O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.

Eward Driehuis - What we learned from 20.000 attacks - Codemotion Amsterdam 2019

52 visualizações

Publicada em

Eward Driehuis, SecureLink's research chief, will guide you through the bumpy ride we call the cyber threat landscape. As the industry has over a decade of experience of dealing with increasingly sophisticated attacks, you might be surprised to hear more attacks slip through the cracks than ever. From analyzing 20.000 of them in 2018, backed by a quarter of a million security events and over ten trillion data points, Eward will outline why this happens, how attacks are changing, and why it doesn't matter how neatly or securely you code.

Publicada em: Tecnologia
  • Seja o primeiro a comentar

  • Seja a primeira pessoa a gostar disto

Eward Driehuis - What we learned from 20.000 attacks - Codemotion Amsterdam 2019

  1. 1. SAFELY ENABLING BUSINESS www.securelink.net 2 0 . 0 0 0 a t t a c k s b y p a s s i n g o u r d e f e n s e s a n d w h y s e c u r e c o d i n g i s n ’ t t h e a n s w e r E w a r d D r i e h u i s • @ e 3 h u i s • w w w . s e c u r e l i n k . n e t
  2. 2. SAFELY ENABLING BUSINESS www.securelink.net THIS STORY IS BASED ON TRUE DATA • 24 years in tech / software & security • 700+ SecureLinkers • 2100 customers in 2018 • 5 Cyber Defense Centers • Over 10 trillion signals 2019-05-192 RESEARCH
  3. 3. SAFELY ENABLING BUSINESS www.securelink.net32019-05-19 Once upon a time….
  4. 4. SAFELY ENABLING BUSINESS www.securelink.net42019-05-19 2006 - 2010 2013 2017 2019
  5. 5. SAFELY ENABLING BUSINESS www.securelink.net19/05/2019 A LOOK AT OUR NUMBERS 5 • Signal to incident process • Layered detection: malware wins • Many “strange events”
  6. 6. SAFELY ENABLING BUSINESS www.securelink.net19/05/2019 • Cybercriminals & spies using same methods: social engineering • Automated scanning: software & versions, password stuffing LET’S TALK INITIAL ATTACK VECTORS 6
  7. 7. Safely Enabling Business www.securelink.de19/05/2019 BIGGER IS MORE SECURE 7 ATTACK FACTOR per 100/employees 9.1 1.5 1.3
  8. 8. SAFELY ENABLING BUSINESS www.securelink.net19/05/2019 • Ransomware is hard work • Cryptojacking super easy • Cryptojacking surpassed ransomware • … For a while. It’s not as big as some say it is. THE YEAR CRYPTOJACKING TOOK OVER? 8 jan feb mrt apr mei jun jul aug sep okt nov dec CryptoJacking Ransomware
  9. 9. SAFELY ENABLING BUSINESS www.securelink.net9
  10. 10. SAFELY ENABLING BUSINESS www.securelink.net OPPORTUNITY FOR VETERAN CRIMINALS 2019-05-1910 Quietly enter network • Look for value • Steal or extort value Plan B • Destroy online back-ups • Ransom network • Extort enterprise ransom
  11. 11. SAFELY ENABLING BUSINESS www.securelink.net THE POWER OF BIG NUMBERS 11 BIG DATA RETAIL FRAUD CREDIT CARD THEFT RANSOMWARE & MINING BESPOKE ATTACKS RANSOM / EXTORTION ESPIONAGE
  12. 12. SAFELY ENABLING BUSINESS www.securelink.net THE CRIMINAL’S PERSPECTIVE 12
  13. 13. SAFELY ENABLING BUSINESS www.securelink.net19/05/2019 GEOPOLITICS THE AGE OF CYBER WARFARE 13 Showing destruction Filling budget gaps Gentleman spies
  14. 14. SAFELY ENABLING BUSINESS www.securelink.net2019-05-1914 TOTAL SYSTEM FAILURE
  15. 15. SAFELY ENABLING BUSINESS www.securelink.net19/05/2019 We still encounter “Wannacry” Sometimes for understandable reasons WE NEED TO EVOLVE, BUT… WE DON’T. Depressing CSIRT tales Single factor + cloud = guaranteed pwnage 15
  16. 16. SAFELY ENABLING BUSINESS www.securelink.net2019-05-19 • FORCED HUMAN ERROR – Social engineering • CONFIGURATION ERROR – Website / CMS hacking • BUDGET ERROR – Diginotar • 3RD PARTY ERROR – Supply chain attacks • ARCHITECTURAL ERROR – Wannacry • BUG REASONS WE GET PWNED 16
  17. 17. SAFELY ENABLING BUSINESS www.securelink.net2019-05-19 • OF COURSE SECURE CODING MATTERS! • But we can’t reverse time: IF SECURE CODING ISN’T THE ANSWER… WHAT IS? • Learn & do better • APPSEC is going to be the #1 concern in the future • In the mean time, plugging holes • The system is weak & full of errors • Most attacks are “system” attacks (people, process, tech) 17
  18. 18. Safely Enabling Business www.securelink.de ANNUAL SECURITY REPORT https://lp.securelink.net/asr 19/05/201918 SAFELY ENABLING BUSINESS

×