Published on September 7, 2015
1. Copyright 2015 Alex Holden, CISSP Chief Information Security Officer
2. InfoQ.com: News & Community Site • 750,000 unique visitors/month • Published in 4 languages (English, Chinese, Japanese and Brazilian Portuguese) • Post content from our QCon conferences • News 15-20 / week • Articles 3-4 / week • Presentations (videos) 12-15 / week • Interviews 2-3 / week • Books 1 / month Watch the video with slide synchronization on InfoQ.com! http://www.infoq.com/presentations /hackers-threat-defense
3. Presented at QCon New York www.qconnewyork.com Purpose of QCon - to empower software development by facilitating the spread of knowledge and innovation Strategy - practitioner-driven conference designed for YOU: influencers of change and innovation in your teams - speakers and topics driving the evolution and innovation - connecting and catalyzing the influencers and innovators Highlights - attended by more than 12,000 delegates since 2007 - held in 9 cities worldwide
4. INFORMATION SECURITY – EVOLVING TARGET • Rapid evolution of technology creates ample opportunity for cybercrime to thrive. • Technology infiltrated our culture faster than education about safety.
5. LINE OF DEFENSE - TECHNOLOGY • Firewalls • Anti-virus • Encryption • Monitoring • Authentication
6. LINE OF DEFENSE - PEOPLE • C-suite • Legal • Information Technology • Business Units • Privacy & Audit
7. LINE OF DEFENSE - COMPLIANCE • Laws • Regulations • Rules • Policies
8. HACKERS – THE OTHER SIDE • State or Corporate Sponsored • Hacktivists – Driven by Political or Social Agendas • Profit Seekers • Revenge • Employees
9. WHO IS THE MODERN HACKER?
10. MODERN HACKER • Не говорит по-английски • Semi-educated • Lazy • Money-hungry • Addicted to drugs, alcohol, gambling
11. MODERN HACKER • 99% of hackers fail in their carriers • On a run from the law • On a run from competition • On a run from street gangs
12. HACKERS VIEW OF US • War of stereotypes “I’m fighting a holy war against the West… They drive their Rolls Royces and go home to their million-dollar houses, while people here are struggling. I will never harm my fellow Slavs; but America, Europe, and Australia deserve it.” - aqua (jabberzeus)
13. LEARNING FROM EXPERIENCE • Target Breach 2013 • CyberVor Breach 2013-2014 • Sony Pictures Breach 2014 • Anthem Breach 2014-2015
14. TARGET BREACH • Hackers learned from their bad experience with BlackPOS with Verifone POS attempted breach in Russia (Feb-Mar 2013) • Breach planned for several months • Botnet breach of a vendor • A week before the Black Friday – extensive testing • Two weeks of data collection before putting the data up for sale
15. TARGET BREACH • Kartoxa POS Malware author - Rinat Shabaev was looking for a regular job programming, asking for about $12 / hour • After failing to find any significant project he turns to hacker community who use his skills write malware
16. THE CYBERVOR BREACH • Spam • Credentials • Distribution • 1.2 billion credential breach from 420,000 websites (CyberVor) • Credential attack for hire • Spam via email and social media • Travel Scams • Financial Services • Moderate profits
17. DEFENSE 101 • Understand your enemy • Emerging patterns • Hackers types • Hackers business models
18. Common vectors Viruses 0-day vulnerabilities Heartbleed Shellshock SQL injection Stolen/re-used credentials DEFENSE 101 (CONT’D)
19. ADVISE - QUANTITATIVE ANALYSIS • Sony breach lessons • How much of your data is transferred? • What is normal? What is not? • Learn to look at statistics 17
20. ADVICE - HONEYPOTS Honeypots are not only systems •Components •Credentials •Features 18
21. DEFENSE 101 (CONT’D) • Regulatory Security • Why is it important • Real-World Security • Why it is essential
22. REGULATORY SECURITY
23. REAL WORLD SECURITY ?b=0 or 1=1--?b=0 or 1=2--?b=0 or 1=a--
24. BREACHES • You have been breached already • Look for your data •Surface Web •Deep Web •Dark Web
25. SECURITY - MATURITY MODEL
26. HOLD SECURITY, LLC Copyright 2015 THANK YOU A L E X H O L D E N – A H O L D E N @ H O L D S E C U R I T Y . C O M
27. Watch the video with slide synchronization on InfoQ.com! http://www.infoq.com/presentations/hackers- threat-defense
Alex Holden examines hackers’ techniques, skills, and shortfalls. He takes a snapshot of the current threat landscape and derives practical lessons by ...
Presentation: Real threat and real defenses – Case study of the unknown
... we will examine the nature of sophisticated threats and the state of defenses ... A real-world case study ... previously unknown ...
... processed data to real time ... Threat Modeling Content on InfoQ. Presentations. 50:41. Real Threat and Real Defenses – Case Study of the Unknown ...
case study | Cybereason ... Real Life Case Study ... to discover and shut down an advanced persistent threat that had penetrated its defenses nearly a ...
Real-Time Information Fusion: A Case Study Advisor: ... of continuous monitoring and other top defenses for ... 5 www.sans.org/reading_room/analysts ...
CASE-STUDY E -BOOK Data Security ... in the Age of Advanced Cyber Threats Real-World ... the healthcare industry that the threat of a major data breach is ...
Organizations require an intelligent approach to protecting their critical ... coordinated defenses — in this case, ... Real-Time Threat Intelligence ...
... can enhance your system defenses by enabling you to ... Case Study 1: The New and Unknown Targeted Attack. Case Study 2: The Insider Threat. Case Study ...