Real Threat and Real Defenses – Case Study of the Unknown

50 %
50 %
Information about Real Threat and Real Defenses – Case Study of the Unknown

Published on September 7, 2015

Author: InfoQ

Source: slideshare.net

1. Copyright 2015 Alex Holden, CISSP Chief Information Security Officer

2. InfoQ.com: News & Community Site • 750,000 unique visitors/month • Published in 4 languages (English, Chinese, Japanese and Brazilian Portuguese) • Post content from our QCon conferences • News 15-20 / week • Articles 3-4 / week • Presentations (videos) 12-15 / week • Interviews 2-3 / week • Books 1 / month Watch the video with slide synchronization on InfoQ.com! http://www.infoq.com/presentations /hackers-threat-defense

3. Presented at QCon New York www.qconnewyork.com Purpose of QCon - to empower software development by facilitating the spread of knowledge and innovation Strategy - practitioner-driven conference designed for YOU: influencers of change and innovation in your teams - speakers and topics driving the evolution and innovation - connecting and catalyzing the influencers and innovators Highlights - attended by more than 12,000 delegates since 2007 - held in 9 cities worldwide

4. INFORMATION SECURITY – EVOLVING TARGET • Rapid evolution of technology creates ample opportunity for cybercrime to thrive. • Technology infiltrated our culture faster than education about safety.

5. LINE OF DEFENSE - TECHNOLOGY • Firewalls • Anti-virus • Encryption • Monitoring • Authentication

6. LINE OF DEFENSE - PEOPLE • C-suite • Legal • Information Technology • Business Units • Privacy & Audit

7. LINE OF DEFENSE - COMPLIANCE • Laws • Regulations • Rules • Policies

8. HACKERS – THE OTHER SIDE • State or Corporate Sponsored • Hacktivists – Driven by Political or Social Agendas • Profit Seekers • Revenge • Employees

9. WHO IS THE MODERN HACKER?

10. MODERN HACKER • Не говорит по-английски • Semi-educated • Lazy • Money-hungry • Addicted to drugs, alcohol, gambling

11. MODERN HACKER • 99% of hackers fail in their carriers • On a run from the law • On a run from competition • On a run from street gangs

12. HACKERS VIEW OF US • War of stereotypes “I’m fighting a holy war against the West… They drive their Rolls Royces and go home to their million-dollar houses, while people here are struggling. I will never harm my fellow Slavs; but America, Europe, and Australia deserve it.” - aqua (jabberzeus)

13. LEARNING FROM EXPERIENCE • Target Breach 2013 • CyberVor Breach 2013-2014 • Sony Pictures Breach 2014 • Anthem Breach 2014-2015

14. TARGET BREACH • Hackers learned from their bad experience with BlackPOS with Verifone POS attempted breach in Russia (Feb-Mar 2013) • Breach planned for several months • Botnet breach of a vendor • A week before the Black Friday – extensive testing • Two weeks of data collection before putting the data up for sale

15. TARGET BREACH • Kartoxa POS Malware author - Rinat Shabaev was looking for a regular job programming, asking for about $12 / hour • After failing to find any significant project he turns to hacker community who use his skills write malware

16. THE CYBERVOR BREACH • Spam • Credentials • Distribution • 1.2 billion credential breach from 420,000 websites (CyberVor) • Credential attack for hire • Spam via email and social media • Travel Scams • Financial Services • Moderate profits

17. DEFENSE 101 • Understand your enemy • Emerging patterns • Hackers types • Hackers business models

18. Common vectors Viruses 0-day vulnerabilities Heartbleed Shellshock SQL injection Stolen/re-used credentials DEFENSE 101 (CONT’D)

19. ADVISE - QUANTITATIVE ANALYSIS • Sony breach lessons • How much of your data is transferred? • What is normal? What is not? • Learn to look at statistics 17

20. ADVICE - HONEYPOTS Honeypots are not only systems •Components •Credentials •Features 18

21. DEFENSE 101 (CONT’D) • Regulatory Security • Why is it important • Real-World Security • Why it is essential

22. REGULATORY SECURITY

23. REAL WORLD SECURITY ?b=0 or 1=1--?b=0 or 1=2--?b=0 or 1=a--

24. BREACHES • You have been breached already • Look for your data •Surface Web •Deep Web •Dark Web

25. SECURITY - MATURITY MODEL

26. HOLD SECURITY, LLC Copyright 2015 THANK YOU A L E X H O L D E N – A H O L D E N @ H O L D S E C U R I T Y . C O M

27. Watch the video with slide synchronization on InfoQ.com! http://www.infoq.com/presentations/hackers- threat-defense

Add a comment

Related pages

Real Threat and Real Defenses – Case Study of the Unknown

Alex Holden examines hackers’ techniques, skills, and shortfalls. He takes a snapshot of the current threat landscape and derives practical lessons by ...
Read more

Real threat and real defenses – Case study of the unknown ...

Presentation: Real threat and real defenses – Case study of the unknown
Read more

CISO Guide A nced ThreAT PrevenTion - ForeScout

... we will examine the nature of sophisticated threats and the state of defenses ... A real-world case study ... previously unknown ...
Read more

Threat Modeling > Presentations > Page #1

... processed data to real time ... Threat Modeling Content on InfoQ. Presentations. 50:41. Real Threat and Real Defenses – Case Study of the Unknown ...
Read more

Case Study | Cybereason

case study | Cybereason ... Real Life Case Study ... to discover and shut down an advanced persistent threat that had penetrated its defenses nearly a ...
Read more

A Real-Time Approach to Continuous Monitoring

Real-Time Information Fusion: A Case Study Advisor: ... of continuous monitoring and other top defenses for ... 5 www.sans.org/reading_room/analysts ...
Read more

Data Security and Compliance in the Age of Advanced Cyber ...

CASE-STUDY E -BOOK Data Security ... in the Age of Advanced Cyber Threats Real-World ... the healthcare industry that the threat of a major data breach is ...
Read more

An Intelligent Approach to Stopping Advanced Threats

Organizations require an intelligent approach to protecting their critical ... coordinated defenses — in this case, ... Real-Time Threat Intelligence ...
Read more

Case studies | SecurityMatters

... can enhance your system defenses by enabling you to ... Case Study 1: The New and Unknown Targeted Attack. Case Study 2: The Insider Threat. Case Study ...
Read more