This document discusses various topics related to cyber security including networking protocols, mindsets for security, quotes from military strategists, examples of cyber attacks and their costs, and sophisticated malware. It provides perspectives on the challenges of cyber defense and emphasizes the need for collaboration and new approaches to counter the advantages that attackers possess.
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Ā
Prof Peter Cochrane on Security
1. Prof Peter Cochrane OBE
p e t e r c o c h r a n e . c o m
Security
CYBER
P N
V P N
L A N
W i F i
P S T N
W L A N
3 , 4 , 5 G
I P
S I P
TC P
U D P
RT P
D N S
D H C P
2. M I N D S E T S
A d i f f e re n t p e r s p e c t i ve
https://
www.y
outube.
com/
watch?
v=X7rh
ovBK_e
A
Audio Book
https://www.youtube.com/watch?v=X7rhovBK_eA
Written 5th C BC
Most important points:
Information matters and an educated guess is
better than a gut decision
Generals should be adept at the "military calculus"
of accounting for anything and everything that
could affect the outcome of a battle
3. M I N D S E T S
P r o v o c a t i v e s t i m u l a t i o n
More Quotes by famous generals and philosophers
https://bit.ly/2VVJ6Hm
More Quotes by Sun Tzu
https://bit.ly/2VVJ6Hm
BEST Quotes by Sun Tzu
https://bookroo.com/quotes/the-art-of-war
āThe supreme art of war is to subdue the enemy
without ļ¬ghtingā
āTo know your enemy you must become your
enemyā
4. 1) There is always a threat
2) It is always in a direction youāre not looking
3) Perceived risk/threat never equals reality
4) Nothing is 100% secure
5) People are always the primary risk
6) Resources are deployed inversely proportional to actual risk
7) You need two security groups - defenders and attackers
8) Security & operational requirements are mutually exclusive
9) Legislation is always > X years behind
Security Laws
I m m u t a b l e S i n c e 1 9 9 0
5. Security Laws
I m m u t a b l e S i n c e 1 9 9 0
10) Security standards are an oxymoron
11) Security people are never their own customer
12) Cracking systems is far more fun than defending them
13) Hackers are smarter than you - they are younger!
14)Hackers are not the biggest threat - governments are!
15) As life becomes faster it becomes less secure
16) Connectivity and data half lives are getting shorter too
17) We are most at risk during a time of transition
18) The weakest link generally deļ¬nes the outcome
6. RESUME
R e a l i t y 2 0 2 0
Attacks are escalating
The Dark Side is winning
There are no silver bullets
People are the biggest risk
The attack surface is increasing
Attacker rewards are on the up
All our security tools are reactive
Cyber disruption costs are growing
Companies do not collaborate/share
Attackers operate an open market
More of the same but better
& faster will not change the
gameā¦
ā¦we have to think anew - to get
out of the box and do something
very different !
7. Infrastructures
Web Resources
PoS + ATMs
Peripherals
Users
IoT
Mobiles
Pcs Tablet
Wearables
Targets
Transport
IT
Retail
CryptoĀ£Ā£
Telecom
++++
c y b e r At ta c k 1
A c o n n e c t e d / n e t wo r ke d s p e c t r u m
Malware
False ID
Social
Engineering
Hacking
Web Probes
DDoS
Software
Adulteration
Finance
Gov
Health
Care
Education
Industry
Commerce
Services
Hospitality
VictimsTools
8. Malicious Code
inserted into visitor
browsers
Gains Access
to sensitive
data
cyber Attack 2
S y s t e m W i d e O p p o r t u n i t y Po i n t s
9. VOIP net: security 1
P N V P N L o c a l n a t i o n a l & i n t e r n a t i o n a l
VPN
PN
VPN
PN
Dedicated
Fibre
VPN
PN
Dedicated
Fibre
VPN
PN
VOIP Network Service
Reseller
with direct routing
10. VOIP net: security 1
P N V P N L o c a l n a t i o n a l & i n t e r n a t i o n a l
VPN
PN
VPN
PN
Dedicated
Fibre
VPN
PN
Dedicated
Fibre
VPN
PN
VOIP Network Service
Reseller
with direct routing
Inherently
Insecure
Wired
&
Wireless
11. VOIP net: security 1
P N V P N L o c a l n a t i o n a l & i n t e r n a t i o n a l
VPN
PN
VPN
PN
Dedicated
Fibre
VPN
PN
Dedicated
Fibre
VPN
PN
VOIP Network Service
Reseller
with direct routing
Inherently
Insecure
Wired
&
Wireless
Inherently
Secure
Fibre
PN/VPN
Strong
Encryption
Hidden
VPN &
Routings
12. VOIP NET: Security 2
L i m i t t h e t o t a l o f c o n c a t e n a t e d h o p s
Country
Gateway
Regional
Gateway
Regional
Gateway
DedicatedFibre orWavelengths
Dedicated
Fibre or
Wavelengths
VPN
PN
Total end-to-end nodes
to number < 10
Total end-to-end path
delay to be <150 ms
All Optical Fibre Net Almost
Impossible to Penetrate but
not entirely so!
13. VOIP NET: Security 2
L i m i t t h e t o t a l o f c o n c a t e n a t e d h o p s
Country
Gateway
Regional
Gateway
Regional
Gateway
DedicatedFibre orWavelengths
Dedicated
Fibre or
Wavelengths
VPN
PN
Total end-to-end nodes
to number < 10
Total end-to-end path
delay to be <150 ms
All Optical Fibre Net Almost
Impossible to Penetrate but
not entirely so!
All Gateways
Highly Secure
Facilities
14. VOIP NET: Security 2
L i m i t t h e t o t a l o f c o n c a t e n a t e d h o p s
Country
Gateway
Regional
Gateway
Regional
Gateway
DedicatedFibre orWavelengths
Dedicated
Fibre or
Wavelengths
VPN
PN
Total end-to-end nodes
to number < 10
Total end-to-end path
delay to be <150 ms
All Optical Fibre Net Almost
Impossible to Penetrate but
not entirely so!
All Gateways
Highly Secure
Facilities
All Precise Routings and
Gateway Locations are
not generally available
15. VOIP NET: Security 2
L i m i t t h e t o t a l o f c o n c a t e n a t e d h o p s
Country
Gateway
Regional
Gateway
Regional
Gateway
DedicatedFibre orWavelengths
Dedicated
Fibre or
Wavelengths
VPN
PN
Total end-to-end nodes
to number < 10
Total end-to-end path
delay to be <150 ms
All Optical Fibre Net Almost
Impossible to Penetrate but
not entirely so!
All Gateways
Highly Secure
Facilities
All Precise Routings and
Gateway Locations are
not generally available
N
o
n
O
b
v
io
u
s
g
a
t
ew
a
y
g
h
o
s
t
in
g
/d
u
p
lic
a
t
io
n
P
lu
s
s
p
lit
fib
r
e
c
a
b
le
feed
s
c
a
n
b
e
u
s
ed
t
o
in
c
r
ea
s
e
s
ec
u
r
it
y
Ex
t
en
s
iv
e
u
s
e
o
f
en
c
r
y
p
t
io
n
12
8
a
n
d
2
5
6
k
ey
p
lu
s
p
u
b
lic
k
ey
fo
r
c
o
n
t
r
o
l
a
n
d
s
ig
n
a
llin
g
16. Segue: Demo
P u b l i c K e y M a d e O b v i o u s
For More
GOTO: https://bit.ly/39Ey6kY
17. B S A L E R T
L E O s C a n D o i t A l l !
A single hop āLow Earth Orbit Satelliteā link
introduces 50 - 100ms delayā¦
18. B S A L E R T
L E O s C a n D o i t A l l !
A single hop āLow Earth Orbit Satelliteā link
introduces 50 - 100ms delayā¦
A
ll
satellite
system
s
are
in
heren
tly
in
secure
on
every
level
an
d
very
easy
to
attack/disable
N
ot
credible
as
A
platform
for
an
y
form
of
traffic
that
dem
an
ds
security
an
d
resilien
ce
19. p A E S A D O X 1
Ta r g e t h a s m o r e A c e s !
Cunning
Creative
Proactive
Inventive
Motivated
Unbounded
Unconstrained
Outside the Law
No Moral Boundary
A Virtualised āEnterpriseā
Well Funded R&D
Global Sharing Culture
Skills & Expertise Market
Tools, Tech & Info Trading
Fast to Exploit Opportunities
IT
IS
extrem
ely
rare
for
attackers
To
be
presented
w
ith
such
Exponentially
rich
and
grow
ing
targets
The Dark Side of the Force is Winning
20. p a r A D O X 2
Wa r G a m e s a n d D e f e n c e
āThe military play all day and occasionally go to warā
āWe are ay war every day and never playā
21. pA r A D O X 3
N o re t a l i a t o r y d e f e n c e
22. pA r A D O X 3
N o re t a l i a t o r y d e f e n c e
BY
and
large
w
e
know
w
ho
the
attackers
are
and
w
here
they
reside
but
opt
to
do
nothing
the
enem
y
have
sim
ply
adopted
our
technologies
and
used
them
as
w
eapons
against
us
24. T o S u r v i v e
We n e e d t o b e c o m e u n i t e d
āFailure the greatest teacher isā
25. T o S u r v i v e
We n e e d t o b e c o m e u n i t e d
Well Funded R&D
Global Sharing Culture
Tools, Tech & Info Sharing
Proactive Defence Strategies
Skills & Expertise Cooperation
Fast to Respond to/Report Threats
Cooperative Creativity
Engage in Workable Legislation
Help Formulate Law Frameworks
Virtualised Every Aspect of Cyber Defence
Formulate a Rapid Attack/Punitive Responses
āThe Art of War
read you mustā
26. C Y B E R C R I M E
A b r i d g e d h i s t o r y a n d c o s t
Banking Malware
Crypto-Currency Attacks
Bitcoin Wallet Stealer
Device & Account Hijacking
RansomeWare
EPoS Attack
Fake News
Propaganda
Social Engineering
DoS, DDoS
Infected eMail
RansomeWare
Identity Theft
DNS Attack
BotNets
Site Sabotage
SQL Attack
Spam
Identity Theft
Phishing
Trojan
Worms
Virus
1997
2004
2007
Estimated
>>1000 Bn
Attacks
Total
> $2000 Bn
Cost of
global
cyber
crime
Today
2013
Almost all attacks/attack-types can be traced back to
the exploiting of individuals who have volunteered
vital info by falling victim to scams, spams/trickery,
bribery, corruption, blackmail, honeypotsā¦
Social engineering is one of the most powerful tools to be
widely exploited by the āDark Sideā - and the approach
can span to dumb and very obvious to the highly
sophisticated and hard to detect
27. C Y B E R C R I M E
A b r i d g e d h i s t o r y a n d c o s t
Banking Malware
Crypto-Currency Attacks
Bitcoin Wallet Stealer
Device & Account Hijacking
RansomeWare
EPoS Attack
Fake News
Propaganda
Social Engineering
DoS, DDoS
Infected eMail
RansomeWare
Identity Theft
DNS Attack
BotNets
Site Sabotage
SQL Attack
Spam
Identity Theft
Phishing
Trojan
Worms
Virus
1997
2004
2007
Estimated
>>1000 Bn
Attacks
Total
> $2000 Bn
Cost of
global
cyber
crime
Today
2013
Almost all attacks/attack-types can be traced back to
the exploiting of individuals who have volunteered
vital info by falling victim to scams, spams/trickery,
bribery, corruption, blackmail, honeypotsā¦
Social engineering is one of the most powerful tools to be
widely exploited by the āDark Sideā - and the approach
can span to dumb and very obvious to the highly
sophisticated and hard to detect
W
a
tch
som
e
crim
e
hEist
spy
m
ov
ies
rea
d
detectiv
e
n
ov
els
k
eep
up
w
ith
security
dev
elopm
en
ts
To
get
a
grip
on
deception
rea
d
on
m
a
gic
a
n
d
m
a
gicia
n
s
w
a
tch
som
e
rela
ted
m
ov
ies
28. S e g u e : S t u x n e t
S o p h i s t i c a t e d I n t e l l i g e n t M a l w a r e
Ta r g e t e d S p e c i f i c I n d u s t r i a l C o n t r o l l e r
O n l y i n t e r e s t e d i n M S O S
H u n t e r K i l l e r S p e c i e s
2 0 1 0
A t t a c k
N e v e r
A t t r i b u t e d
C I A - M a s s a d
P r i m a r y S u s p e c t s
G e n e r a l S p e c i e s
f o r S a l e o n D a r k W e b
S e g u e : S t u x n e t
S o p h i s t i c a t e d I n t e l l i g e n t M a l w a r e
Ta r g e t e d S p e c i f i c I n d u s t r i a l C o n t r o l l e r
O n l y i n t e r e s t e d i n M S O S
H u n t e r K i l l e r S p e c i e s
2 0 1 0
A t t a c k
N e v e r
A t t r i b u t e d
C I A - M o s s a d
P r i m a r y S u s p e c t s
G e n e r a l S p e c i e s
f o r S a l e o n D a r k W e b
29. c y b e r a t t a c k
P r i m a r y M o t i v a t i o n s J a n 2 0 1 9
https://www.helpnetsecurity.com/2017/01/11/ransom-motivation-behind-cyber-attacks/
Prime Motivation
Making $$$$
30. c y b e r a t t a c k
P r i m a r y M o t i v a t i o n s J a n 2 0 1 9
https://www.helpnetsecurity.com/2017/01/11/ransom-motivation-behind-cyber-attacks/
Prime Motivation
Making $$$$
Prime Motivation
Trade Secrets
Military
Security
31. c y b e r a t t a c k
P r i m a r y M o t i v a t i o n s J a n 2 0 1 9
https://www.helpnetsecurity.com/2017/01/11/ransom-motivation-behind-cyber-attacks/
Prime Motivation
Making $$$$
Prime Motivation
Trade Secrets
Military
Security
Prime Motivation
Political, Commercial
and Social Change
32. c y b e r a t t a c k
P r i m a r y M o t i v a t i o n s J a n 2 0 1 9
https://www.helpnetsecurity.com/2017/01/11/ransom-motivation-behind-cyber-attacks/
Prime Motivation
Making $$$$
Prime Motivation
Trade Secrets
Military
Security
Prime Motivation
Political, Commercial
and Social Change
Prime Motivation
Domination and
TakeOver
35. M y F o r e c a s t
T h e n u m b e r O n e f o r 2 0 2 0
A target rich opportunity:
ā¢ A wealthy technophobic organisation and customers
ā¢ Processes, protocols and methodologies well known
ā¢ Millions of people involved with dispersed ofļ¬ces
ā¢ Multiple points of access PSTN, VOIP, Network+
ā¢ Staff trained to help customers BIG and small
++++
ā¢ Many possible attack modes: Phishing, Whaling,
Malware, Man-in-the-Middle, Insider, Contractor,
bribery, corruption, coercion
36. C Y B E R At ta c k e r s
R a p i d l y c h a n g i n g p r o f i l e s / p u r p o s e s
Fun
Fame
Notoriety
Vandalism
Limited Skills
Limited Resources
Tend to be Sporadic
Rogue States
Criminals
Hacker Groups
Hacktivist
Amateurs
Money
Sharing
Organic
Dispersed
Unbounded
Huge Effort
Progressive
Cooperatives
Self Organising
Vast Resources
Massive Market
Aggregated Skills
Semi-Professional
Substantial Networks
Skilled
Political
Idealists
Emotional
Relentless
Dedicated
Cause Driven
Vast Networks
Varied Missions
Targeted Attacks
Evolving Community
Drugs
Fraud
Global
Extreme
Extortion
Business
Unbounded
Professional
Well Managed
Well Organised
Ahead of the Curve
Orchestrated Eļ¬ort
Extremely Proļ¬table
Syndicated Resources
Massive Attack Surface
Vast up-to-date Abilities
Covert
Money
WarFare
Inļ¬uence
Pervasive
Disruption
Espionage
Professional
Sophisticated
Well Organised
Extreme Creativity
Orchestrated Eļ¬ort
Political Inļ¬uencers
~Unlimited Resources
Tech/Thought Leaders
Regime Destabilisation
Population Manipulation
Military and Civil Domains
Almost all attacks/attack-types can be
traced back to human fallibility and
ambition exploitation
37. C Y B E R At ta c k e r s
R a p i d l y c h a n g i n g p r o f i l e s / p u r p o s e s
Fun
Fame
Notoriety
Vandalism
Limited Skills
Limited Resources
Tend to be Sporadic
Rogue States
Criminals
Hacker Groups
Hacktivist
Amateurs
Money
Sharing
Organic
Dispersed
Unbounded
Huge Effort
Progressive
Cooperatives
Self Organising
Vast Resources
Massive Market
Aggregated Skills
Semi-Professional
Substantial Networks
Skilled
Political
Idealists
Emotional
Relentless
Dedicated
Cause Driven
Vast Networks
Varied Missions
Targeted Attacks
Evolving Community
Drugs
Fraud
Global
Extreme
Extortion
Business
Unbounded
Professional
Well Managed
Well Organised
Ahead of the Curve
Orchestrated Eļ¬ort
Extremely Proļ¬table
Syndicated Resources
Massive Attack Surface
Vast up-to-date Abilities
Covert
Money
WarFare
Inļ¬uence
Pervasive
Disruption
Espionage
Professional
Sophisticated
Well Organised
Extreme Creativity
Orchestrated Eļ¬ort
Political Inļ¬uencers
~Unlimited Resources
Tech/Thought Leaders
Regime Destabilisation
Population Manipulation
Military and Civil Domains
Almost all attacks/attack-types can be
traced back to human fallibility and
ambition exploitation
Short
Game
Low
Gain
Medium
Game
Medium
Gain
Long
Game
Massive
Gain
38. C Y B E R At ta c k e r s
R a p i d l y c h a n g i n g p r o f i l e s / p u r p o s e s
Fun
Fame
Notoriety
Vandalism
Limited Skills
Limited Resources
Tend to be Sporadic
Rogue States
Criminals
Hacker Groups
Hacktivist
Amateurs
Money
Sharing
Organic
Dispersed
Unbounded
Huge Effort
Progressive
Cooperatives
Self Organising
Vast Resources
Massive Market
Aggregated Skills
Semi-Professional
Substantial Networks
Skilled
Political
Idealists
Emotional
Relentless
Dedicated
Cause Driven
Vast Networks
Varied Missions
Targeted Attacks
Evolving Community
Drugs
Fraud
Global
Extreme
Extortion
Business
Unbounded
Professional
Well Managed
Well Organised
Ahead of the Curve
Orchestrated Eļ¬ort
Extremely Proļ¬table
Syndicated Resources
Massive Attack Surface
Vast up-to-date Abilities
Covert
Money
WarFare
Inļ¬uence
Pervasive
Disruption
Espionage
Professional
Sophisticated
Well Organised
Extreme Creativity
Orchestrated Eļ¬ort
Political Inļ¬uencers
~Unlimited Resources
Tech/Thought Leaders
Regime Destabilisation
Population Manipulation
Military and Civil Domains
Almost all attacks/attack-types can be
traced back to human fallibility and
ambition exploitation
Short
Game
Low
Gain
Medium
Game
Medium
Gain
Long
Game
Massive
Gain
Sophistication
Investment
Complexity
ROI
39. S tat u s Q u o
C y b e r C r i m e E c o n o m y
E A S Y E N T R Y 1
M o s t l y v e r y p o o r p r o t e c t i o n
B e h i n d t h e
F i r e W a l l
i n o n e
s m a l l
s t e p
N o P a s s w o rd s
E a s y P a s s w o r d s
F a c t o r y D e f a u l t
40. E A S Y E N T R Y 2
M o s t l y v e r y p o o r p r o t e c t i o n
41. E A S Y M o n e y
L o w c o s t h u m a n / ro b o t a t t a c k s
42. P h i s h i n g
E x p o n e n t i a l G r o w t h
Criminals are in a race against security teams
looking to shut them down
Security teams report phishing URLs
regularly, but some criminals use web hosts/
domains that ignore reports
Most kits have a short life, and the phishing
window is growing smaller
H i g h l y s u c c e s s f u l / p r o f i t a b l e ;
a n d v e r y e a s y t o a u t o m a t e f o r
T X T a n d s p e e c h
43. P h i s h i n g
E x p o n e n t i a l G r o w t h
o f S p e c i e s s e e s a ra p i d
S h o r t e n i n g L i f e t i m e s
Days to Deactivation
Cumulative%ofKitsDeactivated
25%
50%
75%
100% Cumulative % of kits deactivated
0 40 80 120 160 200
44. P h i s h i n g
E x p o n e n t i a l I n n o v a t i o n
Akamai
45. S E G U E
P h i s h i n g D e m o
Access through the exploitation of
a kind IT Support Desk Operator
46. D E F E N CE I N D U S T R Y
W h e n a c u s t o m e r b e c o m e s a n e n e m y
Kill Switch
Disable Signal
Destruct Command
Assume Control Portal
Information/Data Gathering
47. O F F T H E R EC O R D
A l m o s t n o t h i n g i s a s i t a p p e a r s
48. security
P N V P N C l o u d / s
VPN
PN
VPN
PN
Dedicated
Fibre
VPN
PN
Dedicated
Fibre
VPN
PN
VOIP Network Service
Reseller
with direct routing
What is actually
in this Cloud?
49. security
P N V P N C l o u d / s
VPN
PN
VPN
PN
Dedicated
Fibre
VPN
PN
Dedicated
Fibre
VPN
PN
VOIP Network Service
Reseller
with direct routing
Inherently
Insecure
Wired
&
Wireless
What is actually
in this Cloud?
50. security
P N V P N C l o u d / s
VPN
PN
VPN
PN
Dedicated
Fibre
VPN
PN
Dedicated
Fibre
VPN
PN
VOIP Network Service
Reseller
with direct routing
Inherently
Insecure
Wired
&
Wireless
Inherently
Secure
Fibre
PN/VPN
Strong
Encryption
Hidden
VPN &
Routings
What is actually
in this Cloud?
51. p a r t i a l v i e w 1
C o m p a n i e s d o n ā t d i v u l g e d e t a i l What is actually
in this Cloud?
52. p a r t i a l v i e w 1
C o m p a n i e s d o n ā t d i v u l g e d e t a i l What is actually
in this Cloud?
It
is
a
v
ita
l
s
ec
r
et
a
s
to
th
e
d
eta
iled
d
es
ig
n
/en
g
in
eer
in
g
a
d
o
p
ted
A
n
d
th
e
en
em
y
m
u
s
t
n
o
t
k
n
o
w
th
is
53. p a r t i a l v i e w 2
C o m p a n i e s d o n ā t d i v u l g e d e t a i l
How is the
Network
Conļ¬gured?
54. p a r t i a l v i e w 2
C o m p a n i e s d o n ā t d i v u l g e d e t a i l
How is the
Network
Conļ¬gured?
It
is
a
v
ita
l
s
ec
r
et
a
s
to
th
e
d
eta
iled
d
es
ig
n
/en
g
in
eer
in
g
a
d
o
p
ted
A
n
d
th
e
en
em
y
m
u
s
t
n
o
t
k
n
o
w
th
is
55. ~ 5 1 % S I P L a y e r
R o u t i n e l y Te s t Yo u r N e t
E n c r y p t E v e r y t h i n g
H a r d e n P a s s w o r d s
U s e a P N o r V P N
Tr a i n U s e r s
+ + + + ? ? ? ?
~ 4 9 % S h a r e d K i t
U s e N e t S p o o f i n g
A d o p t P a t h D i v e r s i t y
E n c r y p t A t A l l L e v e l s
Engage Pre-Cursor Detection
Continually Monitor The Network
+ + + + ? ? ? ?
V O I P A T T A C K S
DDoS + Access via Shared Layers & kit
56. S o m e G u e s s e s
W h a t w o u l d w e d o a s d e s i g n e r s ?
57. S o m e G u e s s e s
W h a t w o u l d w e d o a s d e s i g n e r s ?
In
h
er
en
tly
s
ec
u
r
e
in
th
e
ex
tr
em
e
iff
d
es
ig
n
ed
w
ell
a
n
d
d
eta
il
is
k
ep
t
s
ec
r
et
58. Cable 3
1 D i v e r s i t y
M u l t - C a b l e s P a t h s
61. Cable 8
Cable 6
Cable 3
1 D i v e r s i t y
M u l t - C a b l e s P a t h s
A
d
d
s
r
es
ilien
c
e
to
a
w
h
o
les
a
ler
n
etw
o
r
k
a
n
d
is
a
v
er
y
effec
tiv
e
d
efen
c
e
a
g
a
in
s
t
D
D
O
S
A
tta
c
k
s
62. Cable 8
Cable 6
Cable 3
2 A d d r e ss i n g
M u l t - C a b l e s P a t h s Radically Different
For Each Layer
Password Format
Different by Layer
63. Cable 8
Cable 6
Cable 3
2 A d d r e ss i n g
M u l t - C a b l e s P a t h s Radically Different
For Each Layer
Password Format
Different by Layer
A
d
d
s
r
es
ilien
c
e
A
n
d
A
N
ex
tr
a
la
y
er
o
f
s
ec
u
r
ity
fo
r
a
tta
c
k
er
s
if
th
ey
g
et
th
is
d
eep
64. Cable 8
Cable 6
Cable 3
Appears to be/mimics real thing, but sees the
Dark Side fighting infrastructure to nowhere!
3 S p o o f i n g
G h o s t C a b l e s P a t h s
65. Cable 8
Cable 6
Cable 3
d
ilu
tes
th
e
effo
r
ts
a
n
d
r
es
o
u
r
c
es
o
f
th
e
d
a
r
k
s
id
e
a
n
d
Fr
u
s
tr
a
tes
th
eir
D
es
ig
n
s
to
G
a
in
a
c
c
es
s
Appears to be/mimics real thing, but sees the
Dark Side fighting infrastructure to nowhere!
3 S p o o f i n g
G h o s t C a b l e s P a t h s
66. Cable 3
4 H o p p i n g
D y n a m i c A d d r e s s i n g
Node Addresses Change by the second
to render them invisible to scanners
67. Cable 6
Cable 3
4 H o p p i n g
D y n a m i c A d d r e s s i n g
Node Addresses Change by the second
to render them invisible to scanners
68. Cable 8
Cable 6
Cable 3
4 H o p p i n g
D y n a m i c A d d r e s s i n g
Node Addresses Change by the second
to render them invisible to scanners
69. Cable 8
Cable 6
Cable 3
4 H o p p i n g
D y n a m i c A d d r e s s i n g
Node Addresses Change by the second
to render them invisible to scanners
A
s
o
f
th
e
c
r
ea
tio
n
o
f
th
is
p
r
es
en
ta
tio
n
n
o
k
n
o
w
n
a
tta
c
k
h
a
s
b
een
s
u
c
c
es
s
fu
l
a
g
a
in
s
t
th
is
d
efen
c
e
70. TH E BIG PICTUR E
O p t i c a l F i b r e C a b l e N e t S p i n e
71. EU - Nth America
O p t i c a l F i b r e C a b l e s 2 0 1 9
72. UK - N0rth America
1 2 O p t i c a l F i b r e C a b l e s 2 0 1 9
73. UK - N0rth America
1 2 O p t i c a l F i b r e C a b l e s 2 0 1 9
D i s p e r s e C a b l e s
a n d
L a n d i n g S i t e s
74. UK - N0rth America
1 2 O p t i c a l F i b r e C a b l e s 2 0 1 9
D i s p e r s e C a b l e s
a n d
L a n d i n g S i t e s
D i s p e r s e Tr a f f i c
a c r o s s
S e v e r a l C a b l e s
75. UK - N0rth America
1 2 O p t i c a l F i b r e C a b l e s 2 0 1 9
D i s p e r s e C a b l e s
a n d
L a n d i n g S i t e s
D i s p e r s e Tr a f f i c
a c r o s s
S e v e r a l C a b l e s
D i v e r s e E m e r g e n c y
r o u t i n g
V i a F r a n c e , S p a i n ,
S c a n d i n a v i a , o n a
m a j o r c a b l e f a i l
M a i n t a i n S e n s i b l e
F a i l u r e M a r g i n s
76. UK - N0rth America
1 2 O p t i c a l F i b r e C a b l e s 2 0 1 9
D i s p e r s e C a b l e s
a n d
L a n d i n g S i t e s
D i s p e r s e Tr a f f i c
a c r o s s
S e v e r a l C a b l e s
D i v e r s e E m e r g e n c y
r o u t i n g
V i a F r a n c e , S p a i n ,
S c a n d i n a v i a , o n a
m a j o r c a b l e f a i l
M a i n t a i n S e n s i b l e
F a i l u r e M a r g i n s
77. m a l w a r e
A āc o m m e rc i a l ā s a m p l e
Cerber ā Malicious email ļ¬le affecting system OS - steals userās info to extort money
RaaS ā (Ransomware-as-a-Service) Hackers make money by selling/using this product
Emotet ā Originally a banking Trojan, but evolved as a full-scale Bot threat.
Botnets ā Used for DDOS attacks, SPAM distribution, data stealing, self organising
Cryptomining Malware ā Distributed computing for cryptojacking - using your FLOPs
78. D D o S T y p e s
T h e m a i n a t t a c k c h a ra c t e r i s t i c s
Volumetric: Consumes network, service, link bandwidth to create congestion/paralysis
TCP State Exhaustion: Kills core routers, ļ¬rewalls & application servers - services unusable
Application Layer: Target websites, databases & app services. Perhaps the most sophisticated
/stealthy - very difļ¬cult to detect using common ļ¬ow-based monitoring
https://www.scss.tcd.ie/publications/theses/diss/2018/TCD-SCSS-DISSERTATION-2018-046.pdf
81. W H AT W E D E T E C T
P o s s i b l y j u s t t h e t i p o f a n i c e b e r g !
We need to start looking below the surface
of obviousness for the hidden sophistication
of the many stealth attacks that we suspect
are happening that we cannot see!
Ransomeware
Phishing
Crypto-WalletDoD/DDoS
SQLi // XSS
Man-in-The Middle
URL Spooļ¬ng
Cloaking
Malware
Covert Plant
Visitors
Insiders
Outsiders
Alongsiders
Customers
Contractors
WiFi
Tunnels
Implants
Malware
Networks
Diversions
Brute Force
Decoys
82. V i ta l M e a s u r e r s
M i n i m a l t o M a x i m a l S e c u r i t y
P h y s i c a l S e c u r i t y
S t r o n g P a s s w o r d s
F i r e W a l l , P N , V P N
M a l w a r e P r o t e c t i o n
S t r o n g E n c r y p t i o n
G e n e r a P u b l i c K e y
A u t h e n t i c a t i o n
C e r t i f i c a t i o n
( N F a c t o r, M P a t h )
P e n e t r a t i o n D e t e c t i o n
a t K e y I n t e r f a c e P o i n t s
B e h a v i o u r a l A n a l y s i s o f
N e t , M a c h i n e s , P e o p l e
M o n i t o r f o r a l l P r e - C u r s o r
E v e n t I n d i c a t o r s
C r e a t e / J o i n I n f o r m a t i o n
S h a r i n g N e t w o r k s a c r o s s
t h e i n d u s t r y
83. P h y s i c a l M e a s u r e r s
M i n i m a l t o M a x i m a l S e c u r i t y
84. P h y s i c a l M e a s u r e r s
M i n i m a l t o M a x i m a l S e c u r i t y
S e c u r e E n t r y S i t e & B u i l d i n g
D u p l i c a t e d /
T r i p l i c a t e d
P o w e r / F i b r e
B r e a k F r e e
P o w e r w i t h
B a t t e r i e s
G e n e r a t o r s
2 / 3 U t i l i t i e s
S u p p l y S i t e
5 0 k m f r o m
a n y A i r p o r t
85. F o c u s e d
M e a s u r e r s
T e c h n i c a l S e c u r i t y
86. F o c u s e d
M e a s u r e r s
T e c h n i c a l S e c u r i t y
A i r L o c k
S t r i p D o w n
A u t h o r i s e d
E n t r y O n l y
G e n e r a l
A c c e s s
O p e n
L i m i t e d
A c c e s s
Z o n e d
T i m e d
C a m e r a s
H e a t S e n s o r s
M o t i o n S e n s o r s
L o c a t i o n P r o x i m i t y S e n s o r s
I n v i s i b l e X - X L a s e r B e a m s
87. S e g u e
S t a g e L e f t
O f f T h e R e c o r d P l a y T i m e
I d o n o t r e c o m m e n d y o u t r y a n y
o f t h i s - i t i s a l l a p a r t o f m y
p e r s o n a l m i s s i o n t o m a k e t h e
w o r l d a s a f e r p l a c e
Not For
Public Release
88. V i ta l M e a s u r e r s
T h e m i n i m a l s e c u r i t y p r o t e c t i o n
failures
C o m m o n M o d e
O n e r o a d i n
a n d o u t i s n o t
a g o o d i d e a !
89. opportunities !
T h e D a r k S i d e E v e r y w h e r e
- A i r l i n e s e c u r i t y
- P u b l i c t a r g e t s
- C a r e l e s s t a l k
- D e v i c e t h e f t
- B r e a k i n g i n
- S o c i a l d a t a
+ + + +
91. C a r e l e s s
S h o u l d e r s u r f i n g !
I was working in London
and stopped for a coffee
break in Sohoā¦
92. U n t i d y
L i t t e r B u g : - )
Ā£24k in this account!
And then the fun started !
93. LOUD & RUDE
There is always a price to pay !
The group next to my colleague
had just chanced upon the perfect
name for their new company.
They revealed their new domain
name and more to everyone within
earshot!
94. A stack of papers
readable at a glance
EXHIBITIONISTS
Government employees bragging
ME
Three identical laptops
Three
Mobiles
all the
same
95. A stack of papers
readable at a glance
EXHIBITIONISTS
Government employees bragging
ME
Three identical laptops
Three
Mobiles
all the
same
In < 1hour they revealed:
All there names
Mobile numbers + eMail addresses
Unit Codes
Postal Drop
Building ļ¬oor and room
IT Support Number and log in
Who was at their meeting
Meeting agenda
Who said what
Decisions made
Project Code Name
Organisations involved
Objectives and progress
The name of a āSecret Projectā
Talked about in euphemisms
+++++
96. O p P o r t u n i s t
Pass cards are so easy to forge/steal
TRUTH ENGINES
An End Game Company
Dr Peter Cochrane
EU Concept Consultant
TRUTH ENGINES
An End Game Company
Peter Cochrane
Internal Aļ¬airs Advisor
VISITOR EMPLOYEE
97. Device theft
Or is their something more here
This is a high risk crime with a good
chance of getting caught in the act
or getting caught on camera..
Why would anyone do this for a few Ā£Ā£
an hour, or is there hidden value add
that we are not seeing?
https://www.youtube.com/watch?v=TWilMUpEMEk
https://www.youtube.com/watch?v=tSKXZnfOe60
98.
99. UP THE VALUE
100s of hack tutorials on-line
A naked mobile device is one price
A live mobile device with all the log-in
and personal data accessible is a much
better deal !
100. G O T O
R e s o u r c e s 4 U
petercochrane.com
Broadcom/Symantic Crowdstrike
Cisco, IBM
Akamai Varonis
Gartner, Aon, UKGov DDCMS. MimeCast
BitSight,TrendMicro, FCA Juniper, RAND, Kaspersky
101. Things that Think want to Link
and
Things that Link want to Think
F I N - Q & A ?
www.petercochrane.com