Risk Management Webinar Series - MedmarcStep 1 Perform a Traditional Security Assessment Open source...
Transcript of Risk Management Webinar Series - MedmarcStep 1 Perform a Traditional Security Assessment Open source...
CYBER BREACH
Tactical Network Solutions LLC Proprietary Information [email protected] 1
Preventing Bodily Injury and Property Damage
THE WORLD WE KNOW TODAY
Tactical Network Solutions LLC Proprietary Information [email protected] 2
INTERNET SECURITY CAMERAS
Tactical Network Solutions LLC Proprietary Information [email protected] 3
IoT BOTNET
Tactical Network Solutions LLC Proprietary Information [email protected] 4
WE WARNED YOU IN 2013
Tactical Network Solutions LLC Proprietary Information [email protected] 5
BUT YOU STILL GOT SUED
Tactical Network Solutions LLC Proprietary Information [email protected] 6
Tactical Network Solutions LLC Proprietary Information [email protected] 7
Tactical Network Solutions LLC Proprietary Information [email protected] 8
AND THE BEAT GOES ON…
Tactical Network Solutions LLC Proprietary Information [email protected] 9
MEDICAL DEVICES
Tactical Network Solutions LLC Proprietary Information [email protected] 10
THE STORY
Tactical Network Solutions LLC Proprietary Information [email protected] 11
VERSUS
Tactical Network Solutions LLC Proprietary Information [email protected] 12
Tactical Network Solutions LLC Proprietary Information [email protected] 13
Tactical Network Solutions LLC Proprietary Information [email protected] 14
Tactical Network Solutions LLC Proprietary Information [email protected] 15
Tactical Network Solutions LLC Proprietary Information [email protected] 16
Tactical Network Solutions LLC Proprietary Information [email protected] 17
Tactical Network Solutions LLC Proprietary Information [email protected] 18
Tactical Network Solutions LLC Proprietary Information [email protected] 19
Tactical Network Solutions LLC Proprietary Information [email protected] 20
Tactical Network Solutions LLC Proprietary Information [email protected] 21
THE COST
Tactical Network Solutions LLC Proprietary Information [email protected] 22
ELEMENT
Tactical Network Solutions LLC Proprietary Information [email protected] 23
IMPACTFraud losses, legal fees,new security measures
$Millions to $Billionsin costs
ELEMENT
Tactical Network Solutions LLC Proprietary Information [email protected] 24
IMPACTFraud losses, legal fees,new security measures
$Millions to $Billionsin costs
Drop in stock & profits 5% to 10% drop in stock
ELEMENT
Tactical Network Solutions LLC Proprietary Information [email protected] 25
IMPACTFraud losses, legal fees,new security measures
$Millions to $Billionsin costs
Drop in stock & profits 5% to 10% drop in stock
Brand valueBrand index scores immediately drop to negative
ELEMENT
Tactical Network Solutions LLC Proprietary Information [email protected] 26
IMPACT
Credit rating S&P cuts credit rating
ELEMENT
Tactical Network Solutions LLC Proprietary Information [email protected] 27
IMPACT
Credit rating S&P cuts credit rating
Job security Executive shake-ups
ELEMENT
Tactical Network Solutions LLC Proprietary Information [email protected] 28
IMPACT
Credit rating S&P cuts credit rating
Job security Executive shake-ups
Customers leave Some customers never return
DISCOVERING ATTACK VECTORS
Tactical Network Solutions LLC Proprietary Information [email protected] 29
AS EASY AS 1, 2, 3
Tactical Network Solutions LLC Proprietary Information [email protected]
Step 1 Unpack the Firmware ImageOpen source tool called binwalk can unpack most firmware images.
Step 2 Analyze Executable Binaries and System FilesLook for low-hanging fruit like insecure coding practices and hidden private crypto keys.
Step 3 Fix, Compile, RepeatReplace insecure coding practices with secure methods. Remove all private crypto keys. Recompile code. Re-examine.
30
BUT MY SOURCE CODE IS SECURE!
Tactical Network Solutions LLC Proprietary Information [email protected] 31
Tactical Network Solutions LLC Proprietary Information [email protected] 32
Tactical Network Solutions LLC Proprietary Information [email protected] 33
Tactical Network Solutions LLC Proprietary Information [email protected] 34
Tactical Network Solutions LLC Proprietary Information [email protected] 35
Tactical Network Solutions LLC Proprietary Information [email protected] 36
Tactical Network Solutions LLC Proprietary Information [email protected] 37
Tactical Network Solutions LLC Proprietary Information [email protected] 38
Tactical Network Solutions LLC Proprietary Information [email protected] 39
HOW TO MITIGATE CYBER SECURITY RISKSIN CONNECTED MEDICAL DEVICES
Tactical Network Solutions LLC Proprietary Information [email protected]
Step 1 Perform a Traditional Security AssessmentOpen source tools such as Nmap, Nessus, and Metasploit can help.
Step 2 Perform Blackbox Testing with FuzzingOpen source tools: w3af, Wfuzz, Wapiti. Commercial tools: Defensics.
Step 3 Perform a Firmware EvaluationOpen source tool: binwalk, gdb, OllyDbg. Commercial tools: Centrifuge Security Platform.
40
WHO ISTACTICAL NETWORK SOLUTIONS
Tactical Network Solutions LLC Proprietary Information [email protected] 41
Founded 2007
Tactical Network Solutions LLC Proprietary Information [email protected]
Founders are former NSA/TAO employeesOffensive cyber operations focus12 Employees
42
MANAGEMENT TEAM
Tactical Network Solutions LLC Proprietary Information [email protected]
Terry Dunlap, Founder & CEONational Security Agency - 7 years experienceComputer Network Exploitation wireless tool developmentActing Branch Chief
Peter Eacmen, Co-Founder & CTONational Security Agency - 10+ years experienceComputer Network Exploitation tool developmentClose access operation supportEmbedded directly with USSOCOM unit at NSA
43
FIRMWARE EVALUATION TEAM
Tactical Network Solutions LLC Proprietary Information [email protected]
10 EmployeesFormer NSA Computer Network Exploitation specialists in firmware reverse engineering
44
CUSTOMERS
Tactical Network Solutions LLC Proprietary Information [email protected] 45
CONTACT
Tactical Network Solutions LLC Proprietary Information [email protected]
Terry [email protected] (C)
Peter [email protected] (C)
Tactical Network Solutions LLC8825 Stanford Blvd., Suite 308
Columbia, MD 21045(443) 276-2990
46