Safer Technology Through Threat Awareness and Response
-
Upload
stephen-cobb -
Category
Business
-
view
210 -
download
1
description
Transcript of Safer Technology Through Threat Awareness and Response
![Page 1: Safer Technology Through Threat Awareness and Response](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b659fc4a79596f768b457b/html5/thumbnails/1.jpg)
Safer Technology Through Threat Awareness and Response
Stephen Cobb, CISSPSenior Security Researcher
![Page 2: Safer Technology Through Threat Awareness and Response](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b659fc4a79596f768b457b/html5/thumbnails/2.jpg)
Threat awareness = know your enemy
We all know there are threats, but do we have a clear picture of them?
What are the main threats?
What can we do to defend against them?
![Page 3: Safer Technology Through Threat Awareness and Response](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b659fc4a79596f768b457b/html5/thumbnails/3.jpg)
What is behind data security breaches?
1. Malware involved in 69% of breaches2. Hacking* used in 81% of breaches
Verizon 2012 Data Breach Investigations Report
*80% of hacking is passwords: default, missing, guessed, stolen, cracked
![Page 4: Safer Technology Through Threat Awareness and Response](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b659fc4a79596f768b457b/html5/thumbnails/4.jpg)
3rd element: deception
Used in many types of attack, like this recent attempt to plant a Trojan
Clicking either link and you will be infected
(Unless you are running a good AV program)
![Page 5: Safer Technology Through Threat Awareness and Response](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b659fc4a79596f768b457b/html5/thumbnails/5.jpg)
What do cyber criminals want with our digital devices and data?
![Page 6: Safer Technology Through Threat Awareness and Response](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b659fc4a79596f768b457b/html5/thumbnails/6.jpg)
36 ways to abuse a hacked device• Spam zombie• DDoS extortion zombie• Click fraud zombie• Anonymization proxy• CAPTCHA solving zombie
• eBay/PayPal fake auctions• Online gaming credentials• Website FTP credentials• Skype/VoIP credentials• Encryption certificates
• Fake antivirus• Ransomware• Email account ransom• Webcam image extortion
• Bank account data• Credit card data• Stock and 401K accounts• Wire transfer data
• Phishing site• Malware download site• Warez piracy server• Child porn server• Spam site
• Harvest email contacts• Harvest associated accounts• Access to corporate email• Webmail spam• Stranded abroad scams
• Facebook• Twitter• LinkedIn • Google+
• Online gaming characters• Online gaming goods/$$$• PC game license keys• OS license key
Based on original work by Brian Krebs: krebsonsecurity.com
Webserver
Botnetactivity
Email attacks
Virtualgoods
Reputationhijacking
Financial credentials
Hostage attacks
Account credentials
![Page 7: Safer Technology Through Threat Awareness and Response](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b659fc4a79596f768b457b/html5/thumbnails/7.jpg)
IMPACTADVANTAGEMONEY
CREDENTIALS
What’s their motivation?
![Page 8: Safer Technology Through Threat Awareness and Response](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b659fc4a79596f768b457b/html5/thumbnails/8.jpg)
The Office of Naval Research and the rail gun• Fires a projectile at 5,000 mph with a range of 100
miles• Small businesses responsible for 86 individual sub-
contracts worth $20m
![Page 9: Safer Technology Through Threat Awareness and Response](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b659fc4a79596f768b457b/html5/thumbnails/9.jpg)
Verizon 2012 Data Breach Investigations Report
1 to 10
11 to 100
101 to 1,000
1,001 to 10,000
10,001 to 100,000
Over 100,000
0 100 200 300 400 500 600
720 breaches by size of organization (employees)
SMBs
![Page 10: Safer Technology Through Threat Awareness and Response](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b659fc4a79596f768b457b/html5/thumbnails/10.jpg)
The SMB sweet spot for the cyber-criminally inclined
Assets worthlooting
Level of protection
Big enterprise
SMB “sweet spot”
Consumers
![Page 11: Safer Technology Through Threat Awareness and Response](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b659fc4a79596f768b457b/html5/thumbnails/11.jpg)
Tools of the trade
To get into cyber crime you need:A. To be a programmer? NoB. To buy equipment? NoC. To have you own servers?
No
Crime kits are slick, easy-to-use, and you can rent them.
Consider the Serenity exploit kit
![Page 12: Safer Technology Through Threat Awareness and Response](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b659fc4a79596f768b457b/html5/thumbnails/12.jpg)
![Page 13: Safer Technology Through Threat Awareness and Response](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b659fc4a79596f768b457b/html5/thumbnails/13.jpg)
![Page 14: Safer Technology Through Threat Awareness and Response](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b659fc4a79596f768b457b/html5/thumbnails/14.jpg)
![Page 15: Safer Technology Through Threat Awareness and Response](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b659fc4a79596f768b457b/html5/thumbnails/15.jpg)
Thriving markets for credentials
![Page 16: Safer Technology Through Threat Awareness and Response](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b659fc4a79596f768b457b/html5/thumbnails/16.jpg)
![Page 17: Safer Technology Through Threat Awareness and Response](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b659fc4a79596f768b457b/html5/thumbnails/17.jpg)
![Page 18: Safer Technology Through Threat Awareness and Response](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b659fc4a79596f768b457b/html5/thumbnails/18.jpg)
![Page 19: Safer Technology Through Threat Awareness and Response](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b659fc4a79596f768b457b/html5/thumbnails/19.jpg)
![Page 20: Safer Technology Through Threat Awareness and Response](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b659fc4a79596f768b457b/html5/thumbnails/20.jpg)
All driven by proven business strategies
Specialization Modularity
Division of labor Standards
Markets
![Page 21: Safer Technology Through Threat Awareness and Response](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b659fc4a79596f768b457b/html5/thumbnails/21.jpg)
So how do you defend your devices?
Three main attacks …. and defenses
Scanning
Authentication
Malware
Hacking
AwarenessDeception
![Page 22: Safer Technology Through Threat Awareness and Response](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b659fc4a79596f768b457b/html5/thumbnails/22.jpg)
Scanning doesn’t work if you don’t use it
Scan devices while connected
Scan devices prior to connection
Require AV on mobile devices
0% 5% 10% 15% 20% 25% 30% 35% 40%
Measures in use at a sample of 82 healthcare facilities
98% experienced one or more breaches of PHIPonemon Institute Third Annual Benchmark Study on Patient Privacy & Data Security
![Page 23: Safer Technology Through Threat Awareness and Response](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b659fc4a79596f768b457b/html5/thumbnails/23.jpg)
Authentication beyond passwords
Passwords exposed in 2012: 75,000,000Need to add a second factor to authentication2FA raises the bar for attackers trying to get at your corporate network
![Page 24: Safer Technology Through Threat Awareness and Response](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b659fc4a79596f768b457b/html5/thumbnails/24.jpg)
Awareness: a powerful weapon
• Think before you click/open• If it sounds too good…• Just because your friend said…• Resources:
• Securing Our eCity• We Live Security• Podcasts and webinars• ESET Smart Security
![Page 25: Safer Technology Through Threat Awareness and Response](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b659fc4a79596f768b457b/html5/thumbnails/25.jpg)
Security news and how-tos
![Page 26: Safer Technology Through Threat Awareness and Response](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b659fc4a79596f768b457b/html5/thumbnails/26.jpg)
Thank you!
• Visit www.WeLiveSecurity.com