SlideShare uma empresa Scribd logo

Cyber Security Emerging Threats

Transferir como PPT, PDF
I
isc2dfw

Mike Saylor's Briefing to the Dallas-Fort Worth Chapter

Tecnologia
1 de 42
Cyber Security Current Trends & Emerging Threats Michael Saylor | Executive Director Cyber Defense Labs Page 1
Michael (Mike) Saylor, CISM, CISA • 19 years of IT security and Cyber investigations • Incident Response, Fraud Investigations, Digital Forensics • Executive Director for Cyber Defense Labs at UT Dallas • President Emeritus for the North Texas FBI Infragard • Cyber Crime Committee Member for the North Texas Crime Commission • CIO for the Texas Credit Union League • Professor of Cyber Security for Collin College • B.S. in Information Systems, and Masters Criminal Justice • Worked with local and federal law enforcement on high profile cases Page 2
Recent Trends Industry Analysis (2012-2013) Continuing and Emerging Threats Continued Convergence Drugs, Crime, and Terrorism Enterprise Best Practices Page 3
Recent Trends Most attacks in 2013 had both web, and social engineering components, but there was also a dramatic rise in politically motivated DDoS attacks. • Mobile Devices and Mobile Applications • Hacktivism / Cyber Protests (Defacement, DDoS) • Advanced Persistent Threat (APT) • Lures Social Engineering & Social Media Search Engine Optimization Poisoning Spam and Spear Phishing Page 4
Mobile Devices • 6.8 Billion Mobile Subscribers on the Planet 96% of the population • Mobile Apps increasingly rely on a Internet browser • AppStores have poor patch management and Q/A • Mobile anti-malware solutions immature • 51% of users circumvent or disable device passwords & security controls • Growing number of malicious mobile applications and mobile exploitation Page 5
Mobile Devices Recent attacks include: • Mobile based DDoS tools (MDDoS) • Scrapping apps, looking for sensitive data on device. • SMShing – SMS texts asking for bank credentials / PIN, or to call 800 number • Trojan / Malware – PC malware transferred from phones that are charging. Page 6
Mobile Devices Page 7
Recent Trends • Malicious Android Apps up 580% (28k) • Location Services? • Mobile Threats will impact your organization – eventually! • CEO’s Phone? Page 8
Malware 82% of malware sites are hosted on compromised systems 55% of data-stealing malware is web-based Page 9
Hacktivism / Cyber Protests • Attacks in Response to Geo-Political issues • Objectives are primarily to disrupt and / or voice the views of a particular group. – Website defacements – Denial of Service attacks (US / Israeli Banks / Government, business sites) – Automated exploit attempts • The Syrian Electronic Army (SEA), hacked API news and planted a false story about Obama being injured in a bombing attack on the Whitehouse and drove the stock market down over 200 points in a few seconds. Page 10
Hacktivism / Cyber Protests Page 11
Techniques Page 12
Countries Top Ten Hacking Countries, by Attack Traffic % 1. China 41 percent (of the world's attack traffic) 2. U.S. 10 percent 3. Turkey 4.7 percent 4. Russia 4.3 percent 5. Taiwan 3.7 percent 6. Brazil 3.3 percent 7. Romania 2.8 percent 8. India 2.3 percent 9. Italy 1.6 percent 10. Hungary 1.4 percent Page 13
Countries Page 14
Advanced Persistent Threats Any computer system connected to a communications medium will be compromised given enough time and the appropriate resources. 80% of attacks in 2013 required multi-stage defenses for protection. APT Attacks use: -Highly Customized Tools and Intrusion Techniques -Stealthy, Patient attack methods to reduce detection -Focus on high value targets (Mil, Pol, Eco, Intel) -Well funded & staffed, supported by Mil or State Intel -Organizations are targeted for strategic importance Page 15
APT APT Attackers worked with BotNet operators to determine if target systems have already been compromised. Use of polymorphic code that manifests differently on each system it infects. Cyber Criminals are becoming Information Brokers as a result of their Industrial Espionage schemes. Page 16
APT – Distribution of Targets Page 17
“A Thousand Grains of Sand…” The Chinese continue to follow the ancient book, "The Art of War,“ which advises the commission of espionage by "a thousand grains of sand"; meaning obtaining small but innumerable pieces of information by vast numbers of people acting as armies of spies sent against the enemy. This recruitment usually translates to ethnic, 1st generation Chinese immigrants with cultural and familial ties to China. The Chinese government then reciprocates by helping their part-time spies create or proceed with commercial or business ventures in the United States. This is called guanxi (goowongsee). As a result, the Chinese coordinators do not offer money, and they do not accept walk-in cases, which may turn out to be "dangles" (double agents). Most espionage activities are coordinated by the Ministry of State Security (MSS) or the military intelligence arm of the People's Liberation Army (PLA). Dave Wise, Espionage Author Page 18
Espionage • Mandiant’s 2013 report on the Chinese (APT1) attacks on 141 organizations since 2006 (115 were in the U.S.). • The report presents substantial evidence of Chinese sponsored activities, including photos, forensics, communications, and profiles. • Soon after Mandiant’s report, the U.S. government publishes a 140 page strategy to combat the theft of U.S. trade secrets • The U.S. government initially attempted to halt the attacks on U.S. organizations, but soon resorted to asking China to please stop stealing our stuff. • China’s response to the Mandiant report was that it was “unprofessional” to publish and make such claims. Page 19
Espionage • According to the U.S. Justice Department, of 20 cases of economic espionage and trade secret criminal cases from January 2009 to January 2013, 16 involved Chinese nationals; i.e. organizations hired foreign nationals to work on national security level projects (DuPont, NASA, Google, Intel, DoD, etc.) • 63% of impacted organizations learn they were breached from an external source, like law enforcement. • Organizations are being targeted by more than one attack group, sometimes in succession. In 2012, 38% of targets were attacked again after the original incident was remediated, lodging more than one thousand attempts to regain entry to former victims. • Feb 2013 report (Akamai) shows that 30% of all observed attacks came from China and 13% originated from within the U.S. March 2013 report (Solutionary) states that the majority of attacks on the U.S. are now originating in the U.S. Page 20
Espionage Page 21
Espionage Page 22
Exploit Toolkits & Malware • In 2013, Exploit Toolkits cost between $40 and $4k • The Malware that likely compromised Target’s POS system, cost less than $3,000. • 61% of all malware is based on pre-existing toolkits; upgrades keep them current and provide additional capabilities (“Value”) • Toolkits used for Targeted Attacks can create custom Blog entries, emails, IMs, & web site templates to entice targets toward malicious links / content. (Blackhole >100k/day) Page 23
Exploit Toolkits & Malware • Traditional Attacks were loud, high volume attacks typically stopped by threat monitoring tools • Today’s sniper attacks use specific exploits to get clear shots at the objective • The convergence of Social Engineering, Social Profiling, and Geo-Location improve attack success • Rogue software (anti-virus, registry cleaner, machine speed improvement, backup software, etc) – Increase in MAC Malware (MAC Defender) – +50% attacks on Social Media sites were Malware Page 24
Lures Several attacks in 2013 were conducted by luring victims to accept malware or follow a link to an infected site. 4% of all email contained a Malware or a link to and infected site. There are 6 stages of the attack: Page 25
Lures Page 26
Lures – Facebook Specific • Typo-Squatting • Fake Facebook Applications • Hidden Camera Video Lure • Celebrity Deaths • Fake Offers & Gifts • Browser Plugin Scams • Fake Profile Creeper • Blog Spam Attack Page 27
Search Engine Poisoning 2013 saw an increase in malware infections as a result of SEP. • Hackers crawling current news headlines, creating related malicious sites and conducting SEP • Google Images – links to source photo • Using web analytics to determine what people are searching for Page 28
Top Social Engineering Lures Page 29
SPAM 2013 SPAM Results • Spam is at 69% of all global email • Phishing attacks are 1 in every 414 emails • Email that contained a virus were 1 in every 291 • Top Industries Attacked: Manufacturing, Financial, Services, Government, Energy • Top Recipients Attacked: R&D, Sales, C-Suite, Shared Mailbox Page 30
Phishing • 639 Unique Brands were target by Phishing in Q2’13 Page 31
Emerging Threats Page 32
Emerging Threats • Mobile Internet will continue to increase as it eventually takes the place of desktop Internet. • The illegal drug organizations are looking to Cyber Crime to facilitate their business and expand their operations. Your organization could be infiltrated by an insider, socially engineered for identities and social profiles, and Crypto-Locker from ransomeware. potentially held hostage with Russia is • one of the current Threats increase Localized Nation State attacks on U.S. Page 33
Emerging Threats Terrorists are expected to continue to expand their technical capabilities which may lead to an increase in cyber crime and cyber terrorism. • Domestic groups funded by foreign States to conduct US-based attacks • Cyber crime as a funding vehicle for Terrorism • Cyber as a facilitator / component for a Terrorist attack (Effects-Based Operations) Page 34
Emerging Threats • Malware embedded at the hardware / chip level of consumer products will continue to increase. • Targeted Attacks and APT will continue to increase in number and sophistication. • Sophistication from APT attacks will trickle down to black market malware toolkits. • Mobile Phone attacks will increase in volume and type • Insider Threat will continue to grow as new technology is introduced, especially non-company devices • Thwarting attacks will require multi-stage defenses Page 35
Emerging Threats • Attackers are increasingly using outsourced service providers (HR, Procurement, IT, Finance, etc.) as a means to gain access to their victims. • Attackers are using comprehensive reconnaissance (network, physical, social) to help navigate victims’ organization and networks more effectively (e.g. network infrastructure, system administration guides, etc.) • The use of “Black Hats for Hire” will grow to support the organizational foot soldiers of Nation State actors. Ic3Br3ak3r223:“im not an Anon just to be clear on that, im an independent for black market…: im a destroyer i dont build anything i only take it apart…I get payed or they pay again and again” (Hacked: MIT, Harvard, CIA Web Pages, Israeli Military Emails, Pentagon Emails and Axis Security camera around the world. ) Page 36
Emerging Threats Network Attacks Web Sites Cloud Provider / Vendor NETWORK Company Data DMZ Social Engineering Phone Calls INTERNAL NETWORK Mobile Device / Media CORE SYSTEMS APT Internet Use Physical Security Breach Wireless Home Networks Malware Internet WORMS Virus PERIMETER Emails Social Engineering Social Networking Remote Users Network Attacks Physical Breach Wireless Malware Networks Phishing Insiders Worms Virus Malware Page 37
Emerging Threats • Growth of the Dark Web / Tor Network – Law Enforcement has little understanding of these “off the web” networks, how to access them, and the types of activities being conducted there, including: • • • • • CrimeWare Child Pornography Trafficking of Drugs, Weapons, Humans Child Exploitation Sex Tourism – Without LE involvement and understanding in these networks, criminal activity will grow and evolve, and outpace legislative and procedural response to these crimes. Page 38
Emerging Threats • Sophistication of “Call-Home” tactics of Malware will continue to grow, including the use of Twitter, DNS, VoIP, and other open communication channels for command and control. • Recent and emerging Ransomeware and Crimeware receive updates / patches and can be armed with various modules. • Your Social Media Identity is or soon will be valued greater than your Credit Cards. Page 39
Best Practice Guidelines User Education and Awareness and Education and Awareness Containment is the new Prevention….Compromise is inevitable Monitoring Network, Vulnerabilities, and Brand Anti-Virus, Anti-Malware, Device Control Encryption (Would have helped Target) Data Loss Prevention & Monitoring Removable Media Policy Mobile Device Policy Frequent Risk-Based Security Assessments and Updates Aggressive Patching and Software Polling Incident Response Procedures Page 40 Social Media / Social Networking Policy
References Global mobile statistics 2013, mobithinking.com 2013 Mandiant Report – February 2013 Securelist 2013 Hackmageddon 2013 Government Technology 2013 Kaspersky Labs report on Red October 2013 Symantec Intelligence Reports 2013 Bit9 Cyber Security Report 2012 Georgia Tech - Emerging Cyber Threats Report 2012 WebSense Threat Report 2012 TrendLabs – Security in the Age of Mobility 2012 LookOut Mobile Security Report 2012 Breakthrough Silicon Scanning Discovers Backdoor, University of Cambridge 2012 Tiger Trap, David Wise, 2012 TrendMicro, Peter the Great versus Sun Tzu, 2012 Page 41
Questions / Contact Info Questions? Mike Saylor | Cyber Defense Labs Msaylor@CyberDefenseLabs.org 972-454-0227 Terry Quan | Cyber Defense Labs TQuan@CyberDefenseLabs.org 214-563-5235 Page 42

Recomendados

Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to CybersecurityKrutarth Vasavada
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityNcell
 
NIST cybersecurity framework
NIST cybersecurity frameworkNIST cybersecurity framework
NIST cybersecurity frameworkShriya Rai
 
SIEM and Threat Hunting
SIEM and Threat HuntingSIEM and Threat Hunting
SIEM and Threat Huntingn|u - The Open Security Community
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityANGIEPAEZ304
 
National Cybersecurity - Roadmap and Action Plan
National Cybersecurity - Roadmap and Action PlanNational Cybersecurity - Roadmap and Action Plan
National Cybersecurity - Roadmap and Action PlanDr David Probert
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityA. Shamel
 
AI and the Impact on Cybersecurity
AI and the Impact on CybersecurityAI and the Impact on Cybersecurity
AI and the Impact on CybersecurityGraham Mann
 

Recomendados

Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to CybersecurityKrutarth Vasavada
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityNcell
 
NIST cybersecurity framework
NIST cybersecurity frameworkNIST cybersecurity framework
NIST cybersecurity frameworkShriya Rai
 
SIEM and Threat Hunting
SIEM and Threat HuntingSIEM and Threat Hunting
SIEM and Threat Huntingn|u - The Open Security Community
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityANGIEPAEZ304
 
National Cybersecurity - Roadmap and Action Plan
National Cybersecurity - Roadmap and Action PlanNational Cybersecurity - Roadmap and Action Plan
National Cybersecurity - Roadmap and Action PlanDr David Probert
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityA. Shamel
 
AI and the Impact on Cybersecurity
AI and the Impact on CybersecurityAI and the Impact on Cybersecurity
AI and the Impact on CybersecurityGraham Mann
 
SOC: Use cases and are we asking the right questions?
SOC: Use cases and are we asking the right questions?SOC: Use cases and are we asking the right questions?
SOC: Use cases and are we asking the right questions?Jonathan Sinclair
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1Priyanka Aash
 
Cyber security
Cyber securityCyber security
Cyber securitymanoj duli
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Edureka!
 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptOoXair
 
Security of IOT,OT And IT.pptx
Security of IOT,OT And IT.pptxSecurity of IOT,OT And IT.pptx
Security of IOT,OT And IT.pptxMohanPandey31
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)Ahmed Ayman
 
mobile application security
mobile application securitymobile application security
mobile application security-jyothish kumar sirigidi
 
Security Awareness Training by Fortinet
Security Awareness Training by FortinetSecurity Awareness Training by Fortinet
Security Awareness Training by FortinetAtlantic Training, LLC.
 
Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application Securitycclark_isec
 
Building an Analytics - Enabled SOC Breakout Session
Building an Analytics - Enabled SOC Breakout Session Building an Analytics - Enabled SOC Breakout Session
Building an Analytics - Enabled SOC Breakout Session Splunk
 
Global Cyber Threat Intelligence
Global Cyber Threat IntelligenceGlobal Cyber Threat Intelligence
Global Cyber Threat IntelligenceNTT Innovation Institute Inc.
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscapeyohansurya2
 
Cyber Threat Intelligence Integration Center -- ONDI
Cyber Threat Intelligence Integration Center -- ONDICyber Threat Intelligence Integration Center -- ONDI
Cyber Threat Intelligence Integration Center -- ONDIDavid Sweigert
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewTandhy Simanjuntak
 
Security operations center 5 security controls
Security operations center 5 security controls Security operations center 5 security controls
Security operations center 5 security controlsAlienVault
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)Ahmad Haghighi
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Edureka!
 
Cyber Threat Intelligence: Who is Targeting your Information?
Cyber Threat Intelligence: Who is Targeting your Information? Cyber Threat Intelligence: Who is Targeting your Information?
Cyber Threat Intelligence: Who is Targeting your Information? Control Risks
 
Using IOCs to Design and Control Threat Activities During a Red Team Engagement
Using IOCs to Design and Control Threat Activities During a Red Team EngagementUsing IOCs to Design and Control Threat Activities During a Red Team Engagement
Using IOCs to Design and Control Threat Activities During a Red Team EngagementJoe Vest
 
Emerging Threats - The State of Cyber Security
Emerging Threats - The State of Cyber SecurityEmerging Threats - The State of Cyber Security
Emerging Threats - The State of Cyber SecurityCisco Canada
 
Emerging Threats and Attack Surfaces
Emerging Threats and Attack SurfacesEmerging Threats and Attack Surfaces
Emerging Threats and Attack SurfacesPeter Wood
 

Mais conteúdo relacionado

Mais procurados

SOC: Use cases and are we asking the right questions?
SOC: Use cases and are we asking the right questions?SOC: Use cases and are we asking the right questions?
SOC: Use cases and are we asking the right questions?Jonathan Sinclair
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1Priyanka Aash
 
Cyber security
Cyber securityCyber security
Cyber securitymanoj duli
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Edureka!
 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptOoXair
 
Security of IOT,OT And IT.pptx
Security of IOT,OT And IT.pptxSecurity of IOT,OT And IT.pptx
Security of IOT,OT And IT.pptxMohanPandey31
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)Ahmed Ayman
 
Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application Securitycclark_isec
 
Building an Analytics - Enabled SOC Breakout Session
Building an Analytics - Enabled SOC Breakout Session Building an Analytics - Enabled SOC Breakout Session
Building an Analytics - Enabled SOC Breakout Session Splunk
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscapeyohansurya2
 
Cyber Threat Intelligence Integration Center -- ONDI
Cyber Threat Intelligence Integration Center -- ONDICyber Threat Intelligence Integration Center -- ONDI
Cyber Threat Intelligence Integration Center -- ONDIDavid Sweigert
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewTandhy Simanjuntak
 
Security operations center 5 security controls
Security operations center 5 security controls Security operations center 5 security controls
Security operations center 5 security controlsAlienVault
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)Ahmad Haghighi
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Edureka!
 
Cyber Threat Intelligence: Who is Targeting your Information?
Cyber Threat Intelligence: Who is Targeting your Information? Cyber Threat Intelligence: Who is Targeting your Information?
Cyber Threat Intelligence: Who is Targeting your Information? Control Risks
 
Using IOCs to Design and Control Threat Activities During a Red Team Engagement
Using IOCs to Design and Control Threat Activities During a Red Team EngagementUsing IOCs to Design and Control Threat Activities During a Red Team Engagement
Using IOCs to Design and Control Threat Activities During a Red Team EngagementJoe Vest
 

Mais procurados (20)

SOC: Use cases and are we asking the right questions?
SOC: Use cases and are we asking the right questions?SOC: Use cases and are we asking the right questions?
SOC: Use cases and are we asking the right questions?
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1
 
Cyber security
Cyber securityCyber security
Cyber security
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...
 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.ppt
 
Security of IOT,OT And IT.pptx
Security of IOT,OT And IT.pptxSecurity of IOT,OT And IT.pptx
Security of IOT,OT And IT.pptx
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)
 
mobile application security
mobile application securitymobile application security
mobile application security
 
Security Awareness Training by Fortinet
Security Awareness Training by FortinetSecurity Awareness Training by Fortinet
Security Awareness Training by Fortinet
 
Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application Security
 
Building an Analytics - Enabled SOC Breakout Session
Building an Analytics - Enabled SOC Breakout Session Building an Analytics - Enabled SOC Breakout Session
Building an Analytics - Enabled SOC Breakout Session
 
Global Cyber Threat Intelligence
Global Cyber Threat IntelligenceGlobal Cyber Threat Intelligence
Global Cyber Threat Intelligence
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscape
 
Cyber Threat Intelligence Integration Center -- ONDI
Cyber Threat Intelligence Integration Center -- ONDICyber Threat Intelligence Integration Center -- ONDI
Cyber Threat Intelligence Integration Center -- ONDI
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An Overview
 
Security operations center 5 security controls
Security operations center 5 security controls Security operations center 5 security controls
Security operations center 5 security controls
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
 
Cyber Threat Intelligence: Who is Targeting your Information?
Cyber Threat Intelligence: Who is Targeting your Information? Cyber Threat Intelligence: Who is Targeting your Information?
Cyber Threat Intelligence: Who is Targeting your Information?
 
Using IOCs to Design and Control Threat Activities During a Red Team Engagement
Using IOCs to Design and Control Threat Activities During a Red Team EngagementUsing IOCs to Design and Control Threat Activities During a Red Team Engagement
Using IOCs to Design and Control Threat Activities During a Red Team Engagement
 

Destaque

Emerging Threats - The State of Cyber Security
Emerging Threats - The State of Cyber SecurityEmerging Threats - The State of Cyber Security
Emerging Threats - The State of Cyber SecurityCisco Canada
 
Emerging Threats and Attack Surfaces
Emerging Threats and Attack SurfacesEmerging Threats and Attack Surfaces
Emerging Threats and Attack SurfacesPeter Wood
 
Emerging threats of cyberterrorism
Emerging threats of cyberterrorismEmerging threats of cyberterrorism
Emerging threats of cyberterrorismNishith Pandit
 
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...North Texas Chapter of the ISSA
 
Ransomware and Emerging Cyber Threats: Why It's More Than Just An IT Problem ...
Ransomware and Emerging Cyber Threats: Why It's More Than Just An IT Problem ...Ransomware and Emerging Cyber Threats: Why It's More Than Just An IT Problem ...
Ransomware and Emerging Cyber Threats: Why It's More Than Just An IT Problem ...Steve Fantauzzo
 
Current & Emerging Cyber Security Threats
Current & Emerging Cyber Security ThreatsCurrent & Emerging Cyber Security Threats
Current & Emerging Cyber Security ThreatsNCC Group
 
Cyber security presentation
Cyber security presentationCyber security presentation
Cyber security presentationBijay Bhandari
 
Cloud computing security from single to multiple
Cloud computing security from single to multipleCloud computing security from single to multiple
Cloud computing security from single to multipleKiran Kumar
 
Research and Development
Research and DevelopmentResearch and Development
Research and DevelopmentShameem Ali
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security pptLipsita Behera
 

Destaque (10)

Emerging Threats - The State of Cyber Security
Emerging Threats - The State of Cyber SecurityEmerging Threats - The State of Cyber Security
Emerging Threats - The State of Cyber Security
 
Emerging Threats and Attack Surfaces
Emerging Threats and Attack SurfacesEmerging Threats and Attack Surfaces
Emerging Threats and Attack Surfaces
 
Emerging threats of cyberterrorism
Emerging threats of cyberterrorismEmerging threats of cyberterrorism
Emerging threats of cyberterrorism
 
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
Luncheon 2016-01-21 - Emerging Threats and Strategies for Defense by Paul Fle...
 
Ransomware and Emerging Cyber Threats: Why It's More Than Just An IT Problem ...
Ransomware and Emerging Cyber Threats: Why It's More Than Just An IT Problem ...Ransomware and Emerging Cyber Threats: Why It's More Than Just An IT Problem ...
Ransomware and Emerging Cyber Threats: Why It's More Than Just An IT Problem ...
 
Current & Emerging Cyber Security Threats
Current & Emerging Cyber Security ThreatsCurrent & Emerging Cyber Security Threats
Current & Emerging Cyber Security Threats
 
Cyber security presentation
Cyber security presentationCyber security presentation
Cyber security presentation
 
Cloud computing security from single to multiple
Cloud computing security from single to multipleCloud computing security from single to multiple
Cloud computing security from single to multiple
 
Research and Development
Research and DevelopmentResearch and Development
Research and Development
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security ppt
 

Semelhante a Cyber Security Emerging Threats

Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...Chuck Brooks
 
Cybersecurity Awareness- Libya' 1st Cybersecurity Days Conference (CDC)
Cybersecurity Awareness- Libya' 1st Cybersecurity Days Conference (CDC)Cybersecurity Awareness- Libya' 1st Cybersecurity Days Conference (CDC)
Cybersecurity Awareness- Libya' 1st Cybersecurity Days Conference (CDC)Esam Abulkhirat
 
Cyber crime: A Quick Survey
Cyber crime: A Quick SurveyCyber crime: A Quick Survey
Cyber crime: A Quick SurveyArindam Sarkar
 
7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bankshreemala1
 
Cyber warfare ss
Cyber warfare ssCyber warfare ss
Cyber warfare ssMaira Asif
 
Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...
Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...
Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...David Sweigert
 
Types of Cyber Threats By Dr.S.Jagadeesh Kumar
Types of Cyber Threats By Dr.S.Jagadeesh KumarTypes of Cyber Threats By Dr.S.Jagadeesh Kumar
Types of Cyber Threats By Dr.S.Jagadeesh KumarDr.S.Jagadeesh Kumar
 
SANSFIRE - Elections, Deceptions and Political Breaches
SANSFIRE - Elections, Deceptions and Political BreachesSANSFIRE - Elections, Deceptions and Political Breaches
SANSFIRE - Elections, Deceptions and Political BreachesJohn Bambenek
 
A Survey On Cyber Crime Information Security
A Survey On Cyber Crime Information SecurityA Survey On Cyber Crime Information Security
A Survey On Cyber Crime Information SecurityMichele Thomas
 
The Social Takeover
The Social TakeoverThe Social Takeover
The Social TakeoverZeroFOX
 
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and AfraidAECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and AfraidPhil Agcaoili
 
Running headEMERGING THREATS AND COUNTERMEASURES .docx
Running headEMERGING THREATS AND COUNTERMEASURES .docxRunning headEMERGING THREATS AND COUNTERMEASURES .docx
Running headEMERGING THREATS AND COUNTERMEASURES .docxrtodd599
 
Francesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber securityFrancesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber securityAndrea Rossetti
 
Cybercrime: A Seminar Report
Cybercrime: A Seminar ReportCybercrime: A Seminar Report
Cybercrime: A Seminar ReportArindam Sarkar
 
Advancing Women in Cyber Security Careers - A National Priority
Advancing Women in Cyber Security Careers - A National PriorityAdvancing Women in Cyber Security Careers - A National Priority
Advancing Women in Cyber Security Careers - A National PriorityCareer Communications Group
 

Semelhante a Cyber Security Emerging Threats (20)

Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...
 
Cybersecurity Awareness- Libya' 1st Cybersecurity Days Conference (CDC)
Cybersecurity Awareness- Libya' 1st Cybersecurity Days Conference (CDC)Cybersecurity Awareness- Libya' 1st Cybersecurity Days Conference (CDC)
Cybersecurity Awareness- Libya' 1st Cybersecurity Days Conference (CDC)
 
Cyber crime: A Quick Survey
Cyber crime: A Quick SurveyCyber crime: A Quick Survey
Cyber crime: A Quick Survey
 
Cyber Wars.pptx
Cyber Wars.pptxCyber Wars.pptx
Cyber Wars.pptx
 
7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank
 
Cyber warfare ss
Cyber warfare ssCyber warfare ss
Cyber warfare ss
 
Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...
Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...
Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...
 
Brooks18
Brooks18Brooks18
Brooks18
 
Types of Cyber Threats By Dr.S.Jagadeesh Kumar
Types of Cyber Threats By Dr.S.Jagadeesh KumarTypes of Cyber Threats By Dr.S.Jagadeesh Kumar
Types of Cyber Threats By Dr.S.Jagadeesh Kumar
 
SANSFIRE - Elections, Deceptions and Political Breaches
SANSFIRE - Elections, Deceptions and Political BreachesSANSFIRE - Elections, Deceptions and Political Breaches
SANSFIRE - Elections, Deceptions and Political Breaches
 
A Survey On Cyber Crime Information Security
A Survey On Cyber Crime Information SecurityA Survey On Cyber Crime Information Security
A Survey On Cyber Crime Information Security
 
The Social Takeover
The Social TakeoverThe Social Takeover
The Social Takeover
 
Cyber Crimes.pptx
Cyber Crimes.pptxCyber Crimes.pptx
Cyber Crimes.pptx
 
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and AfraidAECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
 
Running headEMERGING THREATS AND COUNTERMEASURES .docx
Running headEMERGING THREATS AND COUNTERMEASURES .docxRunning headEMERGING THREATS AND COUNTERMEASURES .docx
Running headEMERGING THREATS AND COUNTERMEASURES .docx
 
Francesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber securityFrancesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber security
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 
Cybercrime: A Seminar Report
Cybercrime: A Seminar ReportCybercrime: A Seminar Report
Cybercrime: A Seminar Report
 
28658043 cyber-terrorism
28658043 cyber-terrorism28658043 cyber-terrorism
28658043 cyber-terrorism
 
Advancing Women in Cyber Security Careers - A National Priority
Advancing Women in Cyber Security Careers - A National PriorityAdvancing Women in Cyber Security Careers - A National Priority
Advancing Women in Cyber Security Careers - A National Priority
 

Último

Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 

Último (20)

Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 

Cyber Security Emerging Threats

  • 1. Cyber Security Current Trends & Emerging Threats Michael Saylor | Executive Director Cyber Defense Labs Page 1
  • 2. Michael (Mike) Saylor, CISM, CISA • 19 years of IT security and Cyber investigations • Incident Response, Fraud Investigations, Digital Forensics • Executive Director for Cyber Defense Labs at UT Dallas • President Emeritus for the North Texas FBI Infragard • Cyber Crime Committee Member for the North Texas Crime Commission • CIO for the Texas Credit Union League • Professor of Cyber Security for Collin College • B.S. in Information Systems, and Masters Criminal Justice • Worked with local and federal law enforcement on high profile cases Page 2
  • 3. Recent Trends Industry Analysis (2012-2013) Continuing and Emerging Threats Continued Convergence Drugs, Crime, and Terrorism Enterprise Best Practices Page 3
  • 4. Recent Trends Most attacks in 2013 had both web, and social engineering components, but there was also a dramatic rise in politically motivated DDoS attacks. • Mobile Devices and Mobile Applications • Hacktivism / Cyber Protests (Defacement, DDoS) • Advanced Persistent Threat (APT) • Lures Social Engineering & Social Media Search Engine Optimization Poisoning Spam and Spear Phishing Page 4
  • 5. Mobile Devices • 6.8 Billion Mobile Subscribers on the Planet 96% of the population • Mobile Apps increasingly rely on a Internet browser • AppStores have poor patch management and Q/A • Mobile anti-malware solutions immature • 51% of users circumvent or disable device passwords & security controls • Growing number of malicious mobile applications and mobile exploitation Page 5
  • 6. Mobile Devices Recent attacks include: • Mobile based DDoS tools (MDDoS) • Scrapping apps, looking for sensitive data on device. • SMShing – SMS texts asking for bank credentials / PIN, or to call 800 number • Trojan / Malware – PC malware transferred from phones that are charging. Page 6
  • 8. Recent Trends • Malicious Android Apps up 580% (28k) • Location Services? • Mobile Threats will impact your organization – eventually! • CEO’s Phone? Page 8
  • 9. Malware 82% of malware sites are hosted on compromised systems 55% of data-stealing malware is web-based Page 9
  • 10. Hacktivism / Cyber Protests • Attacks in Response to Geo-Political issues • Objectives are primarily to disrupt and / or voice the views of a particular group. – Website defacements – Denial of Service attacks (US / Israeli Banks / Government, business sites) – Automated exploit attempts • The Syrian Electronic Army (SEA), hacked API news and planted a false story about Obama being injured in a bombing attack on the Whitehouse and drove the stock market down over 200 points in a few seconds. Page 10
  • 11. Hacktivism / Cyber Protests Page 11
  • 13. Countries Top Ten Hacking Countries, by Attack Traffic % 1. China 41 percent (of the world's attack traffic) 2. U.S. 10 percent 3. Turkey 4.7 percent 4. Russia 4.3 percent 5. Taiwan 3.7 percent 6. Brazil 3.3 percent 7. Romania 2.8 percent 8. India 2.3 percent 9. Italy 1.6 percent 10. Hungary 1.4 percent Page 13
  • 15. Advanced Persistent Threats Any computer system connected to a communications medium will be compromised given enough time and the appropriate resources. 80% of attacks in 2013 required multi-stage defenses for protection. APT Attacks use: -Highly Customized Tools and Intrusion Techniques -Stealthy, Patient attack methods to reduce detection -Focus on high value targets (Mil, Pol, Eco, Intel) -Well funded & staffed, supported by Mil or State Intel -Organizations are targeted for strategic importance Page 15
  • 16. APT APT Attackers worked with BotNet operators to determine if target systems have already been compromised. Use of polymorphic code that manifests differently on each system it infects. Cyber Criminals are becoming Information Brokers as a result of their Industrial Espionage schemes. Page 16
  • 17. APT – Distribution of Targets Page 17
  • 18. “A Thousand Grains of Sand…” The Chinese continue to follow the ancient book, "The Art of War,“ which advises the commission of espionage by "a thousand grains of sand"; meaning obtaining small but innumerable pieces of information by vast numbers of people acting as armies of spies sent against the enemy. This recruitment usually translates to ethnic, 1st generation Chinese immigrants with cultural and familial ties to China. The Chinese government then reciprocates by helping their part-time spies create or proceed with commercial or business ventures in the United States. This is called guanxi (goowongsee). As a result, the Chinese coordinators do not offer money, and they do not accept walk-in cases, which may turn out to be "dangles" (double agents). Most espionage activities are coordinated by the Ministry of State Security (MSS) or the military intelligence arm of the People's Liberation Army (PLA). Dave Wise, Espionage Author Page 18
  • 19. Espionage • Mandiant’s 2013 report on the Chinese (APT1) attacks on 141 organizations since 2006 (115 were in the U.S.). • The report presents substantial evidence of Chinese sponsored activities, including photos, forensics, communications, and profiles. • Soon after Mandiant’s report, the U.S. government publishes a 140 page strategy to combat the theft of U.S. trade secrets • The U.S. government initially attempted to halt the attacks on U.S. organizations, but soon resorted to asking China to please stop stealing our stuff. • China’s response to the Mandiant report was that it was “unprofessional” to publish and make such claims. Page 19
  • 20. Espionage • According to the U.S. Justice Department, of 20 cases of economic espionage and trade secret criminal cases from January 2009 to January 2013, 16 involved Chinese nationals; i.e. organizations hired foreign nationals to work on national security level projects (DuPont, NASA, Google, Intel, DoD, etc.) • 63% of impacted organizations learn they were breached from an external source, like law enforcement. • Organizations are being targeted by more than one attack group, sometimes in succession. In 2012, 38% of targets were attacked again after the original incident was remediated, lodging more than one thousand attempts to regain entry to former victims. • Feb 2013 report (Akamai) shows that 30% of all observed attacks came from China and 13% originated from within the U.S. March 2013 report (Solutionary) states that the majority of attacks on the U.S. are now originating in the U.S. Page 20
  • 23. Exploit Toolkits & Malware • In 2013, Exploit Toolkits cost between $40 and $4k • The Malware that likely compromised Target’s POS system, cost less than $3,000. • 61% of all malware is based on pre-existing toolkits; upgrades keep them current and provide additional capabilities (“Value”) • Toolkits used for Targeted Attacks can create custom Blog entries, emails, IMs, & web site templates to entice targets toward malicious links / content. (Blackhole >100k/day) Page 23
  • 24. Exploit Toolkits & Malware • Traditional Attacks were loud, high volume attacks typically stopped by threat monitoring tools • Today’s sniper attacks use specific exploits to get clear shots at the objective • The convergence of Social Engineering, Social Profiling, and Geo-Location improve attack success • Rogue software (anti-virus, registry cleaner, machine speed improvement, backup software, etc) – Increase in MAC Malware (MAC Defender) – +50% attacks on Social Media sites were Malware Page 24
  • 25. Lures Several attacks in 2013 were conducted by luring victims to accept malware or follow a link to an infected site. 4% of all email contained a Malware or a link to and infected site. There are 6 stages of the attack: Page 25
  • 27. Lures – Facebook Specific • Typo-Squatting • Fake Facebook Applications • Hidden Camera Video Lure • Celebrity Deaths • Fake Offers & Gifts • Browser Plugin Scams • Fake Profile Creeper • Blog Spam Attack Page 27
  • 28. Search Engine Poisoning 2013 saw an increase in malware infections as a result of SEP. • Hackers crawling current news headlines, creating related malicious sites and conducting SEP • Google Images – links to source photo • Using web analytics to determine what people are searching for Page 28
  • 29. Top Social Engineering Lures Page 29
  • 30. SPAM 2013 SPAM Results • Spam is at 69% of all global email • Phishing attacks are 1 in every 414 emails • Email that contained a virus were 1 in every 291 • Top Industries Attacked: Manufacturing, Financial, Services, Government, Energy • Top Recipients Attacked: R&D, Sales, C-Suite, Shared Mailbox Page 30
  • 31. Phishing • 639 Unique Brands were target by Phishing in Q2’13 Page 31
  • 33. Emerging Threats • Mobile Internet will continue to increase as it eventually takes the place of desktop Internet. • The illegal drug organizations are looking to Cyber Crime to facilitate their business and expand their operations. Your organization could be infiltrated by an insider, socially engineered for identities and social profiles, and Crypto-Locker from ransomeware. potentially held hostage with Russia is • one of the current Threats increase Localized Nation State attacks on U.S. Page 33
  • 34. Emerging Threats Terrorists are expected to continue to expand their technical capabilities which may lead to an increase in cyber crime and cyber terrorism. • Domestic groups funded by foreign States to conduct US-based attacks • Cyber crime as a funding vehicle for Terrorism • Cyber as a facilitator / component for a Terrorist attack (Effects-Based Operations) Page 34
  • 35. Emerging Threats • Malware embedded at the hardware / chip level of consumer products will continue to increase. • Targeted Attacks and APT will continue to increase in number and sophistication. • Sophistication from APT attacks will trickle down to black market malware toolkits. • Mobile Phone attacks will increase in volume and type • Insider Threat will continue to grow as new technology is introduced, especially non-company devices • Thwarting attacks will require multi-stage defenses Page 35
  • 36. Emerging Threats • Attackers are increasingly using outsourced service providers (HR, Procurement, IT, Finance, etc.) as a means to gain access to their victims. • Attackers are using comprehensive reconnaissance (network, physical, social) to help navigate victims’ organization and networks more effectively (e.g. network infrastructure, system administration guides, etc.) • The use of “Black Hats for Hire” will grow to support the organizational foot soldiers of Nation State actors. Ic3Br3ak3r223:“im not an Anon just to be clear on that, im an independent for black market…: im a destroyer i dont build anything i only take it apart…I get payed or they pay again and again” (Hacked: MIT, Harvard, CIA Web Pages, Israeli Military Emails, Pentagon Emails and Axis Security camera around the world. ) Page 36
  • 37. Emerging Threats Network Attacks Web Sites Cloud Provider / Vendor NETWORK Company Data DMZ Social Engineering Phone Calls INTERNAL NETWORK Mobile Device / Media CORE SYSTEMS APT Internet Use Physical Security Breach Wireless Home Networks Malware Internet WORMS Virus PERIMETER Emails Social Engineering Social Networking Remote Users Network Attacks Physical Breach Wireless Malware Networks Phishing Insiders Worms Virus Malware Page 37
  • 38. Emerging Threats • Growth of the Dark Web / Tor Network – Law Enforcement has little understanding of these “off the web” networks, how to access them, and the types of activities being conducted there, including: • • • • • CrimeWare Child Pornography Trafficking of Drugs, Weapons, Humans Child Exploitation Sex Tourism – Without LE involvement and understanding in these networks, criminal activity will grow and evolve, and outpace legislative and procedural response to these crimes. Page 38
  • 39. Emerging Threats • Sophistication of “Call-Home” tactics of Malware will continue to grow, including the use of Twitter, DNS, VoIP, and other open communication channels for command and control. • Recent and emerging Ransomeware and Crimeware receive updates / patches and can be armed with various modules. • Your Social Media Identity is or soon will be valued greater than your Credit Cards. Page 39
  • 40. Best Practice Guidelines User Education and Awareness and Education and Awareness Containment is the new Prevention….Compromise is inevitable Monitoring Network, Vulnerabilities, and Brand Anti-Virus, Anti-Malware, Device Control Encryption (Would have helped Target) Data Loss Prevention & Monitoring Removable Media Policy Mobile Device Policy Frequent Risk-Based Security Assessments and Updates Aggressive Patching and Software Polling Incident Response Procedures Page 40 Social Media / Social Networking Policy
  • 41. References Global mobile statistics 2013, mobithinking.com 2013 Mandiant Report – February 2013 Securelist 2013 Hackmageddon 2013 Government Technology 2013 Kaspersky Labs report on Red October 2013 Symantec Intelligence Reports 2013 Bit9 Cyber Security Report 2012 Georgia Tech - Emerging Cyber Threats Report 2012 WebSense Threat Report 2012 TrendLabs – Security in the Age of Mobility 2012 LookOut Mobile Security Report 2012 Breakthrough Silicon Scanning Discovers Backdoor, University of Cambridge 2012 Tiger Trap, David Wise, 2012 TrendMicro, Peter the Great versus Sun Tzu, 2012 Page 41
  • 42. Questions / Contact Info Questions? Mike Saylor | Cyber Defense Labs Msaylor@CyberDefenseLabs.org 972-454-0227 Terry Quan | Cyber Defense Labs TQuan@CyberDefenseLabs.org 214-563-5235 Page 42