly critical “Ghost” allowing code execution affects most Linux systems
Anonymous loose cannon admits DDoSing social services and housing websites
Great Firewall of China blasts DDoS attacks at random IP addresses
19,000 French websites hit by DDoS, defaced in wake of terror attack
Hackers Steal Up To $1 Billion From Banks
Apple Blocks Tool That Brute-forces iCloud Passwords
Chinese Hacking Group Codoso Team Uses Forbes.com As Watering Hole
Health insurer Anthem hit by hackers, up to 80 million records exposed
Anarchist hackers start cyber war with ISIS
Newsweek Twitter account hacked by ‘CyberCaliphate’
Yet Another Flash Patch Fixes Zero-Day Flaw
Carbanak hacking group steal $1 billion from banks worldwide
Dutch Government Website Outage Caused by Cyber Attack
Flash Patch Targets Zero-Day Exploit
Java Patch Plugs 19 Security Holes
How PCI DSS 3.0 Can Help Stop Data Breaches
Thunderbolt devices can infect MacBooks with persistent rootkits
Flaw in MacBook EFI allows boot ROM malware Hack of Community Health Systems Affects 4. Million Patients
JPMorgan Hack Exposed Data of 83 Million, Among Biggest Breaches in History
Al Jazeera Wrests Back Its Web Sites From Pro-Assad Hackers
Hackers Break Into Server for Obamacare Website: U.S. Officials
Carbanak Hackers Target Banks in $1bn Attack Campaign
Staples confirms 1.2 million cards lost in breach
Jobs’s revenge: Flash piles up the zero-day exploits
Sony hackers exploited a zero-day
vulnerability
Cybersecurity concerns fuel MSSPs, managed security market
Anonymous targets ISIS social media, recruitment drives in #OpISIS campaign
Oracle issues critical patch update: 169 new security fixes
Infamous Regin malware linked to spy tools used by NSA, Five Eyes intelligence
Bugzilla zero-day can reveal zero-day vulnerabilities in top open-source projects
Microsoft Fixes Dangerous Sandworm Zero-Days Used in APT Attacks
Researcher blames vulnerable code re-use for zero-day in Android’s CyanogenMod
Oracle issues critical patch update: 169 new security fixes
Two-factor authentication oversight led to JPMorgan breach, investigators reportedly found Microsoft Fixes Dangerous Sandworm Zero-Days Used in APT Attacks
Major Data Breach at Staples Stems From POS
Thieves Jackpot ATMs With ‘Black Box’ Attack
JPMorgan Chase hack due to missing 2-factor authentication on one server
‘Cyber Caliphate’ hacks Malaysia Airlines website
Hacked Hotel Phones Fueled Bank Phishing Scams
Anthem Warns of E-mail Scam In Wake Of Data Breach
FBI: Businesses Lost $215M to Email Scams
Bank Hackers Steal Millions via Malware
Chinese Hackers Hijack Forbes Website to Spread Malware: Report
Sony Hackers Reportedly Used A Zero Day Vulnerability XSS Vulnerability in IE could lead to phishing attacks
Highly critical “Ghost” allowing code execution affects most Linux systems
Anonymous loose cannon admits DDoSing social services and housing websites
Great Firewall of China blasts DDoS attacks at random IP addresses
19,000 French websites hit by DDoS, defaced in wake of terror attack
Hackers Steal Up To $1 Billion From Banks
Apple Blocks Tool That Brute-forces iCloud Passwords
Chinese Hacking Group Codoso Team Uses Forbes.com As Watering Hole
Health insurer Anthem hit by hackers, up to 80 million records exposed
Anarchist hackers start cyber war with ISIS
Newsweek Twitter account hacked by ‘CyberCaliphate’
Yet Another Flash Patch Fixes Zero-Day Flaw
Carbanak hacking group steal $1 billion from banks worldwide
Dutch Government Website Outage Caused by Cyber Attack
Flash Patch Targets Zero-Day Exploit
Java Patch Plugs 19 Security Holes
How PCI DSS 3.0 Can Help Stop Data Breaches
Thunderbolt devices can infect MacBooks with persistent rootkits
Flaw in MacBook EFI allows boot ROM malware Hack of Community Health Systems Affects 4. Million Patients
JPMorgan Hack Exposed Data of 83 Million, Among Biggest Breaches in History
Al Jazeera Wrests Back Its Web Sites From Pro-Assad Hackers
Hackers Break Into Server for Obamacare Website: U.S. Officials
Carbanak Hackers Target Banks in $1bn Attack Campaign
Staples confirms 1.2 million cards lost in breach
Jobs’s revenge: Flash piles up the zero-day exploits
Sony hackers exploited a zero-day vulnerability
Cybersecurity concerns fuel MSSPs, managed security market
Anonymous targets ISIS social media, recruitment drives in #OpISIS campaign
Oracle issues critical patch update: 169 new security fixes
Infamous Regin malware linked to spy tools used by NSA, Five Eyes intelligence
Bugzilla zero-day can reveal zero-day vulnerabilities in top open-source projects
Microsoft Fixes Dangerous Sandworm Zero-Days Used in APT Attacks
Researcher blames vulnerable code re-use for zero-day in Android’s CyanogenMod
Oracle issues critical patch update: 169 new security fixes
Two-factor authentication oversight led to JPMorgan breach, investigators reportedly found
Microsoft Fixes Dangerous Sandworm Zero-Days Used in APT Attacks
Major Data Breach at Staples Stems From POS
Thieves Jackpot ATMs With ‘Black Box’ Attack
JPMorgan Chase hack due to missing 2-factor authentication on one server
‘Cyber Caliphate’ hacks Malaysia Airlines website
Hacked Hotel Phones Fueled Bank Phishing Scams
Anthem Warns of E-mail Scam In Wake Of Data Breach
FBI: Businesses Lost $215M to Email Scams
Bank Hackers Steal Millions via Malware
Chinese Hackers Hijack Forbes Website to Spread Malware: Report
Sony Hackers Reportedly Used A Zero Day Vulnerability XSS Vulnerability in IE could lead to phishing attacks
Highly critical “Ghost” allowing code execution affects most Linux systems
Anonymous loose cannon admits DDoSing social services and housing websites
Great Firewall of China blasts DDoS attacks at random IP addresses
19,000 French websites hit by DDoS, defaced in wake of terror attack
Hackers Steal Up To $1 Billion From Banks
Apple Blocks Tool That Brute-forces iCloud Passwords
Chinese Hacking Group Codoso Team Uses Forbes.com As Watering Hole
Health insurer Anthem hit by hackers, up to 80 million records exposed
Anarchist hackers start cyber war with ISIS
Newsweek Twitter account hacked by ‘CyberCaliphate’
Yet Another Flash Patch Fixes Zero-Day Flaw
Carbanak hacking group steal $1 billion from banks worldwide
Dutch Government Website Outage Caused by Cyber Attack
Flash Patch Targets Zero-Day Exploit
Java Patch Plugs 19 Security Holes
How PCI DSS 3.0 Can Help Stop Data Breaches
Thunderbolt devices can infect MacBooks with persistent rootkits
Flaw in MacBook EFI allows boot ROM malware Hack of Community Health Systems Affects 4. Million Patients
JPMorgan Hack Exposed Data of 83 Million, Among Biggest Breaches in History
Al Jazeera Wrests Back Its Web Sites From Pro-Assad Hackers
Hackers Break Into Server for Obamacare Website: U.S. Officials Carbanak Hackers Target Banks in $1bn Attack Campaign
Staples confirms 1.2 million cards lost in breach
Jobs’s revenge: Flash piles up the zero-day exploits
Sony hackers exploited a zero-day vulnerability
Cybersecurity concerns fuel MSSPs, managed security market
Anonymous targets ISIS social media, recruitment drives in #OpISIS campaign
Oracle issues critical patch update: 169 new security fixes
Infamous Regin malware linked to spy tools used by NSA, Five Eyes intelligence
Bugzilla zero-day can reveal zero-day vulnerabilities in top open-source projects
Microsoft Fixes Dangerous Sandworm Zero-Days Used in APT Attacks
Researcher blames vulnerable code re-use for zero-day in Android’s CyanogenMod
Oracle issues critical patch update: 169 new security fixes
Two-factor authentication oversight led to JPMorgan breach, investigators reportedly found Microsoft Fixes Dangerous Sandworm Zero-Days Used in APT Attacks
Major Data Breach at Staples Stems From POS
Thieves Jackpot ATMs With ‘Black Box’ Attack
JPMorgan Chase hack due to missing 2-factor authentication on one server
‘Cyber Caliphate’ hacks Malaysia Airlines website
Hacked Hotel Phones Fueled Bank Phishing Scams
Anthem Warns of E-mail Scam In Wake Of Data Breach
FBI: Businesses Lost $215M to Email Scams
Bank Hackers Steal Millions via Malware
Chinese Hackers Hijack Forbes Website to Spread Malware: Report
Sony Hackers Reportedly Used A Zero Day Vulnerability XSS Vulnerability in IE could lead to phishing attacks
Highly critical “Ghost” allowing code execution affects most Linux systems
Anonymous loose cannon admits DDoSing social services and housing websites
Great Firewall of China blasts DDoS attacks at random IP addresses
19,000 French websites hit by DDoS, defaced in wake of terror attack
Hackers Steal Up To $1 Billion From Banks
Apple Blocks Tool That Brute-forces iCloud Passwords
Chinese Hacking Group Codoso Team Uses Forbes.com As Watering Hole
Health insurer Anthem hit by hackers, up to 80 million records exposed
Anarchist hackers start cyber war with ISIS Newsweek Twitter account hacked by ‘CyberCaliphate’
Yet Another Flash Patch Fixes Zero-Day Flaw
Today’s Cybersecurity News Cycle
T E C H N O L O G Y B U S I N E S S C O N S U M E R P O L I C Y
Key insights Tips and tricks
News doesn’t wait for chain of
command – time is critical
You likely don’t have all the
information others on the outside
do
Although lacking information, you
still need to communicate. If you
don’t insert your message here,
credibility is hard to get back.
Centralized communications
Deep technical situational
awareness
Manage internal information flow
Spokesperson identification
32% More negative coverage
when a company is not
quoted in articles about
their own security
event.
-3.0
0
-2.0
0
-1.0
0
0.0
0
Co
vera
ge S
en
tim
en
t
DIS
MIS
SIV
E
Key insights Tips and tricks
No participation = 32% lower
sentiment
Use a spokesperson = 40%
more shares
Attribution is the best message
you can deliver
Prepare to manage multiple
audiences
Trust the maturity of your
audience
Focus on technical messages
and deliver credible attribution
Maintain landscape awareness –
refresh browser often!
GOVERNMENT CORPORATE
VENDOR RESEARCHER
Ryan Naraine David DeWalt
Kaspersky Labs FireEye
Wolfgang Kandek Dan Kaminsky
Qualys Whiteops
Feng Xue David Litchfield Andy Ozment Timothy Wallach
Department of Homeland
Security (DHS)
Federal Bureau of
Investigation (FBI)
Key insights Tips and tricks
Analysis phase is the longest
and skews most negative for you
Security experts and industry of
fear drops sentiment by 11%
Expert opinion = 200% more
shares
Stay invested in the cycle
Don’t spin but find experts to
support you and provide balance
Have a proportional response
Key insights Tips and tricks
News needs to have an ending
Resolution = most positive
Customers need closure long
after the media have moved on
Be bold about taking care of your
customers
Fight the instinct to close the
door on the crisis
Assist law enforcement to find
attackers
Key insights Tips and tricks
Stories never die, they just go to
sleep
Tell the ending of your own story.
If not, long tail coverage will
focus on what broke, not how
you fixed it
Reiterate your resolution story
When dictated by circumstances,
take leadership
Remind your customers that you
are better than before
Today’s Cybersecurity News Cycle
We are often faced with the choice of whether we
parachute in a number of reporters to cover a breach
like we did with .
A company’s initial response helps to determine the
route we take.”
STEPS: Electronic Secure Data
Perception 12% decrease in customer trust after a breach
Attacks & Media Coverage
10-fold increase in cybersecurity-focused
stories in the last four years